ID

VAR-202302-0482


CVE

CVE-2022-4304


TITLE

OpenSSL  side-channel vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2022-003736

DESCRIPTION

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. (CVE-2022-4304) A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. Under certain conditions. (CVE-2023-0286). OpenSSL Security Advisory [7th February 2023] ============================================= X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) ================================================================= Severity: High There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. OpenSSL versions 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only). This issue was reported on 11th January 2023 by David Benjamin (Google). The fix was developed by Hugo Landau. OpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only). An initial report of a possible timing side channel was made on 14th July 2020 by Hubert Kario (Red Hat). A refined report identifying a specific timing side channel was made on 15th July 2022 by Hubert Kario. The fix was developed by Dmitry Belyavsky (Red Hat) and Hubert Kario. X.509 Name Constraints Read Buffer Overflow (CVE-2022-4203) =========================================================== Severity: Moderate A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. This issue was reported to OpenSSL on 3rd November 2022 by Corey Bonnell from Digicert. The fix was developed by Viktor Dukhovni. Use-after-free following BIO_new_NDEF (CVE-2023-0215) ===================================================== Severity: Moderate The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected. OpenSSL 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only). This issue was reported on 29th November 2022 by Octavio Galland and Marcel Böhme (Max Planck Institute for Security and Privacy). The fix was developed by Viktor Dukhovni and Matt Caswell. Double free after calling PEM_read_bio_ex (CVE-2022-4450) ========================================================= Severity: Moderate The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue. OpenSSL 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t. OpenSSL 1.0.2 is not affected by this issue. This issue was discovered by CarpetFuzz and reported on 8th December 2022 by Dawei Wang. The fix was developed by Kurt Roeckx and Matt Caswell. Invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216) ================================================================== Severity: Moderate An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data. OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. This issue was reported on 27th December 2022 by Marc Schönefeld. The fix was developed by Tomas Mraz. NULL dereference validating DSA public key (CVE-2023-0217) ========================================================== Severity: Moderate An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3. OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. This issue was reported on 27th December 2022 by Kurt Roeckx. The fix was developed by Shane Lontis from Oracle. NULL dereference during PKCS7 data verification (CVE-2023-0401) =============================================================== Severity: Moderate A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data. OpenSSL versions 3.0.0 to 3.0.7 are vulnerable to this issue. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. This issue was reported on 13th January 2023 by Hubert Kario and Dmitry Belyavsky (Red Hat). The fix was developed by Tomas Mraz. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20230207.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/general/security-policy.html . ========================================================================== Ubuntu Security Notice USN-6564-1 January 03, 2024 nodejs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Node.js. Software Description: - nodejs: An open-source, cross-platform JavaScript runtime environment. Details: Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-4304) CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0215) David Benjamin discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0286) Hubert Kario and Dmitry Belyavsky discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0401) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libnode-dev 12.22.9~dfsg-1ubuntu3.3 libnode72 12.22.9~dfsg-1ubuntu3.3 nodejs 12.22.9~dfsg-1ubuntu3.3 In general, a standard system update will make all the necessary changes. JIRA issues fixed (https://issues.redhat.com/): OCPBUGS-10326 - Re-enable operator-install-single-namespace.spec.ts test OCPBUGS-11143 - [Azure] Replace master failed as new master did not add into lb backend OCPBUGS-11974 - User telemetry is broken (inaccurate) due to the fact that page titles are not unique. OCPBUGS-12206 - [4.13] Keep systemd journal using LZ4 compression (via new env var) OCPBUGS-12256 - ptp operator socket management need rework since a few test case fails due to cleaning up the file before other processes are terminated. OCPBUGS-12743 - [4.13] SNO cluster deployment failing due to authentication and console