VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202208-1417 CVE-2022-22730 Intel's  edge insights for industrial  Authentication vulnerability in CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel's edge insights for industrial There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Intel Edge Insights for Industrial is a pre-validated, ready-to-deploy software reference design from Intel Corporation for video and time-series data ingestion
VAR-202208-1390 CVE-2022-25841 Intel's  Android  for  datacenter group event  Vulnerability regarding uncontrolled search path elements in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be in a state. Intel Datacenter Group Event is a data center group event consulting software developed by Intel Corporation. Attackers exploit this vulnerability to escalate privileges
VAR-202208-1450 CVE-2022-28696 Intel's  distribution for python  Vulnerability regarding uncontrolled search path elements in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's distribution for python Exists in a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Intel Distribution for Python is a Python distribution optimized for Intel hardware by Intel Corporation of the United States. Intel Distribution for Python versions prior to 2022.0.3 have security vulnerabilities. Attackers exploit this vulnerability to escalate privileges
VAR-202208-1345 CVE-2022-32893 apple's  Safari  Out-of-Bounds Write Vulnerability in Other Vendors' Products CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. apple's Safari Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. Apple macOS Monterey versions prior to 12.5.1 have a security vulnerability. The vulnerability is caused by out-of-bounds writing. macOS Monterey 12.5.1. For the stable distribution (bullseye), this problem has been fixed in version 2.36.7-1~deb11u1. We recommend that you upgrade your wpewebkit packages. ========================================================================== Ubuntu Security Notice USN-5611-1 September 14, 2022 webkit2gtk vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in WebKitGTK. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libjavascriptcoregtk-4.0-18 2.36.7-0ubuntu0.22.04.1 libjavascriptcoregtk-4.1-0 2.36.7-0ubuntu0.22.04.1 libwebkit2gtk-4.0-37 2.36.7-0ubuntu0.22.04.1 libwebkit2gtk-4.1-0 2.36.7-0ubuntu0.22.04.1 Ubuntu 20.04 LTS: libjavascriptcoregtk-4.0-18 2.36.7-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 2.36.7-0ubuntu0.20.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1 iOS 15.6.1 and iPadOS 15.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213412. Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges. CVE-2022-32894: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.6.1 and iPadOS 15.6.1". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. iOS 12 is not impacted by CVE-2022-32894. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security update Advisory ID: RHSA-2022:6540-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6540 Issue date: 2022-09-15 CVE Names: CVE-2022-32893 ==================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. The following packages have been upgraded to a later upstream version: webkit2gtk3 (2.36.7). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: webkit2gtk3-2.36.7-1.el8_6.src.rpm aarch64: webkit2gtk3-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_6.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_6.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_6.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_6.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_6.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_6.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el8_6.i686.rpm webkit2gtk3-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_6.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8_6.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8_6.i686.rpm webkit2gtk3-devel-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_6.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8_6.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_6.