VARIoT IoT vulnerabilities database
| VAR-202206-1271 | CVE-2022-26057 | ABB of mint workbench Vulnerability in privilege management in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product. ABB of mint workbench Exists in a permission management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202206-1211 | CVE-2022-28749 | Zooms On-Premise Meeting Connector MMR Vulnerability in |
CVSS V2: 4.0 CVSS V3: 4.3 Severity: MEDIUM |
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host
| VAR-202206-1305 | CVE-2022-31219 | plural ABB Product Link Interpretation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. ABB of automation builder , Drive composer , mint workbench Exists in a link interpretation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of ABB Automation Builder Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Drive Composer installer. By creating a symbolic link, an attacker can abuse the installer to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
| VAR-202206-1315 | CVE-2022-29496 | blynk of Blynk-Library Out-of-bounds write vulnerability in |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. blynk of Blynk-Library Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Blynk is a set of Internet of Things platform of American Blynk company.
There is a security vulnerability in Blynk v1.0.1
| VAR-202206-1304 | CVE-2022-31217 | plural ABB Product Link Interpretation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. ABB of automation builder , Drive composer , mint workbench Exists in a link interpretation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of ABB Automation Builder Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Drive Composer installer. By creating a symbolic link, an attacker can abuse the installer to overwrite a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
| VAR-202206-1272 | CVE-2022-31216 | plural ABB Product Link Interpretation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. ABB of automation builder , Drive composer , mint workbench Exists in a link interpretation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of ABB Automation Builder Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Drive Composer installer. By creating a symbolic link, an attacker can abuse the installer to overwrite a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
| VAR-202206-1397 | CVE-2022-31218 | plural ABB Product Link Interpretation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product. ABB of automation builder , Drive composer , mint workbench Exists in a link interpretation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of ABB Automation Builder Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Drive Composer installer. By creating a symbolic link, an attacker can abuse the installer to overwrite a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
| VAR-202206-1157 | CVE-2022-21166 | Red Hat Security Advisory 2022-6991-01 |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
* update RT source tree to the RHEL-8.4.z12 source tree (BZ#2119160)
* using __this_cpu_add() in preemptible [00000000] - caller is
__mod_memcg_lruvec_state+0x69/0x1c0 [None8.4.0.z] (BZ#2124454)
4. ==========================================================================
Ubuntu Security Notice USN-5484-1
June 16, 2022
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform
cleanup actions on microarchitectural fill buffers. A local attacker could
possibly use this to expose sensitive information. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
linux-image-3.13.0-190-generic 3.13.0-190.241
linux-image-3.13.0-190-lowlatency 3.13.0-190.241
linux-image-generic 3.13.0.190.199
linux-image-lowlatency 3.13.0.190.199
linux-image-server 3.13.0.190.199
linux-image-virtual 3.13.0.190.199
Please note that fully mitigating processor vulnerabilities requires
corresponding processor microcode/firmware updates.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well. Bugs fixed (https://bugzilla.redhat.com/):
2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
5.