CO in degraded state OCPBUGS-12785 - [release-4.13] Enable/Disable plugin options are not shown on Operator details page OCPBUGS-13311 - Kubelet CA file not written by MCD firstboot OCPBUGS-13323 - [4.13] Bootimage bump tracker OCPBUGS-13642 - [release-4.13] OLM k8sResourcePrefix x-descriptor dropdown unexpectedly clears selections OCPBUGS-13747 - [4.13] cgroupv1 support for cpu balancing is broken for non-SNO nodes OCPBUGS-13752 - AdditionalTrustBundle is only included when doing mirroring OCPBUGS-13809 - OVN image pre-puller pod uses `imagePullPolicy: Always` and blocks upgrade when there is no registry OCPBUGS-13812 - [azure] Installer doesn't validate diskType on ASH which lead to install fails with unsupported disktype OCPBUGS-14030 - Invalid CA certificate bundle provided by service account token OCPBUGS-14166 - Make Serverless form is broken OCPBUGS-14189 - Route Checkbox getting checked even if it is unchecked during editing the Serverless Function form OCPBUGS-14251 - Add new console metrics to cluster-monitoring-operator telemetry configuration (4.13) OCPBUGS-14267 - [Openshift Pipelines] Metrics page is broken OCPBUGS-14310 - Could not import multiple resources via JSON (while YAML supports this) OCPBUGS-14318 - [release-4.13] gather podDisruptionBudget only from openshift namespaces OCPBUGS-14336 - [Openshift Pipelines] Link to Openshift Route from service is breaking because of hardcoded value of targetPort OCPBUGS-14426 - Failed to list Kepler CSV OCPBUGS-14459 - The MCD repeats a "State and Reason" log line even when nothing is happening OCPBUGS-14482 - Sync RHEL9 Dockerfiles to regular Dockerfiles OCPBUGS-14598 - Update Jenkins to use 4.13 images OCPBUGS-14773 - (release-4.13) gather "gateway-mode-config" config map from "openshift-network-operator" namespace OCPBUGS-14867 - When installing SNO with bootstrap in place it takes cluster-policy-controller 6 minutes to acquire the leader lease OCPBUGS-14916 - images: RHEL-8-based container image is broken OCPBUGS-14943 - visiting Configurations page returns error Cannot read properties of undefined (reading 'apiGroup') OCPBUGS-15031 - (release-4.13) Insights config not correctly deserialized OCPBUGS-15101 - IngressVIP getting attach to two nodes at once OCPBUGS-15130 - Helm Repository "Edit" button results in 404 OCPBUGS-15139 - The whereabouts-reconciler should not set an hard-coded node selector on the kubernetes.io/architecture label OCPBUGS-15161 - CPMS: Surface cpms vs machine diff OCPBUGS-15171 - CPO doesn't skip AWS resource deletion for 'Unknown' OIDC state OCPBUGS-15187 - images: RHEL-8 container image is missing `xz` OCPBUGS-15224 - [4.13] openvswitch user is not in the hugetblfs group OCPBUGS-15225 - while/after upgrading to OKD 4.11 2023-01-14 CoreDNS has a problem with UDP overflows OCPBUGS-15228 - Create helm release page doesn't show a YAML editor when schema isn't available (httpd-imagestreams chart) OCPBUGS-15230 - Allow installer to use existing Azure NSG during OpenShift IPI install OCPBUGS-15246 - Bump to kubernetes 1.26.6 OCPBUGS-15281 - Leftover IngressController Preventing Clean Uninstall OCPBUGS-15289 - GCP XPN Installs Require bindPrivateDNSZone Permission in host project OCPBUGS-15330 - CPMSO: fix linting issue comment in test OCPBUGS-15335 - PipelineRun failed with log 'Tasks Completed: 3 (Failed: 1, Cancelled 0), Skipped: 1.' OCPBUGS-15360 - Serverless functions UI warning is misleading OCPBUGS-15372 - [4.13z] Duplicate acls cause network policy failure for namespaces with long names (>61 chars) OCPBUGS-15376 - [4.13] Cleanup Tech debt: remove unused repo code OCPBUGS-15410 - [release-4.13] Add Git Repository (PAC) doesn't setup GitLab and Bitbucket configuration correct OCPBUGS-15434 - [GWAPI] [4.13.z] The DNS provider failed to ensure the record, invalid value for name (gcp) OCPBUGS-15457 - python-grpcio and python-protobuf are unneeded dependencies OCPBUGS-15463 - [release-4.13] Unable to set protectKernelDefaults from "true" to "false" in kubelet.conf [release-4.13] OCPBUGS-15465 - [CI Watcher] Testing uninstall of Business Automation Operator "attempts to uninstall the Operator and delete all Operand Instances, shows 'Error Deleting Operands' alert" OCPBUGS-15476 - Network Operator not setting its version and blocking upgrade completion OCPBUGS-15481 - [CI Watcher] Broken pipeline-plugin e2e tests: PipelineResource CRD isn't installed anymore OCPBUGS-15512 - HCP Service Loadbalancer uses default SecurityGroup OCPBUGS-15515 - CI fails on TestAWSELBConnectionIdleTimeout OCPBUGS-15557 - TUI stuck on agent installer network boot setup OCPBUGS-15580 - updated nmstate builds will not work for MCO OCPBUGS-15585 - [4.13] Cannot fix a misconfigured Egress Firewall OCPBUGS-15586 - [4.13] NetworkPolicy not working as expected when allowing inbound traffic from any namespace OCPBUGS-15589 - Dynamic conversion webhook clientConfig not retained as operator installs OCPBUGS-15591 - GCP bootstrap VM should allow SecureBoot setting on 4.13 clusters OCPBUGS-15606 - Can't use git lfs in BuildConfig git source with strategy Docker OCPBUGS-15608 - [release-4.13] Clean up old