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_6.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_6.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_6.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-32893 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYyMk0dzjgjWX9erEAQgJiw/+LYAkLQ3B+egDz2T8gBO2HzEtHgA8L7TO aFWvgGSnt32NlsOLFg1R3FxvGRVurR5Vgx2QN4tvVi/iYIgGw1WTSCC2GaiamjoP AawahjPf08LboH3d96QHN7rumXeXLUcymQyG4p4BPnEOqYPaKKdmj5CPaGWM/o+l ECo8POkVp0mHb4HOCL8iudG5aKDmEB5OqHfQS0XmFU3392yazpD6Y1DwpIfCNAhb ptdcqHrycH+QFUdd3YmtQj567R5+q/DAKFN60KHdwT+JeiRwdV9k89cAoWIJA6Hh 3ZxRuVbc108rySf/9tdZSjl7nw4IbLwcbScUwUHfHzjFfS3h7u+kkDLL10c4sfWf psc1mGVUXzLN6qBaWiY96bXOUOzX72LkC0LqhgDOfjBvaGzJjFwfydDgql/TPkSZ 478+0r5JD6sFsboLugtqhXMLNpJtxYGBSMUA31Bjmf8jWGwKrzZCbxUMuQIHk7VG 4M9gdZbu5wQw6fhksOlHGowoXEvc6UTB36eSLvZ76OK65yoXmpOXTFjIFfmDACkV M4GVQGpNglQWn/4jBXjebEeFC86baScn97NpCL41FK9AXlP7xBPaCN++DjAYDlbg NJf8tizErS4zMa1moMYL2DEac/nhLJDwtKaCvftcdRPrVnQZEZto7Chvf1FgNAJc +nurAiBV/zc=W4oO -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
VAR-202208-1294 CVE-2022-32894 Out-of-bounds write vulnerability in multiple Apple products CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. iPadOS , iOS , macOS Multiple Apple products have an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. Apple macOS Monterey versions prior to 12.5.1 have a security vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1 iOS 15.6.1 and iPadOS 15.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213412. Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges. CVE-2022-32894: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.6.1 and iPadOS 15.6.1". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmL9UiMACgkQ4RjMIDke Nxkiuw/+IhqxvCCS9q8hQMHDpFvVVmFdfO+7ukTVSpd12Cp5r0VGVP/zJOCecXR1 cnFHIPx8zVZXzQzsa+lCSWhT+20qOiuCjpqWNVY9pCovCPds3r1hhL2/1H0KejGK 2Ms910r+yxvEmhzz0MPk95d5+k+LaBPC1sfuNVTn9eUXImPDuLzLIyd8nW5khjNW spOIlS82VNBAcw8VQMxjgsiD6lhSsqvdkBPNhbI4/mMeIEXOOb+fRtHUOtorGLF2 R1DzU1zmPLytcPGE+hxVXnR5F1z/+ea1DEWumvzSNfwja9HI2xPfmm9E8Pomq9lk SEW8cxlqAdKY2/cQ2B2I7ihJ3REfJjSnhXqTsuad1jVn9k1t8ZmKBWh6bgOQKQQg 9BfIhcCeL398fmRUZQG1h6zo33MukUMMjfTgRjrjxhETLYCZQybjFAC4s98j2S0o yUpKaBUHc+tL/uupW01LwzP53SR2e4rBQhi+ACqiCEoJKAHYfJaj6YeblILiM6Sa QdfbsiCzSIqM6nJLl5ZIYn6rXEEKGyGpKMAYXvc7FsR691DTQxMiQ8KcraoCwAer LzviWOF2tVNmDYkv5EFnXhSB4+uYzViSQhPKM8s2DRhP/WhxdVF3woRhIyHLq60S qKoFKvQwTVTugIFIR4cGfsfAbV7zCBhqH7+fKBGfLeTOBCH7ULE=SLRt -----END PGP SIGNATURE-----
VAR-202208-1285 CVE-2022-36273 Shenzhen Tenda Technology Co.,Ltd.  of  AC9  in the firmware  OS  Command injection vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. Shenzhen Tenda Technology Co.,Ltd. of AC9 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-1289 CVE-2022-38368 Aviatrix  of  Gateway  Authentication vulnerability in CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands. Aviatrix of Gateway There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Aviatrix Gateway versions prior to 6.6.5712 and 6.7.x versions prior to 6.7.1376 have security vulnerabilities
VAR-202208-1613 CVE-2022-26696 apple's  macOS  Vulnerability in CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
This issue was addressed with improved environment sanitization. This issue is fixed in macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. apple's macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to escape the sandbox on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of XPC messages in the LaunchServices component. A crafted message can trigger execution of a privileged operation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user