Bug Fix(es):
* sched/pelt: Fix attach_entity_load_avg() corner case (BZ#2105360)
* RHEL9[fleetwood][P9]:kdump fails to capture vmcore when crash is
triggered while running forkoff. (BZ#2109144)
* ISST-LTE:[P10 Everest] [5.14.0-70.9.1.el9_0.ppc64le] HPT:RHEL9.0:ecolp95:
lpar crashed at __list_del_entry_valid+0x90/0x100 and LPM failed
(BZ#2112823)
* [rhel9] livepatch panic: RIP: 0010:0xffffffffc0e070c4
seq_read_iter+0x124/0x4b0 (BZ#2122625)
* System crashes due to list_add double add at
iwl_mvm_mac_wake_tx_queue+0x71 (BZ#2123315)
* [Dell EMC 9.0 BUG] Any process performing I/O doesn't fail on degraded
LVM RAID and IO process hangs (BZ#2126215)
* [HPEMC RHEL 9.0 REGRESSION] net, e810, ice: not enough device MSI-X
vectors (BZ#2126491)
* RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports
(BZ#2127874)
* Enable check-kabi (BZ#2132372)
* Add symbols to stablelist (BZ#2132373)
* Update RHEL9.1 kabi tooling (BZ#2132380)
* kABI: Prepare the MM subsystem for kABI lockdown (BZ#2133464)
* [Dell Storage 9.1 BUG] NVME command hang during storage array node reboot
(BZ#2133553)
* WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105
ex_handler_fprestore+0x3f/0x50 (BZ#2134589)
* crypto/testmgr.c should not list dh, ecdh-nist-p256, ecdh-nist-p384 as
.fips_allowed = 1 (BZ#2136523)
* FIPS self-tests for RSA pkcs7 signature verification (BZ#2136552)
* [ovs-tc] Bad length in dpctl/dump-flows (BZ#2137354)
* [RHEL9] s_pf0vf2: hw csum failure for mlx5 (BZ#2137355)
* kernel memory leak while freeing nested actions (BZ#2137356)
* ovs: backports from upstream (BZ#2137358)
* kernel should conform to FIPS-140-3 requirements (both parts)
(BZ#2139095)
* [DELL EMC 9.0-RT BUG] System is not booting into RT Kernel with perc12.
(BZ#2139214)
* Fix panic in nbd/004 test (BZ#2139535)
* Nested KVM is not working on RHEL 8.6 with hardware error 0x7
(BZ#2140141)
* [RHEL9] Practically limit "Dummy wait" workaround to old Intel systems
(BZ#2142169)
4. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2022:8267-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:8267
Issue date: 2022-11-15
CVE Names: CVE-2020-36516 CVE-2021-3640 CVE-2022-0168
CVE-2022-0617 CVE-2022-0854 CVE-2022-1016
CVE-2022-1048 CVE-2022-1184 CVE-2022-1280
CVE-2022-1353 CVE-2022-1679 CVE-2022-1852
CVE-2022-1998 CVE-2022-2586 CVE-2022-2639
CVE-2022-20368 CVE-2022-21123 CVE-2022-21125
CVE-2022-21166 CVE-2022-21499 CVE-2022-23816
CVE-2022-23825 CVE-2022-24448 CVE-2022-26373
CVE-2022-28390 CVE-2022-28893 CVE-2022-29581
CVE-2022-29900 CVE-2022-29901 CVE-2022-36946
CVE-2022-39190
====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* off-path attacker may inject data or terminate victim's TCP session
(CVE-2020-36516)
* use-after-free vulnerability in function sco_sock_sendmsg()
(CVE-2021-3640)
* smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168)
* NULL pointer dereference in udf_expand_file_adinicbdue() during writeback
(CVE-2022-0617)
* swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854)
* uninitialized registers on stack in nft_do_chain can cause kernel pointer
leakage to UM (CVE-2022-1016)
* race condition in snd_pcm_hw_free leading to use-after-free
(CVE-2022-1048)
* use-after-free and memory errors in ext4 when mounting and operating on a
corrupted image (CVE-2022-1184)
* concurrency use-after-free between drm_setmaster_ioctl and
drm_mode_getresources (CVE-2022-1280)
* kernel info leak issue in pfkey_register (CVE-2022-1353)
* use-after-free in ath9k_htc_probe_device() could cause an escalation of
privileges (CVE-2022-1679)
* NULL pointer dereference in x86_emulate_insn may lead to DoS
(CVE-2022-1852)
* fanotify misuses fd_install() which could lead to use-after-free
(CVE-2022-1998)
* nf_tables cross-table potential use-after-free may lead to local
privilege escalation (CVE-2022-2586)
* integer underflow leads to out-of-bounds write in reserve_sfa_size()
(CVE-2022-2639)
* slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)
* incomplete clean-up of multi-core shared buffers (aka SBDR)
(CVE-2022-21123)
* incomplete clean-up of microarchitectural fill buffers (aka SBDS)
(CVE-2022-21125)
* incomplete clean-up in specific special register write operations (aka
DRPW) (CVE-2022-21166)
* possible to use the debugger to write zero into a location of choice
(CVE-2022-21499)
* AMD: RetBleed Arbitrary Speculative Code Execution with Return