RHEL9 dockerfiles to reduce confusion OCPBUGS-15720 - Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions OCPBUGS-15721 - Helm Chart installation form hangs on create if JSON-schema contains unknown value format OCPBUGS-15722 - Helm Chart installation screen fails to render if JSON schema contains remote $refs OCPBUGS-15734 - [4.13] binary should be compiled on RHEL9 OCPBUGS-15736 - TuneD reverts node level profiles on termination OCPBUGS-15738 - tuned daemonset rprivate default mount propagation with `hostPath: path: /` volumeMount breaks CSI driver relying on multipath OCPBUGS-15746 - Alibaba clusters are TechPreview and should not be upgradeable OCPBUGS-15756 - [release-4.13] Bump Jenkins and Jenkins Agent Base image versions OCPBUGS-15777 - ironic-agent-image PRs permafailing due to udevadm command missing OCPBUGS-15782 - [OSD] There is no error message shown on node label edit modal OCPBUGS-15787 - Project admins cannot see 'Pipelines' section in 'import from git' from RHOCP4 web console OCPBUGS-15808 - [4.13.x] Downstream OLM PSA plug-in is disabled OCPBUGS-15848 - The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values. OCPBUGS-15892 - 9% of OKD tests failing on error: tag latest failed: Internal error occurred: registry.centos.org/dotnet/dotnet-31-centos7:latest: Get "https://registry.centos.org/v2/": dial tcp: lookup registry.centos.org on 172.30.0.10:53: no such host OCPBUGS-15962 - ovn-k8s-cni-overlay: /lib64/libc.so.6: version `GLIBC_2.34' not found on 4.12-to-4.13 OCPBUGS-15965 - Active Endpoint Connection blocks cluster uninstallation OCPBUGS-16084 - [4.13] OCP 4.14.0-ec.3 machine-api-controller pod crashing OCPBUGS-7762 - openshift-tests does not file Azure Disk zone topology 6. Bug Fix(es): * [4.12] must-gather doesn't collect ruletebles (BZ#2208641) * nft rules are not collected if the VMs are running in the node where must-gather is running (BZ#2214454) * [cnv-4.12] kubevirt should allow setting cluster-wide virt-launcher runtimeclass (BZ#2217913) * USB-redirection regression (BZ#2221222) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2027959 - [RFE] virt-launcher pod of Windows VM stuck in terminating state, no button in the UI to force power off 2182056 - Cloned VM should not use the same PVC of the source VM 2196027 - CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace 2208641 - [4.12] must-gather doesn't collect ruletebles 2209318 - [4.12.z] VM connected to a VLAN is also receiving packets from VLAN 1 2209848 - OpenShift Virtualization Overview page shows no metrics for "All Projects" 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 2214454 - nft rules are not collected if the VMs are running in the node where must-gather is running 2216447 - must-gather: Multiple empty files under vms/<vm-name> if the VM was live migrated 2216449 - must-gather is using unavailable brctl command 2217913 - [cnv-4.12] kubevirt should allow setting cluster-wide virt-launcher runtimeclass 2220843 - [4.12]Missing StorageProfile defaults for IBM and AWS EFS CSI provisioners 2221222 - USB-redirection regression 2222011 - [4.12]DataImportCron Garbage Collection can mistakenly delete latest PVC 5. Solution: For instructions on how to install and use OpenShift Serverless, see documentation linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly 2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 2178488 - CVE-2022-41725 golang: net/http, mime/multipart: denial of service from excessive resource consumption 2178492 - CVE-2022-41724 golang: crypto/tls: large handshake records may cause panics 2184481 - CVE-2023-24538 golang: html/template: backticks not treated as string delimiters 2184482 - CVE-2023-24536 golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 2184483 - CVE-2023-24534 golang: net/http, net/textproto: denial of service from excessive memory allocation 2184484 - CVE-2023-24537 golang: go/parser: Infinite loop in parsing 2185507 - Release of OpenShift Serverless Serving 1.29.0 2185509 - Release of OpenShift Serverless Eventing 1.29.0 5. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - noarch Red Hat Enterprise Linux CRB (v. 9) - aarch64, noarch, x86_64 3. Description: EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1960321 - CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation 1983086 - Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status) 2125336 - Please add edk2-aarch64 and edk2-tools to CRB in RHEL 9 2132951 - edk2: Sort traditional virtualization builds before Confidential Computing builds 2157656 - [edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares 2162307 - Broken GRUB output on a serial console 2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName 2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation 2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF 2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex 2168046 - [edk2] BIOS Release Date string is unexpected length 2174605 - [EDK2] disable dynamic mmio window 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm noarch: edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm Red Hat Enterprise Linux