VAR-202208-1092 CVE-2022-35555 Tenda W6 Command Injection Vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. Shenzhen Tenda Technology Co.,Ltd. of w6 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-1040 CVE-2022-35560 Shenzhen Tenda Technology Co.,Ltd.  of  w6  Out-of-bounds write vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. Shenzhen Tenda Technology Co.,Ltd. of w6 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-1042 CVE-2022-35559 Shenzhen Tenda Technology Co.,Ltd.  of  w6  Out-of-bounds write vulnerability in firmware CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution. Shenzhen Tenda Technology Co.,Ltd. of w6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-1308 CVE-2022-35561 Shenzhen Tenda Technology Co.,Ltd.  of  w6  Out-of-bounds write vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. Shenzhen Tenda Technology Co.,Ltd. of w6 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-1091 CVE-2022-35557 Shenzhen Tenda Technology Co.,Ltd.  of  w6  Out-of-bounds write vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. Shenzhen Tenda Technology Co.,Ltd. of w6 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-0978 CVE-2022-35558 Shenzhen Tenda Technology Co.,Ltd.  of  w6  Out-of-bounds write vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. Shenzhen Tenda Technology Co.,Ltd. of w6 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Tenda W6 is a wireless WiFi AP access point router from China Tenda Company
VAR-202208-0945 CVE-2021-33644 feep.net  of  libtar  Out-of-Bounds Read Vulnerability in Other Vendors' Products CVSS V2: -
CVSS V3: 8.1
Severity: HIGH
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. feep.net of libtar Products from other vendors have out-of-bounds read vulnerabilities.Information is obtained and service operation is interrupted (DoS) It may be in a state. openEuler is an operating system of the Open Atom Open Source Foundation. There are security vulnerabilities in openEuler 20.03-LTS-SP1, 20.03-LTS-SP3 and 22.03-LTS versions of the Open Atom Open Source Foundation. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libtar security update Advisory ID: RHSA-2023:2898-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2898 Issue date: 2023-05-16 CVE Names: CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 ==================================================================== 1. Summary: An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fix(es): * libtar: out-of-bounds read in gnu_longlink (CVE-2021-33643) * libtar: out-of-bounds read in gnu_longname (CVE-2021-33644) * libtar: memory leak found in th_read() function (CVE-2021-33645) * libtar: memory leak found in th_read() function (CVE-2021-33646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2121289 - CVE-2021-33643 libtar: out-of-bounds read in gnu_longlink 2121292 - CVE-2021-33644 libtar: out-of-bounds read in gnu_longname 2121295 - CVE-2021-33645 libtar: memory leak found in th_read() function 2121297 - CVE-2021-33646 libtar: memory leak found in th_read() function 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libtar-1.2.20-17.el8.src.rpm aarch64: libtar-1.2.20-17.el8.aarch64.rpm libtar-debuginfo-1.2.20-17.el8.aarch64.rpm libtar-debugsource-1.2.20-17.el8.aarch64.rpm ppc64le: libtar-1.2.20-17.el8.ppc64le.rpm libtar-debuginfo-1.2.20-17.el8.ppc64le.rpm libtar-debugsource-1.2.20-17.el8.ppc64le.rpm s390x: libtar-1.2.20-17.el8.s390x.rpm libtar-debuginfo-1.2.20-17.el8.s390x.rpm libtar-debugsource-1.2.20-17.el8.s390x.rpm x86_64: libtar-1.2.20-17.el8.i686.rpm libtar-1.2.20-17.el8.x86_64.rpm libtar-debuginfo-1.2.20-17.el8.i686.rpm libtar-debuginfo-1.2.20-17.el8.x86_64.rpm libtar-debugsource-1.2.20-17.el8.i686.rpm libtar-debugsource-1.2.20-17.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33643 https://access.redhat.com/security/cve/CVE-2021-33644 https://access.redhat.com/security/cve/CVE-2021-33645 https://access.redhat.com/security/cve/CVE-2021-33646 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGNwdNzjgjWX9erEAQjfPw//SoG/pVemP1peDGxUFDfBMBbldrFWpNro Te4tTe3YAkVgQgtnGZ8n3Arlrryk+3wfgQj3u9gdUj1w14YyEZC8hpWLCXI5iw/P Ul4dHHOnO0UW568dkaqUeJjl02o2ugRp2RZVt14yuZqLKmF9WCJW7lCZQLoqCIVp 7P3vZOQBlyU6BuGXO4Th86fpLDEZCboBQDA2QeNFvt+qNwvNxgb3A05217tfXnZ4 EpltZPIrl8pzEmmWA09XeFgIm5GXNiWjjR/fF3OHSgQ9cmXnafxWSBNiDlzHNQCk 0/z5gcvl+BJLceQoZBo6hdldHCiOF20jCxr8Nb/3sSJ+zAqQqqNsnDQ1TGs2GMDz Mx5JECSk0p79MMKR0mrP2NbCqxqEsqOkjinIa0PDlKNPFbEikA4l7fXu58KyHsr/ V9otYHvD1ilS7cTw1FGi198oodCofA+euZCQBNnWuFbnrCo1cyRBN6mjCMZwDgww ZhNWOUvAmkhtC5ebBb8zuMJ73ojSwiv886kJbEjDlG7SDGbMPHxEAgTHWZp5l+jw z36m+SegsAXE/UKHRYTFriRA5p1pyq/AVUMwhMXvQhwwNxPl2wsaUOJGFBw3Fu3n bAFXpxAngQvELHEFOtmL9fzbnFo93OTkvuz9tJpbvNOCmDBJJEN6Znhic0iWzT0p kHiakPvkvj4=I+bk -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
VAR-202208-0926 CVE-2022-27500 Intel's  Android  for  support  Vulnerability regarding improper default permissions in CVSS V2: -
CVSS V3: 5.5
Severity: MEDIUM
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. Intel's Android for support There is a vulnerability in improper default permissions.Information may be obtained
VAR-202208-1002 CVE-2022-25999 Intel's  enpirion digital power configurator gui  Vulnerability regarding uncontrolled search path elements in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be in a state
VAR-202208-0612 CVE-2022-36325 Vulnerabilities in multiple Siemens products CVSS V2: 10.0
CVSS V3: 6.8
Severity: MEDIUM
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS. SCALANCE M-800 firmware, SCALANCE S615 firmware, SCALANCE SC-600 Multiple Siemens products such as firmware have unspecified vulnerabilities.Information may be obtained and information may be tampered with. SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 industrial routers are used for secure remote access to plants via mobile networks (e.g. GPRS or UMTS) and have integrated security functions of firewalls to prevent unauthorized access, as well as VPNs to Secure data transmission. SCALANCE SC-600 devices (SC622-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C) are used to protect trusted industrial networks from untrusted network attacks. They allow filtering incoming and outgoing network connections in different ways. The SCALANCE W-1700 product is a wireless communication device based on the IEEE 802.11ac standard. SCALANCE W-700 products are wireless communication devices based on the IEEE 802.11ax standard. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLC) or human machine interfaces (HMI). A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600 family (All versions < V2.3.1), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions)
VAR-202208-0873 CVE-2022-35491 TOTOLINK  of  A3002RU  Vulnerability related to use of hardcoded credentials in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. TOTOLINK of A3002RU A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-0610 CVE-2022-36324 Vulnerability in limiting or non-slotting resource allocation in multiple Siemens products CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. SCALANCE M-800 firmware, SCALANCE S615 firmware, scalance w700 ieee 802.11ax Multiple Siemens products, including firmware, contain vulnerabilities related to limited or unthrottled resource allocation.Service operation interruption (DoS) It may be in a state. The SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 industrial routers are used for secure remote access to plants via mobile networks (e.g. GPRS or UMTS) and have integrated security functions for firewalls to prevent unauthorized access, as well as VPN to Secure data transmission. SCALANCE SC-600 devices (SC622-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C) are used to protect trusted industrial networks from untrusted network attacks. They allow filtering incoming and outgoing network connections in different ways. The SCALANCE W-1700 product is a wireless communication device based on the IEEE 802.11ac standard. SCALANCE W-700 products are wireless communication devices based on the IEEE 802.11ax standard. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLC) or human machine interfaces (HMI). A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE 802.11ac family (All versions), SCALANCE W-700 IEEE 802.11ax family (All versions), SCALANCE W-700 IEEE 802.11n family (All versions), SCALANCE XB-200 switch family (All versions), SCALANCE XC-200 switch family (All versions), SCALANCE XF-200BA switch family (All versions), SCALANCE XM-400 Family (All versions), SCALANCE XP-200 switch family (All versions), SCALANCE XR-300WG switch family (All versions), SCALANCE XR-500 Family (All versions)