Instructions (CVE-2022-23816, CVE-2022-29900)
* AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825)
* Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)
* double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c
(CVE-2022-28390)
* use after free in SUNRPC subsystem (CVE-2022-28893)
* use-after-free due to improper update of reference count in
net/sched/cls_u32.c (CVE-2022-29581)
* Intel: RetBleed Arbitrary Speculative Code Execution with Return
Instructions (CVE-2022-29901)
* DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946)
* nf_tables disallow binding to already bound chain (CVE-2022-39190)
* nfs_atomic_open() returns uninitialized data instead of ENOTDIR
(CVE-2022-24448)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.1 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1905809 - [RHEL-9] WARNING: CPU: 0 PID: 13059 at fs/nfsd/nfs4proc.c:458 nfsd4_open+0x19c/0x4a0 [nfsd]
1951971 - [RFE] Bonding: add option ns_ipv6_target
1952053 - [RFE] Bonding: add link_watch.missed_max
1980646 - CVE-2021-3640 kernel: use-after-free vulnerability in function sco_sock_sendmsg()
2006399 - limited reexport support kernel documentation
2009423 - fs: dlm: dlm_callback_resume is too noisy
2025985 - Add acer_wireless.ko kernel module
2028370 - [xfstests/nfs generic/476] test never finishes
2037386 - CVE-2022-0168 kernel: smb2_ioctl_query_info NULL pointer dereference
2038794 - Backport futex_waitv() from Linux 5.16
2046624 - [Marvell 9.1 FEAT] update qedi driver to latest upstream
2051444 - CVE-2022-24448 kernel: nfs_atomic_open() returns uninitialized data instead of ENOTDIR
2052312 - CVE-2022-1998 kernel: fanotify misuses fd_install() which could lead to use-after-free
2053632 - CVE-2022-0617 kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback
2053991 - kernel build fails if CONFIG_RHEL_DIFFERENCES is "not set"
2054023 - vrf test fail in kselftest net:fcnal-test.sh
2058395 - CVE-2022-0854 kernel: swiotlb information leak with DMA_FROM_DEVICE
2059928 - CVE-2020-36516 kernel: off-path attacker may inject data or terminate victim's TCP session
2066297 - block layer: update to v5.17
2066614 - CVE-2022-1016 kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
2066706 - CVE-2022-1048 kernel: race condition in snd_pcm_hw_free leading to use-after-free
2066819 - CVE-2022-1353 kernel: kernel info leak issue in pfkey_register
2070205 - CVE-2022-1184 kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image
2071022 - CVE-2022-1280 kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
2073064 - CVE-2022-28390 kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c
2074208 - CVE-2022-28893 kernel: use after free in SUNRPC subsystem
2074315 - genirq/affinity: Consider that CPUs on nodes can be unbalanced
2076304 - VFIO refresh to v5.18
2083580 - RFE: backport minor fixes and cleanups from upstream (up to version 5.18-rc5)
2084125 - CVE-2022-1679 kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges
2084183 - CVE-2022-21499 kernel: possible to use the debugger to write zero into a location of choice
2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
2088021 - CVE-2022-29581 kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c
2089815 - CVE-2022-1852 kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS
2090226 - CVE-2022-23816 CVE-2022-29900 hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
2090237 - CVE-2022-21123 hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)
2090240 - CVE-2022-21125 hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)
2090241 - CVE-2022-21166 hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW)
2094045 - mm: Fix stall observed when xfs calls alloc_pages_bulk_array()
2095275 - [RHEL-9] NFS - Fix "softreval" mount option
2100261 - backport audit iouring fix and audit_log_kern_module memleak fix from v5.18 and v5.19-rc3
2102319 - ipmitool sensor list command generates syslog errors on HP iLO 5
2103148 - CVE-2022-29901 hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions
2103153 - CVE-2022-23825 hw: cpu: AMD: Branch Type Confusion (non-retbleed)
2107360 - knfsd not always recalling delegations on contended access
2107589 - backport vsock commits for RHEL-9.1
2109349 - [bonding] bugfix update from v5.19
2110576 - RHEL-9 nfsd server post_wcc fixes - clients see increased revalidations