CRB (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Bugs fixed (https://bugzilla.redhat.com/): 1971033 - CVE-2021-20329 mongo-go-driver: specific cstrings input may not be properly validated 2126276 - CVE-2021-43138 async: Prototype Pollution in async 2126277 - CVE-2022-25858 terser: insecure use of regular expressions leads to ReDoS 2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process 5. JIRA issues fixed (https://issues.redhat.com/): OSSM-3596 - Port istio-cni fix for RHEL9 to maistra-2.2 OSSM-3720 - Port egress-gateway wrong network gateway endpoints fix in maistra-2.2 OSSM-3783 - operator can deadlock when istiod deployment fails [maistra-2.2] 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.13.4 bug fix and security update Advisory ID: RHSA-2023:3614-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:3614 Issue date: 2023-06-22 CVE Names: CVE-2022-4304 CVE-2022-4450 CVE-2022-41723 CVE-2023-0215 CVE-2023-0361 CVE-2023-24329 CVE-2023-24540 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.4. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2023:3612 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html Security Fix(es): * net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html You may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags. The sha values for the release are (For x86_64 architecture) The image digest is sha256:e3fb8ace9881ae5428ae7f0ac93a51e3daa71fa215b5299cd3209e134cadfc9c (For s390x architecture) The image digest is sha256:52f4c09586047c61465a24ceed2f5724024f5a5ef25da46e6078330f0dac08b2 (For ppc64le architecture) The image digest is sha256:24763eafbee5a36c699bff8f4103bcfcd8fec9ef0c7fe30c0ab5c208bdab7044 (For aarch64 architecture) The image digest is sha256:13b14f0514d24d241d40ebacac9f15f93acebc4a7849e4740df49e65e48af424 All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 5. JIRA issues fixed (https://issues.redhat.com/): OCPBUGS-11116 - [RHOCP 4.13] MetalLB operator should be able to run other than default service account OCPBUGS-11768 - [4.13] RHCOS misses udev rules for GCE PD NVMe disks OCPBUGS-11824 - MetalLB operator doesnt show up when disconnected env is selected in operator hub OCPBUGS-13374 - [4.13] Forced BMH reboot fails when image URL has changed OCPBUGS-14024 - Master stuck in a creating/deleting loop when drop vmsize field from the CPMS providerSpec OCPBUGS-14298 - Upgrade to OCP 4.13.0 stuck due to machine-config error 'failed to run- nmstatectl: exit status 1' OCPBUGS-14357 - [4.13] configure-ovs blocks ssh access to the node when unhealthy OCPBUGS-14410 - It must be possible to append a piece of FRR configuration to what MetalLB renders OCPBUGS-14436 - Metric for control plane upgrade time OCPBUGS-14490 - HostedClusterConfigOperator doesn't check OperatorHub object in the Hosted Cluster OCPBUGS-14571 - Check permission and accessibility of non-default SCs on vSphere platform for CSI OCPBUGS-14589 - container_network* metrics stop reporting after container restart OCPBUGS-14620 - KCM is not aware of the AWS Region ap-southeast-3 OCPBUGS-14635 - Maximum Number Of Egress IPs Supported OCPBUGS-14651 - disable debug pporf with unauthenticated port OCPBUGS-14672 - Should update with --include-local-oci-catalogs for --oci-registries-config options OCPBUGS-14801 - KCM is not aware of the AWS Region ap-southeast-3 OCPBUGS-14830 - MetalLB has a bad CSV for 4.13.3. Invalid service account OCPBUGS-14850 - Unable to do post-copy migration OCPBUGS-14860 - GCP XPN Private Cluster fails with no public zone OCPBUGS-14872 - Hypershift operator should honor 'hostedcluster.spec.configuration.ingress.loadBalancer.platform.aws.type' OCPBUGS-14895 - Do not fail creating cgroups OCPBUGS-14981 - place holder for log linking in 4.13.4 OCPBUGS-8681 - [GWAPI] the gateway pod and service are still there after deleting gateway resource 6. References: https://access.redhat.com/security/cve/CVE-2022-4304 https://access.redhat.com/security/cve/CVE-2022-4450 https://access.redhat.com/security/cve/CVE-2022-41723 https://access.redhat.com/security/cve/CVE-2023-0215 https://access.redhat.com/security/cve/CVE-2023-0361 https://access.redhat.com/security/cve/CVE-2023-24329 https://access.redhat.com/security/cve/CVE-2023-24540 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/11258 7. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZJVrjNzjgjWX9erEAQhIHhAAhCXJNMPx8UUsQ4Zff6rFht4F3T7JTNYA BXxVKEeeuD0lVGhCDoolyeEZpN3qePrNvBhbl0YjBCbz0114y3bqaKA9vljIkeRT 5bzmyTlViCiwCoTy82kadUIi9+YvXoI3LEWmWEeOeGZFSpwM2OMpflJ591FJIwFt 9szRX9TWkzF3DoGH/GOVv1h2oLHMNquBE3/5vhosLCZ5o65V7F+TWz8UbVsgfHPV imszrxicBgsrKsAhql1Owr4T5TXcwM0xRXDnaxnnipb3eecXjZDpPf/nIjgumEjw cyE2LPQ9wQZ5e5QGRi+FThWYDpN2hsc9s1ymAzYc1dU7N3veXtKOMOAXsl0e9ePL zH7SAnbWiqI3MzQSO1An28DSqN6vg3aSW8WW+z6ti7QJQRiHqb7JiO/Mb33OqbI7 Bb2zoPy7WIJlrQCda3HfwzZfrhj70qQjqIx3Dtjx/12ZzPtI9bo4eSNBeW6Xkw/E c0iwkO412zsWaqLbvue90lrb+fSA6hMVjv7YtG/b2tFbXEigk9kA9OAmkNBA/n76 l7Fd8GUX6sA0OUMOMCOhsrtfxz10BHopMMxEuFcQh3EZDMzsrVvNjqSr0Shxv4Xx wB4gh3SS5eWT6cKC8P29Ly0PTnpI0GJ74o3odFjbEV1lpqs6vynDtjW9SyUICPeE R6c9v/00vMo= =P9KS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.43