2111270 - netfilter: rebase conntrack to 5.19
2114878 - CVE-2022-2586 kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation
2115065 - CVE-2022-26373 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions
2115278 - CVE-2022-36946 kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
2123695 - CVE-2022-20368 kernel: net/packet: slab-out-of-bounds access in packet_recvmsg()
2129152 - CVE-2022-39190 kernel: nf_tables disallow binding to already bound chain
6. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-devel-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-devel-matched-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-devel-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-devel-matched-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-headers-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
perf-5.14.0-162.6.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
noarch:
kernel-doc-5.14.0-162.6.1.el9_1.noarch.rpm
ppc64le:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-devel-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-devel-matched-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-devel-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-devel-matched-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-headers-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
perf-5.14.0-162.6.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-devel-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-devel-matched-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-devel-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-devel-matched-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-headers-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-devel-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-devel-matched-5.14.0-162.6.1.el9_1.s390x.rpm
perf-5.14.0-162.6.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-devel-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-devel-matched-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-devel-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-devel-matched-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-headers-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
perf-5.14.0-162.6.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 9):
Source:
kernel-5.14.0-162.6.1.el9_1.src.rpm
aarch64:
bpftool-5.14.0-162.6.1.el9_1.aarch64.rpm
bpftool-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-core-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-core-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-modules-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-modules-extra-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-modules-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-modules-extra-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-libs-5.14.0-162.6.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
python3-perf-5.14.0-162.6.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
noarch:
kernel-abi-stablelists-5.14.0-162.6.1.el9_1.noarch.rpm
ppc64le:
bpftool-5.14.0-162.6.1.el9_1.ppc64le.rpm
bpftool-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-core-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-core-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-modules-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-modules-extra-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-modules-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-modules-extra-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-libs-5.14.0-162.6.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
python3-perf-5.14.0-162.6.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
s390x:
bpftool-5.14.0-162.6.1.el9_1.s390x.rpm
bpftool-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-core-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-core-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-modules-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-modules-extra-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-modules-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-modules-extra-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-tools-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-core-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-modules-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-modules-extra-5.14.0-162.6.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
python3-perf-5.14.0-162.6.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
x86_64:
bpftool-5.14.0-162.6.1.el9_1.x86_64.rpm
bpftool-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-core-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-core-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-modules-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-modules-extra-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-modules-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-modules-extra-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-libs-5.14.0-162.6.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
python3-perf-5.14.0-162.6.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-cross-headers-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
kernel-tools-libs-devel-5.14.0-162.6.1.el9_1.aarch64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.aarch64.rpm
ppc64le:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-cross-headers-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
kernel-tools-libs-devel-5.14.0-162.6.1.el9_1.ppc64le.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-cross-headers-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-cross-headers-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debug-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
kernel-tools-libs-devel-5.14.0-162.6.1.el9_1.x86_64.rpm
perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
python3-perf-debuginfo-5.14.0-162.6.1.el9_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-36516
https://access.redhat.com/security/cve/CVE-2021-3640
https://access.redhat.com/security/cve/CVE-2022-0168
https://access.redhat.com/security/cve/CVE-2022-0617
https://access.redhat.com/security/cve/CVE-2022-0854
https://access.redhat.com/security/cve/CVE-2022-1016
https://access.redhat.com/security/cve/CVE-2022-1048
https://access.redhat.com/security/cve/CVE-2022-1184
https://access.redhat.com/security/cve/CVE-2022-1280
https://access.redhat.com/security/cve/CVE-2022-1353
https://access.redhat.com/security/cve/CVE-2022-1679
https://access.redhat.com/security/cve/CVE-2022-1852
https://access.redhat.com/security/cve/CVE-2022-1998
https://access.redhat.com/security/cve/CVE-2022-2586
https://access.redhat.com/security/cve/CVE-2022-2639
https://access.redhat.com/security/cve/CVE-2022-20368
https://access.redhat.com/security/cve/CVE-2022-21123
https://access.redhat.com/security/cve/CVE-2022-21125
https://access.redhat.com/security/cve/CVE-2022-21166
https://access.redhat.com/security/cve/CVE-2022-21499
https://access.redhat.com/security/cve/CVE-2022-23816
https://access.redhat.com/security/cve/CVE-2022-23825
https://access.redhat.com/security/cve/CVE-2022-24448
https://access.redhat.com/security/cve/CVE-2022-26373
https://access.redhat.com/security/cve/CVE-2022-28390
https://access.redhat.com/security/cve/CVE-2022-28893
https://access.redhat.com/security/cve/CVE-2022-29581
https://access.redhat.com/security/cve/CVE-2022-29900
https://access.redhat.com/security/cve/CVE-2022-29901
https://access.redhat.com/security/cve/CVE-2022-36946
https://access.redhat.com/security/cve/CVE-2022-39190
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index
https://access.redhat.com/solutions/6971358
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY3PhAtzjgjWX9erEAQgitxAAkbzROnq07NKrm//FdeWtbRilbSnTPFB0
uWQ94azzL8ucu8FsgPGU6vkpewleQGvbL8vy1+/M0h2/l93aIs3Bd/1QBG/06fmR
5MgkxqnZB6VeioF4AuDQL2IbCPGGb3Nwawc/uUJNdhXxpLkkUGXhKTn6Rx3SVR5u
cXIBQZcm0JjFJGgBloCaiE4DVTcjcpxqetydVxh+TTOU8eFvuQ/rFhX7gxUTtv0k
bRreX2/Kr14lG/cLgH900e8dCArjE7UGSbWQwSry5XeywlShCDqzzreUhtU4ngY7
1x2RWGMvRrdNRUq1pPSe2nIAGo+zARcEM9+5HgVP1RnI0o7A1irGFMVh50pZUXBF
K/I/YeT+QW6xbpEy0omDkDPW9OCiAvbNWGT0LWvDy8GW5MXOOz6TOqaKtTLwTf3o
rFx7YhGIHr4Y7bwEdm56HBQM/KrTWGta2nzYHLCJgFAOOFRXKpHfSuM8injlFXtt
h5vwu18Ba3/e/KFDsD+uus3ytOwGQ2XgHLahIdrl+IE3YMXqyCyjdLlEHBvzvgb0
lfwz5jmESwNjb95SKow89d69Vp+Nt1is0gE4qsKNeVpzwOPgp71vkES+IjHBPzBc
Tas7YpILPFHwxoSIZHHQn+p8a5aTR0mQSFn65GhO3OW4/oJEbuH7jbjMq4HnbbBd
evsxa7DQ9IQ=wJS+
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.11.5. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2022:6535
Space precludes documenting all of the container images in this advisory.