sources: NVD: CVE-2022-4304 // JVNDB: JVNDB-2022-003736 // VULMON: CVE-2022-4304 // PACKETSTORM: 170922 // PACKETSTORM: 176366 // PACKETSTORM: 173676 // PACKETSTORM: 173895 // PACKETSTORM: 172741 // PACKETSTORM: 172238 // PACKETSTORM: 172981 // PACKETSTORM: 173115

AFFECTED PRODUCTS

vendor:日立model:ucosminexus service platformscope: - version: -

Trust: 1.6

vendor:日立model:ucosminexus primary server basescope: - version: -

Trust: 1.6

vendor:日立model:ucosminexus application serverscope: - version: -

Trust: 1.6

vendor:stormshieldmodel:network securityscope:gteversion:4.4.0

Trust: 1.0

vendor:stormshieldmodel:network securityscope:gteversion:2.8.0

Trust: 1.0

vendor:stormshieldmodel:network securityscope:gteversion:4.0.0

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:3.0.8

Trust: 1.0

vendor:stormshieldmodel:endpoint securityscope:ltversion:7.2.40

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.0.2

Trust: 1.0

vendor:stormshieldmodel:network securityscope:ltversion:4.6.3

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.1.1

Trust: 1.0

vendor:stormshieldmodel:network securityscope:ltversion:3.11.22

Trust: 1.0

vendor:stormshieldmodel:network securityscope:ltversion:4.3.16

Trust: 1.0

vendor:stormshieldmodel:sslvpnscope:ltversion:3.2.1

Trust: 1.0

vendor:stormshieldmodel:network securityscope:ltversion:2.7.11

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:1.0.2zg

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:3.0.0

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:1.1.1t

Trust: 1.0

vendor:stormshieldmodel:network securityscope:gteversion:3.8.0

Trust: 1.0

vendor:stormshieldmodel:network securityscope:gteversion:2.7.0

Trust: 1.0

vendor:stormshieldmodel:network securityscope:ltversion:3.7.34

Trust: 1.0

vendor:日立model:hitachi device managerscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus application server-rscope: - version: -