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.5-x86_64
The image digest is
sha256:fe4d499ac9fc7d12fcfccf3d6ae8a916c31e282d18adbebb0456c0fd6aef02c9
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.5-s390x
The image digest is
sha256:c816b9487177b51db60875c794679b6df41c74d522ca00376cb9f86f9b44b577
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.5-ppc64le
The image digest is
sha256:528174504037b4b9d8fda04bdad3f4acf7f68eeadb3a8fe2539f7a8a9bdff76a
(For aarch64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.11.5-aarch64
The image digest is
sha256:04d3f194379cdd1c0e8015fd51038967c5fdb2eff52c6c60645b3a9381ed5f04
All OpenShift Container Platform 4.11 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
3. Solution:
For OpenShift Container Platform 4.11 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
2024946 - Ingress Canary does not respect router sharding on default IngressController
2104825 - Installer creates unnecessary master_ingress_cluster_policy_controller security group rule
2108214 - Route status isn't always getting cleared with routeSelector updates
2108595 - etcd Dashboard should be removed on guest cluster of hypershift
2109193 - Power VS machine Processor is always defaulted to 0.5
2109887 - [UI] MultiClusterHub details after it's creation starts flickers, disappears and appears back (happened twice)
2110528 - Route status isn't always getting cleared with routeSelector updates
2111345 - should use the same value for AlertRelabelConfig with oc explain
2117424 - Backport: https://github.com/openshift/kubernetes/pull/1295
5. JIRA issues fixed (https://issues.jboss.org/):
OCPBUGS-1007 - CVE-2021-3121 telemeter-container: [1924548] telemeter-container: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation [openshift-4]
OCPBUGS-1070 - Update ODC owners
OCPBUGS-1104 - package-server-manager does not migrate packageserver CSV from v0.17.0 to v0.18.3 on OCP 4.8 -> 4.9 upgrade
OCPBUGS-1145 - Bug 2085336 - [IPI-Azure] Fail to create the worker node which HyperVGenerations is V2 or V1 and vmNetworkingType is Accelerated
OCPBUGS-1233 - [IPI] nodelink controller is not able to reconcile and match nodes and machines with logical interfaces defined by nmstate at baremetalhost creation
OCPBUGS-1261 - Backport: https://github.com/openshift/kubernetes/pull/1295
OCPBUGS-393 - Setting disableNetworkDiagnostics: true does not persist when network-operator pod gets re-created
OCPBUGS-455 - [vsphere] update install-config description for diskType
OCPBUGS-524 - Plugin page error boundary message is not cleared after leaving page
OCPBUGS-668 - Prefer local dns does not work expectedly on OCPv4.11
OCPBUGS-744 - [4.11] Spoke BMH stuck ?provisioning? after changing a BIOS attribute via the converged workflow
OCPBUGS-746 - [4.11] Supermicro server FirmwareSchema CR does not contain allowable_values, attribute_type and read_only flag
OCPBUGS-747 - [4.11] Disconnected IPI OCP cluster install on baremetal fails when hostname of master nodes does not include the text "master
6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202208-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Xen: Multiple Vulnerabilities
Date: August 14, 2022
Bugs: #810341, #812485, #816882, #825354, #832039, #835401, #850802
ID: 202208-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been discovered in Xen, the worst of which
could result in remote code execution (guest sandbox escape).
Background
=========
Xen is a bare-metal hypervisor.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.15.3 >= 4.15.3
2 app-emulation/xen-tools < 4.15.3 >= 4.15.3
Description
==========
Multiple vulnerabilities have been discovered in Xen. Please review the
CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Xen users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.15.3"
All Xen tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-tools-4.15.3"
References
=========
[ 1 ] CVE-2021-28694
https://nvd.nist.gov/vuln/detail/CVE-2021-28694
[ 2 ] CVE-2021-28695
https://nvd.nist.gov/vuln/detail/CVE-2021-28695
[ 3 ] CVE-2021-28696
https://nvd.nist.gov/vuln/detail/CVE-2021-28696
[ 4 ] CVE-2021-28697
https://nvd.nist.gov/vuln/detail/CVE-2021-28697
[ 5 ] CVE-2021-28698
https://nvd.nist.gov/vuln/detail/CVE-2021-28698
[ 6 ] CVE-2021-28699
https://nvd.nist.gov/vuln/detail/CVE-2021-28699
[ 7 ] CVE-2021-28700
https://nvd.nist.gov/vuln/detail/CVE-2021-28700
[ 8 ] CVE-2021-28701
https://nvd.nist.gov/vuln/detail/CVE-2021-28701
[ 9 ] CVE-2021-28702
https://nvd.nist.gov/vuln/detail/CVE-2021-28702
[ 10 ] CVE-2021-28710
https://nvd.nist.gov/vuln/detail/CVE-2021-28710
[ 11 ] CVE-2022-21123
https://nvd.nist.gov/vuln/detail/CVE-2022-21123
[ 12 ] CVE-2022-21125
https://nvd.nist.gov/vuln/detail/CVE-2022-21125
[ 13 ] CVE-2022-21166
https://nvd.nist.gov/vuln/detail/CVE-2022-21166
[ 14 ] CVE-2022-23033
https://nvd.nist.gov/vuln/detail/CVE-2022-23033
[ 15 ] CVE-2022-23034
https://nvd.nist.gov/vuln/detail/CVE-2022-23034
[ 16 ] CVE-2022-23035
https://nvd.nist.gov/vuln/detail/CVE-2022-23035
[ 17 ] CVE-2022-26362
https://nvd.nist.gov/vuln/detail/CVE-2022-26362
[ 18 ] CVE-2022-26363
https://nvd.nist.gov/vuln/detail/CVE-2022-26363
[ 19 ] CVE-2022-26364
https://nvd.nist.gov/vuln/detail/CVE-2022-26364
[ 20 ] XSA-378
[ 21 ] XSA-379
[ 22 ] XSA-380
[ 23 ] XSA-382
[ 24 ] XSA-383
[ 25 ] XSA-384
[ 26 ] XSA-386
[ 27 ] XSA-390
[ 28 ] XSA-401
[ 29 ] XSA-402
[ 30 ] XSA-404
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-23
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied
| VAR-202206-1278 | CVE-2022-24436 | Intel's * Vulnerability regarding observable inconsistencies in |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. Intel's * Exists in observable mismatch vulnerabilities.Information may be obtained
| VAR-202206-1301 | CVE-2022-20825 | plural Cisco Small Business Out-of-bounds write vulnerability in router products |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability. plural Cisco Small Business Router products contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco) in the United States
| VAR-202206-1254 | CVE-2022-20798 | Cisco Secure Email and Web Manager and Cisco Email Security Appliance Authentication vulnerability in |
CVSS V2: 6.8 CVSS V3: 9.8 Severity: CRITICAL |
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device. (DoS) It may be in a state
| VAR-202206-2412 | No CVE | Binary Vulnerability in IGSS (Interactive Graphical SCADA System) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
IGSS (Interactive Graphical SCADA System) is an industrial control SCADA system under Schneider, which is used in many fields such as electric power, sewage treatment, and manufacturing.
IGSS (Interactive Graphical SCADA System) has a binary vulnerability that can be exploited by an attacker to cause a denial of service attack.
| VAR-202206-1234 | CVE-2022-20819 | Cisco Identity Services Engine Vulnerability in privilege management in |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies
| VAR-202206-1079 | CVE-2022-21127 | Microsoft Windows Security hole |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统.
Microsoft Windows 存在安全漏洞,该漏洞源于 Intel 部分处理器存在安全问题。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation). (CVE-2021-0127). -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5178-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 06, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : intel-microcode
CVE ID : CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21151
CVE-2022-21166
Debian Bug : 1010947
This update ships updated CPU microcode for some types of Intel CPUs and
provides mitigations for security vulnerabilities.
CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166
Various researchers discovered flaws in Intel processors,
collectively referred to as MMIO Stale Data vulnerabilities, which
may result in information leak to local users.
For the oldstable distribution (buster), these problems have been fixed
in version 3.20220510.1~deb10u1.
For the stable distribution (bullseye), these problems have been fixed in
version 3.20220510.1~deb11u1.