Trust: 0.8

vendor:日本電気model:nec enhanced speech analysisscope: - version: -

Trust: 0.8

vendor:日立model:jp1/file transmission server/ftpscope: - version: -

Trust: 0.8

vendor:日立model:hitachi global link managerscope: - version: -

Trust: 0.8

vendor:日本電気model:esmpro/serveragentscope: - version: -

Trust: 0.8

vendor:日立model:jp1/service support starter editionscope: - version: -

Trust: 0.8

vendor:日立model:jp1/navigation platformscope: - version: -

Trust: 0.8

vendor:日本電気model:ix ルータscope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope: - version: -

Trust: 0.8

vendor:日立model:jp1/automatic job management system 3 - managerscope: - version: -

Trust: 0.8

vendor:日立model:jp1/it desktop management 2 - smart device managerscope: - version: -

Trust: 0.8

vendor:日本電気model:neoface monitorscope: - version: -

Trust: 0.8

vendor:日本電気model:connexive application platformscope: - version: -

Trust: 0.8

vendor:日立model:jp1/data highway - server starter editionscope: - version: -

Trust: 0.8

vendor:日立model:jp1/it desktop management 2 - operations directorscope: - version: -

Trust: 0.8

vendor:日立model:プログラミング環境 for javascope: - version: -

Trust: 0.8

vendor:日本電気model:istorage t280scope: - version: -

Trust: 0.8

vendor:日立model:hitachi compute systems managerscope: - version: -

Trust: 0.8

vendor:日本電気model:nec ai acceleratorscope: - version: -

Trust: 0.8

vendor:日本電気model:nec multimedia olap for 映像分析サービスscope: - version: -

Trust: 0.8

vendor:日本電気model:istorage v10escope: - version: -

Trust: 0.8

vendor:日本電気model:connexive pfscope: - version: -

Trust: 0.8

vendor:日立model:hitachi replication managerscope: - version: -

Trust: 0.8

vendor:日本電気model:webotx application serverscope: - version: -

Trust: 0.8

vendor:日立model:日立アドバンストサーバ ha8000v シリーズscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:日立model:jp1/automatic job management system 3 - definitions assistantscope: - version: -

Trust: 0.8

vendor:日立model:jp1/snmp system observerscope: - version: -

Trust: 0.8

vendor:日立model:jp1/navigation platform for developersscope: - version: -

Trust: 0.8

vendor:日立model:jp1/operations analyticsscope: - version: -

Trust: 0.8

vendor:日本電気model:spoolserver/reportfilingscope: - version: -

Trust: 0.8

vendor:日立model:jp1/service supportscope: - version: -

Trust: 0.8

vendor:日本電気model:vranscope: - version: -

Trust: 0.8

vendor:日本電気model:istorage v100scope: - version: -

Trust: 0.8

vendor:日立model:jp1/performance managementscope: - version: -

Trust: 0.8

vendor:日立model:cosminexus http serverscope: - version: -

Trust: 0.8

vendor:日本電気model:iot 共通基盤scope: - version: -

Trust: 0.8

vendor:日立model:jp1/it desktop management 2 - managerscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus developerscope: - version: -

Trust: 0.8

vendor:日本電気model:得選街・gcbscope: - version: -

Trust: 0.8

vendor:日立model:jp1/automatic operationscope: - version: -

Trust: 0.8

vendor:日立model:hitachi tuning managerscope: - version: -

Trust: 0.8

vendor:日本電気model:webotx sip application serverscope: - version: -

Trust: 0.8

vendor:日立model:hitachi configuration managerscope: - version: -

Trust: 0.8

vendor:日立model:jp1/basescope: - version: -

Trust: 0.8

vendor:日立model:jp1/data highway - serverscope: - version: -

Trust: 0.8

vendor:日本電気model:養殖魚サイズ測定自動化サービスscope: - version: -

Trust: 0.8

vendor:日本電気model:istorage v300scope: - version: -

Trust: 0.8

vendor:日立model:hitachi tiered storage managerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-003736 // NVD: CVE-2022-4304

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-4304
value: MEDIUM

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-4304
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-4304
value: MEDIUM

Trust: 0.8

nvd@nist.gov: CVE-2022-4304
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-4304
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-003736 // NVD: CVE-2022-4304 // NVD: CVE-2022-4304

PROBLEMTYPE DATA

problemtype:CWE-203

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-003736 // NVD: CVE-2022-4304

THREAT TYPE

remote

Trust: 0.1

sources: PACKETSTORM: 176366

TYPE

overflow

Trust: 0.1

sources: PACKETSTORM: 170922

PATCH

title:hitachi-sec-2023-135 Software product security informationurl:https://www.openssl.org/news/secadv/20230207.txt

Trust: 0.8

title:Red Hat: url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-4304

Trust: 0.1

title:Amazon Linux AMI: ALAS-2023-1683url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2023-1683

Trust: 0.1

title:Debian Security Advisories: DSA-5343-1 openssl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=b6a11b827fe9cfaea9c113b2ad37856f

Trust: 0.1

title:Amazon Linux 2: ALAS2-2023-1935url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2023-1935

Trust: 0.1

title:Amazon Linux 2: ALAS2-2023-1934url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2023-1934

Trust: 0.1

title:Palo Alto Networks Security Advisory: PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023url:https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory&qid=3092389eb9f034e4b8387a75a5ae33f8

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-4304

Trust: 0.1

sources: VULMON: CVE-2022-4304 // JVNDB: JVNDB-2022-003736

EXTERNAL IDS

db:NVDid:CVE-2022-4304

Trust: 3.5

db:JVNid:JVNVU91198149

Trust: 0.8

db:JVNid:JVNVU92598492

Trust: 0.8

db:JVNid:JVNVU99752892

Trust: 0.8

db:JVNid:JVNVU98954443

Trust: 0.8

db:JVNid:JVNVU99464755

Trust: 0.8

db:JVNid:JVNVU91676340

Trust: 0.8

db:JVNid:JVNVU95292697

Trust: 0.8

db:JVNid:JVNVU95962757

Trust: 0.8

db:JVNid:JVNVU99836374

Trust: 0.8

db:JVNid:JVNVU98345649

Trust: 0.8

db:JVNid:JVNVU90056839

Trust: 0.8

db:JVNid:JVNVU91482879

Trust: 0.8

db:JVNid:JVNVU93250330

Trust: 0.8

db:JVNid:JVNVU97200253

Trust: 0.8

db:JVNid:JVNVU91213144

Trust: 0.8

db:ICS CERTid:ICSA-24-205-02

Trust: 0.8

db:ICS CERTid:ICSA-24-046-15

Trust: 0.8

db:ICS CERTid:ICSA-23-222-09

Trust: 0.8

db:ICS CERTid:ICSA-24-102-08

Trust: 0.8

db:ICS CERTid:ICSA-23-194-04

Trust: 0.8

db:ICS CERTid:ICSA-25-065-01

Trust: 0.8

db:ICS CERTid:ICSA-24-165-06

Trust: 0.8

db:ICS CERTid:ICSA-25-160-02

Trust: 0.8

db:ICS CERTid:ICSA-24-165-11

Trust: 0.8

db:ICS CERTid:ICSA-25-044-09

Trust: 0.8

db:ICS CERTid:ICSA-23-255-01

Trust: 0.8

db:ICS CERTid:ICSA-23-143-02

Trust: 0.8

db:ICS CERTid:ICSA-23-320-08

Trust: 0.8

db:ICS CERTid:ICSA-23-166-11

Trust: 0.8

db:ICS CERTid:ICSA-24-165-10

Trust: 0.8

db:ICS CERTid:ICSA-23-075-04

Trust: 0.8

db:JVNDBid:JVNDB-2022-003736

Trust: 0.8

db:VULMONid:CVE-2022-4304

Trust: 0.1

db:PACKETSTORMid:170922

Trust: 0.1

db:PACKETSTORMid:176366

Trust: 0.1

db:PACKETSTORMid:173676

Trust: 0.1

db:PACKETSTORMid:173895

Trust: 0.1

db:PACKETSTORMid:172741

Trust: 0.1

db:PACKETSTORMid:172238

Trust: 0.1

db:PACKETSTORMid:172981

Trust: 0.1

db:PACKETSTORMid:173115

Trust: 0.1

sources: VULMON: CVE-2022-4304 // PACKETSTORM: 170922 // PACKETSTORM: 176366 // PACKETSTORM: 173676 // PACKETSTORM: 173895 // PACKETSTORM: 172741 // PACKETSTORM: 172238 // PACKETSTORM: 172981 // PACKETSTORM: 173115 // JVNDB: JVNDB-2022-003736 // NVD: CVE-2022-4304

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2022-4304

Trust: 1.6

url:https://www.openssl.org/news/secadv/20230207.txt

Trust: 1.2

url:https://security.gentoo.org/glsa/202402-08

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2023-0215

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91213144/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu99752892/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91676340/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu99464755/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu95292697/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu90056839/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu97200253/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu92598492/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu98954443/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91198149/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu99836374/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93250330/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu95962757/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91482879/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu98345649/index.html

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-04

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-02

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-04

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-222-09

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-255-01

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-15

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-08

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-06

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-11

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-205-02

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-065-01

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-160-02

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2022-4304

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-4450

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2023-0286

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2023-0215

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-4450

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2022-41723

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2023-0361

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2023-0361

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-41723

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2023-0286

Trust: 0.4

url:https://access.redhat.com/articles/11258

Trust: 0.4

url:https://issues.redhat.com/):

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2023-24329

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2023-24329

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2023-0401

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-24536

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-24537

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-3089

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-24534

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-24538

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-24540

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2023-24540

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-36227

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2023-27535

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-36227

Trust: 0.2

url:https://github.com/live-hack-cve/cve-2022-4304

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2023-1683.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4203

Trust: 0.1

url:https://www.openssl.org/policies/general/security-policy.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0216

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0217

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6564-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nodejs/12.22.9~dfsg-1ubuntu3.3

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-1255

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-46663

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-0465

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-1260

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2253

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:4093

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-2253

Trust: 0.1

url:https://registry.centos.org/v2/":

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-41717

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0464

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-24539

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0466

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-0466

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46663

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-0464

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0465

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-1255

Trust: 0.1

url:https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-27561

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-2700

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-2650

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-32067

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-1260

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-41717

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:4091

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-29400

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2828

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24736

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-26604

Trust: 0.1

url:https://access.redhat.com/security/vulnerabilities/rhsb-2023-001

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:4421

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-2283

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-1667

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-26604

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-1667

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3089

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-2828

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21967

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21939

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/serverless/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-41724

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0767

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21930

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21939

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-41724

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21937

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21954

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21938

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-25173

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:3455

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21968

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-21937

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-41725

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2023-0767

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-41725

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-38578

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-38578

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:2165

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-25858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-39229

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20329

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43138

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-39229

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:3645

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-24999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-41715

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-43138

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20329

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-25858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2880

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24999

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27664

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2880

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-41715

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27664

Trust: 0.1

url:https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:3614

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:3612

Trust: 0.1

sources: VULMON: CVE-2022-4304 // PACKETSTORM: 170922 // PACKETSTORM: 176366 // PACKETSTORM: 173676 // PACKETSTORM: 173895 // PACKETSTORM: 172741 // PACKETSTORM: 172238 // PACKETSTORM: 172981 // PACKETSTORM: 173115 // JVNDB: JVNDB-2022-003736 // NVD: CVE-2022-4304

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 173676 // PACKETSTORM: 173895 // PACKETSTORM: 172741 // PACKETSTORM: 172238 // PACKETSTORM: 172981 // PACKETSTORM: 173115

SOURCES

db:VULMONid:CVE-2022-4304
db:PACKETSTORMid:170922
db:PACKETSTORMid:176366
db:PACKETSTORMid:173676
db:PACKETSTORMid:173895
db:PACKETSTORMid:172741
db:PACKETSTORMid:172238
db:PACKETSTORMid:172981
db:PACKETSTORMid:173115
db:JVNDBid:JVNDB-2022-003736
db:NVDid:CVE-2022-4304

LAST UPDATE DATE

2025-07-04T21:13:57.177000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-4304date:2023-02-09T00:00:00
db:JVNDBid:JVNDB-2022-003736date:2025-06-12T03:08:00
db:NVDid:CVE-2022-4304date:2025-03-20T21:15:14.890

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-4304date:2023-02-08T00:00:00
db:PACKETSTORMid:170922date:2023-02-07T12:12:12
db:PACKETSTORMid:176366date:2024-01-03T14:50:24
db:PACKETSTORMid:173676date:2023-07-21T14:40:48
db:PACKETSTORMid:173895date:2023-08-02T15:35:34
db:PACKETSTORMid:172741date:2023-06-06T16:34:53
db:PACKETSTORMid:172238date:2023-05-09T15:23:44
db:PACKETSTORMid:172981date:2023-06-16T16:26:18
db:PACKETSTORMid:173115date:2023-06-23T15:03:52
db:JVNDBid:JVNDB-2022-003736date:2023-03-07T00:00:00
db:NVDid:CVE-2022-4304date:2023-02-08T20:15:23.887