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLFiNRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QsfQ/7BFnYhmBMr5u1iyXJY79QkOuBFij/I7N5doGb/5m/LTbUOKgHKlI3XKqr
NHbWZWQZVO7gexkZIdGSY2RnCtVS1oNkKxNzuFVxkPjbsRpJJBAyPqoY6JogDjhM
18jXAyZqB5tfZdGohiHBeVDsQwP5M3IPTdG2USoLOwcwd5+BK8ZgdrLrREDHo9mA
+VJU8fhGRpdminz5MR2NPenu5jgG2JVKAhFRC8ioy92umF/5c/C6wRAyQsRid4lZ
i+lzWAOQbUzvUGlomDrjqtSEn0fVQR2A0VoU+5AQnln8fODQmSLOHo/Ti00RuUUL
8WLfrKnfimXvTWnUeWKLCnHIRCbzLBfPa1EPbCagkD7XDkcYd+MWLm0C6RhUvBPN
p3U9AbWstO4z2RjldX1DYUVeCR5zQqBT6pAY6G14MqIvuqrAodi9p0jgjOchdCUZ
Hv4H6b0F7QusCZrj1onfe4//CG5AmN0D8E/QKCKNBplJmciVg2o/8R0hTfaKDK8v
NhUYBkEWnG0zUlo93Qkapqc00j5i7cbXKbzRV3zPa42WtypoS8yd/tftZ6y7yBpa
lHZOAVcfdDcN7jm9U9ZV3tVCCs3Cu5wb3ZYoYyhfEZBpEgCQ7YEEPQffTq9Y3LMN
4IUiKp8LINReMEEfV8My7PB2fX8dvti2lEQ/pJfAC/XKNoassd0=
=8N2y
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-5535-1
July 28, 2022
Intel Microcode vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Intel Microcode.
Software Description:
- intel-microcode: Processor microcode for Intel CPUs
Details:
Joseph Nuzman discovered that some Intel processors did not properly
initialise shared resources. A local attacker could use this to obtain
sensitive information. (CVE-2021-0145)
Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel
processors did not prevent test and debug logic from being activated at
runtime. A local attacker could use this to escalate
privileges. (CVE-2021-0146)
It was discovered that some Intel processors did not implement sufficient
control flow management. A local attacker could use this to cause a denial
of service (system crash). (CVE-2021-0127)
It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123,
CVE-2022-21127)
It was discovered that some Intel processors did not completely perform
cleanup actions on microarchitectural fill buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21125)
Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that
some Intel processors improperly optimised security-critical code. A local
attacker could possibly use this to expose sensitive
information. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)
It was discovered that some Intel processors did not properly restrict
access in some situations. A local attacker could use this to obtain
sensitive information. (CVE-2021-33117)
Brandon Miller discovered that some Intel processors did not properly
restrict access in some situations. A local attacker could use this to
obtain sensitive information or a remote attacker could use this to
cause a denial of service (system crash). (CVE-2021-33120)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
intel-microcode 3.20220510.0ubuntu0.16.04.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5535-1
CVE-2021-0127, CVE-2021-0145, CVE-2021-0146, CVE-2021-33117,
CVE-2021-33120, CVE-2022-21123, CVE-2022-21125, CVE-2022-21127,
CVE-2022-21151, CVE-2022-21166
| VAR-202206-0885 | CVE-2022-26476 | Siemens Spectrum Power Trust Management Issue Vulnerability |
CVSS V2: 5.4 CVSS V3: 8.8 Severity: HIGH |
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges
| VAR-202206-0837 | CVE-2022-32259 | Siemens SINEMA Remote Connect Server Security hole |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration. SINEMA Remote Connect is a remote network management platform for easy management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants
| VAR-202206-0844 | CVE-2022-32253 | Siemens SINEMA Remote Connect Server Input validation error vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker. SINEMA Remote Connect is a remote network management platform for easy management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants
| VAR-202206-1187 | CVE-2022-30937 | Siemens EN100 Ethernet module Buffer error vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition
| VAR-202206-0845 | CVE-2022-32254 | Siemens SINEMA Remote Connect Server Log information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker. SINEMA Remote Connect is a remote network management platform for easy management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants. Attackers can use this vulnerability to obtain sensitive information of users
| VAR-202206-0841 | CVE-2022-32262 | Siemens SINEMA Remote Connect Server Command injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution. SINEMA Remote Connect is a remote network management platform for easy management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants