var-202201-0496
Vulnerability from variot
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. Linux Kernel There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ========================================================================== Ubuntu Security Notice USN-5505-1 July 07, 2022
linux-lts-xenial, linux-kvm vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-kvm: Linux kernel for cloud environments - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. (CVE-2021-3752)
It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. (CVE-2021-3760)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. (CVE-2021-39685)
It was discovered that the Ion Memory Manager subsystem in the Linux kernel contained a use-after-free vulnerability. (CVE-2021-4202)
Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. (CVE-2022-0330)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. (CVE-2022-1353)
It was discovered that the virtual graphics memory manager implementation in the Linux kernel was subject to a race condition, potentially leading to an information leak. (CVE-2022-1679)
It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. (CVE-2022-1734)
It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. (CVE-2022-21125)
It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. (CVE-2022-28356)
It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. (CVE-2022-28388)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: linux-image-4.4.0-1110-kvm 4.4.0-1110.120 linux-image-kvm 4.4.0.1110.107
Ubuntu 14.04 ESM: linux-image-4.4.0-229-generic 4.4.0-229.263~14.04.1 linux-image-4.4.0-229-lowlatency 4.4.0-229.263~14.04.1 linux-image-generic-lts-xenial 4.4.0.229.199 linux-image-lowlatency-lts-xenial 4.4.0.229.199 linux-image-virtual-lts-xenial 4.4.0.229.199
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-5505-1 CVE-2021-3609, CVE-2021-3752, CVE-2021-3760, CVE-2021-39685, CVE-2021-39714, CVE-2021-4197, CVE-2021-4202, CVE-2022-0330, CVE-2022-1353, CVE-2022-1419, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-24958, CVE-2022-28356, CVE-2022-28388
. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/
Security fixes:
-
node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
-
follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
-
nconf: Prototype pollution in memory store (CVE-2022-21803)
-
golang: crypto/elliptic IsOnCurve returns true for invalid field elements (CVE-2022-23806)
-
Moment.js: Path traversal in moment.locale (CVE-2022-24785)
-
golang: syscall: faccessat checks wrong group (CVE-2022-29526)
-
go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses (CVE-2022-29810)
Bug fixes:
-
RHACM 2.3.11 images (BZ# 2082087)
-
Bugs fixed (https://bugzilla.redhat.com/):
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements 2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale 2074689 - CVE-2022-21803 nconf: Prototype pollution in memory store 2080279 - CVE-2022-29810 go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses 2082087 - RHACM 2.3.11 images 2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.56. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2022:6052
Security Fix(es):
- golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.56-x86_64
The image digest is sha256:6232cf97cb029a4307450580483aa3e1601aa65066f5b7a856d3ec125b3c9b55
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.56-s390x
The image digest is sha256:c47bab4c5452f0cf252cbe48aefa2a8d32e20c5f239807af94cb78e5363104a6
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.56-ppc64le
The image digest is sha256:8cd14b2cdd699f33ebebf632425b7922654c9b1e57b6b085c375593f89a88ea1
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
2056342 - [4.7] SRIOV exclusive pooling 2103217 - [4.7] Pod stuck in Terminating, runc init process frozen 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
- Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Real Time (v. 8) - x86_64 Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
-
kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
-
kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
-
kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
-
kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
-
kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
-
kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
-
kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
-
kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
-
kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
-
kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
-
kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
-
kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
-
kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
-
kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
-
kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
-
kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
-
kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
-
kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
-
kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
-
hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
-
kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
-
kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
-
kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
-
kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
-
kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
-
kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
-
kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
-
kernel: information leak in the IPv6 implementation (CVE-2021-45485)
-
kernel: information leak in the IPv4 implementation (CVE-2021-45486)
-
hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
-
hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
-
kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
-
kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
-
kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
-
kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1901726 - CVE-2020-27820 kernel: use-after-free in nouveau kernel module 1903578 - kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000050e86018>] handle_userfault+0x530/0x1820 1905749 - kernel-rt-debug: BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:968 1919791 - CVE-2020-0404 kernel: avoid cyclic entity chains due to malformed USB descriptors 1946684 - CVE-2021-29154 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation 1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver 1974079 - CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() 1985353 - CVE-2021-37159 kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c 1986473 - CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts 1997467 - CVE-2021-3764 kernel: DoS in ccp_run_aes_gcm_cmd() function 1997961 - CVE-2021-3743 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c 1999544 - CVE-2021-3752 kernel: possible use-after-free in bluetooth module 1999675 - CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks 2000627 - CVE-2021-3744 kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() 2000694 - CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations 2004949 - CVE-2021-3773 kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients 2010463 - CVE-2021-41864 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write 2013180 - CVE-2021-43389 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c 2014230 - CVE-2021-20322 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies 2016169 - CVE-2020-13974 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c 2018205 - CVE-2021-0941 kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free 2025003 - CVE-2021-43976 kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device 2025726 - CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs 2027239 - CVE-2021-4037 kernel: security regression for CVE-2018-13405 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it 2030747 - CVE-2021-44733 kernel: use-after-free in the TEE subsystem 2034342 - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function 2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks 2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses 2037019 - CVE-2022-0286 kernel: Local denial of service in bond_ipsec_add_sa 2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation 2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation 2042822 - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c 2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 2061712 - CVE-2022-0001 hw: cpu: intel: Branch History Injection (BHI) 2061721 - CVE-2022-0002 hw: cpu: intel: Intra-Mode BTI 2064855 - CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
- Package List:
Red Hat Enterprise Linux Real Time for NFV (v. 8):
Source: kernel-rt-4.18.0-372.9.1.rt7.166.el8.src.rpm
x86_64: kernel-rt-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-kvm-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-kvm-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm
Red Hat Enterprise Linux Real Time (v. 8):
Source: kernel-rt-4.18.0-372.9.1.rt7.166.el8.src.rpm
x86_64: kernel-rt-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm kernel-rt-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYnqRVtzjgjWX9erEAQjwiA//R/ZVJ7xroUR7Uf1az+8xZqs4OZQADIUc /92cDd6MRyzkvwQx5u7JmD5E6KbRf3NGfDsuoC0jVJJJcp8GT0tWkxPIjCi2RNbI /9nlbkfp0eQqRGmpL753W/7sfzAnbiOeP47rr+lJU24OBDcbrZn5X3Ex0EdzcdeD fmVnAxB8bsXyZwcnX9m6mVlBxY+fm6SC78O+/rPzVUHl5NhQASqi0sYSwydyqZvG a/9p5gXd9nnyV7NtJj58pS7brxQFq4RcM5VhTjix3a/ZaZEwT+nDMj3+RXXwUhGe HJ6AdJoNI19huMXtn/fYhomb/LIHQos+kHQrBbJ+KmaFE4DD08Uv2uHSyeEe1ksT oUwcGcIbSta6LBNO60Lh0XVj6FgFWNnNsAGX27nxCHfzDjuJ3U4Tyh8gL+ID2K1t 3nwoQl5gxUokFS0sUIuD0pj2LFW1vg2E2pMcbzPDqFwj0MXn5DpTb4qeuiRWzA05 s+upi3Cd6XmRNKPH8DDOrGNGW0dJqJtuXhUmziZjKPMJK5Ygnhoc+3hYG/EJzGiq S/VHXR5hnJ+RAPz2U8rETfCW2Dvz7lCUh5rJGg/8f8MCyAMCPpFqXbkNvpt3BIKy 2SLBhh0Mci1fprA35q2eNCjduntja3oxnVx+YAKPM30hzE7ejwHFEZHPGOdKB0q/ aHIZwOKDLaE= =hqV1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2022-1516)
Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5173-1 security@debian.org https://www.debian.org/security/ Ben Hutchings July 03, 2022 https://www.debian.org/security/faq
Package : linux CVE ID : CVE-2021-4197 CVE-2022-0494 CVE-2022-0812 CVE-2022-0854 CVE-2022-1011 CVE-2022-1012 CVE-2022-1016 CVE-2022-1048 CVE-2022-1184 CVE-2022-1195 CVE-2022-1198 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1353 CVE-2022-1419 CVE-2022-1516 CVE-2022-1652 CVE-2022-1729 CVE-2022-1734 CVE-2022-1974 CVE-2022-1975 CVE-2022-2153 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-23960 CVE-2022-26490 CVE-2022-27666 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-29581 CVE-2022-30594 CVE-2022-32250 CVE-2022-32296 CVE-2022-33981 Debian Bug : 922204 1006346 1013299
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2021-4197
Eric Biederman reported that incorrect permission checks in the
cgroup process migration implementation can allow a local attacker
to escalate privileges.
CVE-2022-0494
The scsi_ioctl() was susceptible to an information leak only
exploitable by users with CAP_SYS_ADMIN or CAP_SYS_RAWIO
capabilities.
CVE-2022-0812
It was discovered that the RDMA transport for NFS (xprtrdma)
miscalculated the size of message headers, which could lead to a
leak of sensitive information between NFS servers and clients.
CVE-2022-0854
Ali Haider discovered a potential information leak in the DMA
subsystem. On systems where the swiotlb feature is needed, this
might allow a local user to read sensitive information.
CVE-2022-1011
Jann Horn discovered a flaw in the FUSE (Filesystem in User-Space)
implementation. A local user permitted to mount FUSE filesystems
could exploit this to cause a use-after-free and read sensitive
information.
CVE-2022-1012, CVE-2022-32296
Moshe Kol, Amit Klein, and Yossi Gilad discovered a weakness
in randomisation of TCP source port selection.
CVE-2022-1016
David Bouman discovered a flaw in the netfilter subsystem where
the nft_do_chain function did not initialize register data that
nf_tables expressions can read from and write to. A local attacker
can take advantage of this to read sensitive information.
CVE-2022-1048
Hu Jiahui discovered a race condition in the sound subsystem that
can result in a use-after-free.
CVE-2022-1184
A flaw was discovered in the ext4 filesystem driver which can lead
to a use-after-free. A local user permitted to mount arbitrary
filesystems could exploit this to cause a denial of service (crash
or memory corruption) or possibly for privilege escalation.
CVE-2022-1195
Lin Ma discovered race conditions in the 6pack and mkiss hamradio
drivers, which could lead to a use-after-free.
CVE-2022-1198
Duoming Zhou discovered a race condition in the 6pack hamradio
driver, which could lead to a use-after-free.
CVE-2022-1199, CVE-2022-1204, CVE-2022-1205
Duoming Zhou discovered race conditions in the AX.25 hamradio
protocol, which could lead to a use-after-free or null pointer
dereference.
CVE-2022-1353
The TCS Robot tool found an information leak in the PF_KEY
subsystem. A local user can receive a netlink message when an
IPsec daemon registers with the kernel, and this could include
sensitive information.
CVE-2022-1419
Minh Yuan discovered a race condition in the vgem virtual GPU
driver that can lead to a use-after-free. A local user permitted
to access the GPU device can exploit this to cause a denial of
service (crash or memory corruption) or possibly for privilege
escalation.
CVE-2022-1516
A NULL pointer dereference flaw in the implementation of the X.25
set of standardized network protocols, which can result in denial
of service.
This driver is not enabled in Debian's official kernel
configurations.
CVE-2022-1652
Minh Yuan discovered a race condition in the floppy driver that
can lead to a use-after-free. A local user permitted to access a
floppy drive device can exploit this to cause a denial of service
(crash or memory corruption) or possibly for privilege escalation.
CVE-2022-1729
Norbert Slusarek discovered a race condition in the perf subsystem
which could result in local privilege escalation to root. The
default settings in Debian prevent exploitation unless more
permissive settings have been applied in the
kernel.perf_event_paranoid sysctl.
CVE-2022-1734
Duoming Zhou discovered race conditions in the nfcmrvl NFC driver
that could lead to a use-after-free, double-free or null pointer
dereference.
This driver is not enabled in Debian's official kernel
configurations.
CVE-2022-1974, CVE-2022-1975
Duoming Zhou discovered that the NFC netlink interface was
suspectible to denial of service.
CVE-2022-2153
"kangel" reported a flaw in the KVM implementation for x86
processors which could lead to a null pointer dereference.
CVE-2022-21123, CVE-2022-21125, CVE-2022-21166
Various researchers discovered flaws in Intel x86 processors,
collectively referred to as MMIO Stale Data vulnerabilities.
These are similar to the previously published Microarchitectural
Data Sampling (MDS) issues and could be exploited by local users
to leak sensitive information.
For some CPUs, the mitigations for these issues require updated
microcode. An updated intel-microcode package may be provided at
a later date. The updated CPU microcode may also be available as
part of a system firmware ("BIOS") update.
Further information on the mitigation can be found at
<https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html>
or in the linux-doc-4.19 package.
CVE-2022-23960
Researchers at VUSec discovered that the Branch History Buffer in
Arm processors can be exploited to create information side-
channels with speculative execution. This issue is similar to
Spectre variant 2, but requires additional mitigations on some
processors.
This was previously mitigated for 32-bit Arm (armel and armhf)
architectures and is now also mitigated for 64-bit Arm (arm64).
This can be exploited to obtain sensitive information from a
different security context, such as from user-space to the kernel,
or from a KVM guest to the kernel.
CVE-2022-26490
Buffer overflows in the STMicroelectronics ST21NFCA core driver
can result in denial of service or privilege escalation.
This driver is not enabled in Debian's official kernel
configurations.
CVE-2022-27666
"valis" reported a possible buffer overflow in the IPsec ESP
transformation code.
CVE-2022-28356
"Beraphin" discovered that the ANSI/IEEE 802.2 LLC type 2 driver did
not properly perform reference counting on some error paths.
CVE-2022-28388
A double free vulnerability was discovered in the 8 devices
USB2CAN interface driver.
CVE-2022-28389
A double free vulnerability was discovered in the Microchip CAN
BUS Analyzer interface driver.
CVE-2022-28390
A double free vulnerability was discovered in the EMS CPC-USB/ARM7
CAN/USB interface driver.
CVE-2022-29581
Kyle Zeng discovered a reference-counting bug in the cls_u32
network classifier which can lead to a use-after-free.
CVE-2022-30594
Jann Horn discovered a flaw in the interaction between ptrace and
seccomp subsystems. A process sandboxed using seccomp() but still
permitted to use ptrace() could exploit this to remove the seccomp
restrictions.
CVE-2022-32250
Aaron Adams discovered a use-after-free in Netfilter which may
result in local privilege escalation to root.
CVE-2022-33981
Yuan Ming from Tsinghua University reported a race condition in
the floppy driver involving use of the FDRAWCMD ioctl, which could
lead to a use-after-free. A local user with access to a floppy
drive device could exploit this to cause a denial of service
(crash or memory corruption) or possibly for privilege escalation.
This ioctl is now disabled by default.
For the oldstable distribution (buster), these problems have been fixed in version 4.19.249-2.
Due to an issue in the signing service (Cf. Debian bug #1012741), the vport-vxlan module cannot be loaded for the signed kernel for amd64 in this update.
This update also corrects a regression in the network scheduler subsystem (bug #1013299).
For the 32-bit Arm (armel and armhf) architectures, this update enables optimised implementations of several cryptographic and CRC algorithms. For at least AES, this should remove a timing side- channel that could lead to a leak of sensitive information.
This update includes many more bug fixes from stable updates 4.19.236-4.19.249 inclusive, including for bug #1006346. The random driver has been backported from Linux 5.19, fixing numerous performance and correctness issues. Some changes will be visible:
-
- The entropy pool size is now 256 bits instead of 4096. You may need to adjust the configuration of system monitoring or user-space entropy gathering services to allow for this.
-
- On systems without a hardware RNG, the kernel may log more uses of /dev/urandom before it is fully initialised. These uses were previously under-counted and this is not a regression.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLBuTxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TdzQ//Yxq7eTZmPsDVvj1ArPIDwE4w/CPyoYeXiiSBhWD4ueYAvWp3moPmUZmc a6is1JkP8MILLekkeAUJQjaxjHOn+kWIlfV7ZLJ7fzTrVjkHoQvzs8a8mv85ybaD sfQlVuEA7VPxfJI/4/31fIAuTPy1S+qd3r6qtESL2IQdZPFS8SOHwZrTt9DPGXhl XtY3XNm4fysgRmtDYNpqndluVXeTc39bXe9YBRG1bTdrI9QCTykSx2/HeZDOBiMQ Wb7cjXAUoy0q3c5QncTcqtgN3ax549qx/1oGZGXDlycZFOIE8vHMY3FyBXXURPz4 JgKkSf+NR87aeDi2SREjOm0CIp/laSc1VFxpf0TTT51kuPWhXzsleZ23eN2po106 UTyDFsNtNToHgoDpPFA/3GsioqirzbwwVUs0qKDeFdC1VZjJ5H+1JzO4JPbWGOTo rtoz64JHU9oIA3OJs3rYpgIphd6fzUfia89tuflE5/MkeAWSVP7f0rpUgGQy8gzw TdsN4p7aCLhQezMpFVKADIB1WfkBtXncDrPC//pxxnRZuu2efrlYv6se+dnOJM9/ WeDSm4hsi6u+MH7DBmVhDgjF/gatSbejud8rXYUcVKZArraj9k9rCArxcVKmJHMr 6teKhjSMX1B27AUJtTqSU1eEmErxbA+yEHCSEOW+8JNnLQZWDSI= =j1cH -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0496",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.15"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.11"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.4.189"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.19.238"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.15.14"
},
{
"model": "communications cloud native core binding support function",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "22.1.1"
},
{
"model": "communications cloud native core binding support function",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "22.2.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.14.276"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.5"
},
{
"model": "brocade fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"model": "communications cloud native core binding support function",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "22.1.3"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.111"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.20"
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.2"
},
{
"model": "h300s",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "h410s",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "h700s",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "h410c",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "h500s",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.8,
"vendor": "linux",
"version": null
},
{
"model": "oracle communications cloud native core binding support function",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "brocade fabric os",
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
}
],
"trust": 0.4
},
"cve": "CVE-2021-4197",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-4197",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-410862",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-4197",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-4197",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-4197",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-4197",
"trust": 0.8,
"value": "High"
},
{
"author": "VULHUB",
"id": "VHN-410862",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. Linux Kernel There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ==========================================================================\nUbuntu Security Notice USN-5505-1\nJuly 07, 2022\n\nlinux-lts-xenial, linux-kvm vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-kvm: Linux kernel for cloud environments\n- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty\n\nDetails:\n\nNorbert Slusarek discovered a race condition in the CAN BCM networking\nprotocol of the Linux kernel leading to multiple use-after-free\nvulnerabilities. (CVE-2021-3752)\n\nIt was discovered that the NFC subsystem in the Linux kernel contained a\nuse-after-free vulnerability in its NFC Controller Interface (NCI)\nimplementation. (CVE-2021-3760)\n\nSzymon Heidrich discovered that the USB Gadget subsystem in the Linux\nkernel did not properly restrict the size of control requests for certain\ngadget types, leading to possible out of bounds reads or writes. (CVE-2021-39685)\n\nIt was discovered that the Ion Memory Manager subsystem in the Linux kernel\ncontained a use-after-free vulnerability. (CVE-2021-4202)\n\nSushma Venkatesh Reddy discovered that the Intel i915 graphics driver in\nthe Linux kernel did not perform a GPU TLB flush in some situations. (CVE-2022-0330)\n\nIt was discovered that the PF_KEYv2 implementation in the Linux kernel did\nnot properly initialize kernel memory in some situations. \n(CVE-2022-1353)\n\nIt was discovered that the virtual graphics memory manager implementation\nin the Linux kernel was subject to a race condition, potentially leading to\nan information leak. \n(CVE-2022-1679)\n\nIt was discovered that the Marvell NFC device driver implementation in the\nLinux kernel did not properly perform memory cleanup operations in some\nsituations, leading to a use-after-free vulnerability. (CVE-2022-1734)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on multi-core shared buffers. (CVE-2022-21123)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on microarchitectural fill buffers. (CVE-2022-21125)\n\nIt was discovered that some Intel processors did not properly perform\ncleanup during specific special register write operations. (CVE-2022-28356)\n\nIt was discovered that the 8 Devices USB2CAN interface implementation in\nthe Linux kernel did not properly handle certain error conditions, leading\nto a double-free. (CVE-2022-28388)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n linux-image-4.4.0-1110-kvm 4.4.0-1110.120\n linux-image-kvm 4.4.0.1110.107\n\nUbuntu 14.04 ESM:\n linux-image-4.4.0-229-generic 4.4.0-229.263~14.04.1\n linux-image-4.4.0-229-lowlatency 4.4.0-229.263~14.04.1\n linux-image-generic-lts-xenial 4.4.0.229.199\n linux-image-lowlatency-lts-xenial 4.4.0.229.199\n linux-image-virtual-lts-xenial 4.4.0.229.199\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5505-1\n CVE-2021-3609, CVE-2021-3752, CVE-2021-3760, CVE-2021-39685,\n CVE-2021-39714, CVE-2021-4197, CVE-2021-4202, CVE-2022-0330,\n CVE-2022-1353, CVE-2022-1419, CVE-2022-1652, CVE-2022-1679,\n CVE-2022-1734, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166,\n CVE-2022-24958, CVE-2022-28356, CVE-2022-28388\n\n. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. See the following Release Notes documentation, which will be updated\nshortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity fixes: \n\n* node-fetch: exposure of sensitive information to an unauthorized actor\n(CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization\nHeader leak (CVE-2022-0536)\n\n* nconf: Prototype pollution in memory store (CVE-2022-21803)\n\n* golang: crypto/elliptic IsOnCurve returns true for invalid field elements\n(CVE-2022-23806)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n* go-getter: writes SSH credentials into logfile, exposing sensitive\ncredentials to local uses (CVE-2022-29810)\n\nBug fixes:\n\n* RHACM 2.3.11 images (BZ# 2082087)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements\n2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale\n2074689 - CVE-2022-21803 nconf: Prototype pollution in memory store\n2080279 - CVE-2022-29810 go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses\n2082087 - RHACM 2.3.11 images\n2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group\n\n5. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.56. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2022:6052\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.56-x86_64\n\nThe image digest is\nsha256:6232cf97cb029a4307450580483aa3e1601aa65066f5b7a856d3ec125b3c9b55\n\n(For s390x architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.56-s390x\n\nThe image digest is\nsha256:c47bab4c5452f0cf252cbe48aefa2a8d32e20c5f239807af94cb78e5363104a6\n\n(For ppc64le architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.56-ppc64le\n\nThe image digest is\nsha256:8cd14b2cdd699f33ebebf632425b7922654c9b1e57b6b085c375593f89a88ea1\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2056342 - [4.7] SRIOV exclusive pooling\n2103217 - [4.7] Pod stuck in Terminating, runc init process frozen\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n5. Summary:\n\nAn update for kernel-rt is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Real Time (v. 8) - x86_64\nRed Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nSecurity Fix(es):\n\n* kernel: fget: check that the fd still exists after getting a ref to it\n(CVE-2021-4083)\n\n* kernel: avoid cyclic entity chains due to malformed USB descriptors\n(CVE-2020-0404)\n\n* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c\n(CVE-2020-13974)\n\n* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a\nuse-after-free (CVE-2021-0941)\n\n* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()\n(CVE-2021-3612)\n\n* kernel: reading /proc/sysvipc/shm does not scale with large shared memory\nsegment counts (CVE-2021-3669)\n\n* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c\n(CVE-2021-3743)\n\n* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()\n(CVE-2021-3744)\n\n* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)\n\n* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg\nlimits and DoS attacks (CVE-2021-3759)\n\n* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\n* kernel: sctp: Invalid chunks may be used to remotely remove existing\nassociations (CVE-2021-3772)\n\n* kernel: lack of port sanity checking in natd and netfilter leads to\nexploit of OpenVPN clients (CVE-2021-3773)\n\n* kernel: possible leak or coruption of data residing on hugetlbfs\n(CVE-2021-4002)\n\n* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)\n\n* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)\n\n* kernel: cgroup: Use open-time creds and namespace for migration perm\nchecks (CVE-2021-4197)\n\n* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses\n(CVE-2021-4203)\n\n* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed\npackets replies (CVE-2021-20322)\n\n* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)\n\n* kernel: Local privilege escalation due to incorrect BPF JIT branch\ndisplacement computation (CVE-2021-29154)\n\n* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c\n(CVE-2021-37159)\n\n* kernel: eBPF multiplication integer overflow in\nprealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to\nout-of-bounds write (CVE-2021-41864)\n\n* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)\n\n* kernel: an array-index-out-bounds in detach_capi_ctr in\ndrivers/isdn/capi/kcapi.c (CVE-2021-43389)\n\n* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c\nallows an attacker to cause DoS via crafted USB device (CVE-2021-43976)\n\n* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)\n\n* kernel: information leak in the IPv6 implementation (CVE-2021-45485)\n\n* kernel: information leak in the IPv4 implementation (CVE-2021-45486)\n\n* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)\n\n* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)\n\n* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)\n\n* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c\n(CVE-2022-0322)\n\n* kernel: FUSE allows UAF reads of write() buffers, allowing theft of\n(partial) /etc/shadow hashes (CVE-2022-1011)\n\n* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.6 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1901726 - CVE-2020-27820 kernel: use-after-free in nouveau kernel module\n1903578 - kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [\u003c0000000050e86018\u003e] handle_userfault+0x530/0x1820\n1905749 - kernel-rt-debug: BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:968\n1919791 - CVE-2020-0404 kernel: avoid cyclic entity chains due to malformed USB descriptors\n1946684 - CVE-2021-29154 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation\n1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver\n1974079 - CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()\n1985353 - CVE-2021-37159 kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c\n1986473 - CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts\n1997467 - CVE-2021-3764 kernel: DoS in ccp_run_aes_gcm_cmd() function\n1997961 - CVE-2021-3743 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c\n1999544 - CVE-2021-3752 kernel: possible use-after-free in bluetooth module\n1999675 - CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks\n2000627 - CVE-2021-3744 kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()\n2000694 - CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations\n2004949 - CVE-2021-3773 kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients\n2010463 - CVE-2021-41864 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write\n2013180 - CVE-2021-43389 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c\n2014230 - CVE-2021-20322 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies\n2016169 - CVE-2020-13974 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c\n2018205 - CVE-2021-0941 kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free\n2025003 - CVE-2021-43976 kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device\n2025726 - CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs\n2027239 - CVE-2021-4037 kernel: security regression for CVE-2018-13405\n2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it\n2030747 - CVE-2021-44733 kernel: use-after-free in the TEE subsystem\n2034342 - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function\n2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks\n2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses\n2037019 - CVE-2022-0286 kernel: Local denial of service in bond_ipsec_add_sa\n2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation\n2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation\n2042822 - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c\n2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715\n2061712 - CVE-2022-0001 hw: cpu: intel: Branch History Injection (BHI)\n2061721 - CVE-2022-0002 hw: cpu: intel: Intra-Mode BTI\n2064855 - CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes\n\n6. Package List:\n\nRed Hat Enterprise Linux Real Time for NFV (v. 8):\n\nSource:\nkernel-rt-4.18.0-372.9.1.rt7.166.el8.src.rpm\n\nx86_64:\nkernel-rt-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-kvm-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-kvm-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\n\nRed Hat Enterprise Linux Real Time (v. 8):\n\nSource:\nkernel-rt-4.18.0-372.9.1.rt7.166.el8.src.rpm\n\nx86_64:\nkernel-rt-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-core-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debug-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debuginfo-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-devel-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-modules-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\nkernel-rt-modules-extra-4.18.0-372.9.1.rt7.166.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYnqRVtzjgjWX9erEAQjwiA//R/ZVJ7xroUR7Uf1az+8xZqs4OZQADIUc\n/92cDd6MRyzkvwQx5u7JmD5E6KbRf3NGfDsuoC0jVJJJcp8GT0tWkxPIjCi2RNbI\n/9nlbkfp0eQqRGmpL753W/7sfzAnbiOeP47rr+lJU24OBDcbrZn5X3Ex0EdzcdeD\nfmVnAxB8bsXyZwcnX9m6mVlBxY+fm6SC78O+/rPzVUHl5NhQASqi0sYSwydyqZvG\na/9p5gXd9nnyV7NtJj58pS7brxQFq4RcM5VhTjix3a/ZaZEwT+nDMj3+RXXwUhGe\nHJ6AdJoNI19huMXtn/fYhomb/LIHQos+kHQrBbJ+KmaFE4DD08Uv2uHSyeEe1ksT\noUwcGcIbSta6LBNO60Lh0XVj6FgFWNnNsAGX27nxCHfzDjuJ3U4Tyh8gL+ID2K1t\n3nwoQl5gxUokFS0sUIuD0pj2LFW1vg2E2pMcbzPDqFwj0MXn5DpTb4qeuiRWzA05\ns+upi3Cd6XmRNKPH8DDOrGNGW0dJqJtuXhUmziZjKPMJK5Ygnhoc+3hYG/EJzGiq\nS/VHXR5hnJ+RAPz2U8rETfCW2Dvz7lCUh5rJGg/8f8MCyAMCPpFqXbkNvpt3BIKy\n2SLBhh0Mci1fprA35q2eNCjduntja3oxnVx+YAKPM30hzE7ejwHFEZHPGOdKB0q/\naHIZwOKDLaE=\n=hqV1\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. (CVE-2022-1516)\n\nDemi Marie Obenour and Simon Gaiser discovered that several Xen para-\nvirtualization device frontends did not properly restrict the access rights\nof device backends. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5173-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nJuly 03, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2021-4197 CVE-2022-0494 CVE-2022-0812 CVE-2022-0854\n CVE-2022-1011 CVE-2022-1012 CVE-2022-1016 CVE-2022-1048\n CVE-2022-1184 CVE-2022-1195 CVE-2022-1198 CVE-2022-1199\n CVE-2022-1204 CVE-2022-1205 CVE-2022-1353 CVE-2022-1419\n CVE-2022-1516 CVE-2022-1652 CVE-2022-1729 CVE-2022-1734\n CVE-2022-1974 CVE-2022-1975 CVE-2022-2153 CVE-2022-21123\n CVE-2022-21125 CVE-2022-21166 CVE-2022-23960 CVE-2022-26490\n CVE-2022-27666 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389\n CVE-2022-28390 CVE-2022-29581 CVE-2022-30594 CVE-2022-32250\n CVE-2022-32296 CVE-2022-33981\nDebian Bug : 922204 1006346 1013299\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks. \n\nCVE-2021-4197\n\n Eric Biederman reported that incorrect permission checks in the\n cgroup process migration implementation can allow a local attacker\n to escalate privileges. \n\nCVE-2022-0494\n\n The scsi_ioctl() was susceptible to an information leak only\n exploitable by users with CAP_SYS_ADMIN or CAP_SYS_RAWIO\n capabilities. \n\nCVE-2022-0812\n\n It was discovered that the RDMA transport for NFS (xprtrdma)\n miscalculated the size of message headers, which could lead to a\n leak of sensitive information between NFS servers and clients. \n\nCVE-2022-0854\n\n Ali Haider discovered a potential information leak in the DMA\n subsystem. On systems where the swiotlb feature is needed, this\n might allow a local user to read sensitive information. \n\nCVE-2022-1011\n\n Jann Horn discovered a flaw in the FUSE (Filesystem in User-Space)\n implementation. A local user permitted to mount FUSE filesystems\n could exploit this to cause a use-after-free and read sensitive\n information. \n\nCVE-2022-1012, CVE-2022-32296\n\n Moshe Kol, Amit Klein, and Yossi Gilad discovered a weakness\n in randomisation of TCP source port selection. \n\nCVE-2022-1016\n\n David Bouman discovered a flaw in the netfilter subsystem where\n the nft_do_chain function did not initialize register data that\n nf_tables expressions can read from and write to. A local attacker\n can take advantage of this to read sensitive information. \n\nCVE-2022-1048\n\n Hu Jiahui discovered a race condition in the sound subsystem that\n can result in a use-after-free. \n\nCVE-2022-1184\n\n A flaw was discovered in the ext4 filesystem driver which can lead\n to a use-after-free. A local user permitted to mount arbitrary\n filesystems could exploit this to cause a denial of service (crash\n or memory corruption) or possibly for privilege escalation. \n\nCVE-2022-1195\n\n Lin Ma discovered race conditions in the 6pack and mkiss hamradio\n drivers, which could lead to a use-after-free. \n\nCVE-2022-1198\n\n Duoming Zhou discovered a race condition in the 6pack hamradio\n driver, which could lead to a use-after-free. \n\nCVE-2022-1199, CVE-2022-1204, CVE-2022-1205\n\n Duoming Zhou discovered race conditions in the AX.25 hamradio\n protocol, which could lead to a use-after-free or null pointer\n dereference. \n\nCVE-2022-1353\n\n The TCS Robot tool found an information leak in the PF_KEY\n subsystem. A local user can receive a netlink message when an\n IPsec daemon registers with the kernel, and this could include\n sensitive information. \n\nCVE-2022-1419\n\n Minh Yuan discovered a race condition in the vgem virtual GPU\n driver that can lead to a use-after-free. A local user permitted\n to access the GPU device can exploit this to cause a denial of\n service (crash or memory corruption) or possibly for privilege\n escalation. \n\nCVE-2022-1516\n\n A NULL pointer dereference flaw in the implementation of the X.25\n set of standardized network protocols, which can result in denial\n of service. \n\n This driver is not enabled in Debian\u0027s official kernel\n configurations. \n\nCVE-2022-1652\n\n Minh Yuan discovered a race condition in the floppy driver that\n can lead to a use-after-free. A local user permitted to access a\n floppy drive device can exploit this to cause a denial of service\n (crash or memory corruption) or possibly for privilege escalation. \n\nCVE-2022-1729\n\n Norbert Slusarek discovered a race condition in the perf subsystem\n which could result in local privilege escalation to root. The\n default settings in Debian prevent exploitation unless more\n permissive settings have been applied in the\n kernel.perf_event_paranoid sysctl. \n\nCVE-2022-1734\n\n Duoming Zhou discovered race conditions in the nfcmrvl NFC driver\n that could lead to a use-after-free, double-free or null pointer\n dereference. \n\n This driver is not enabled in Debian\u0027s official kernel\n configurations. \n\nCVE-2022-1974, CVE-2022-1975\n\n Duoming Zhou discovered that the NFC netlink interface was\n suspectible to denial of service. \n\nCVE-2022-2153\n\n \"kangel\" reported a flaw in the KVM implementation for x86\n processors which could lead to a null pointer dereference. \n\nCVE-2022-21123, CVE-2022-21125, CVE-2022-21166\n\n Various researchers discovered flaws in Intel x86 processors,\n collectively referred to as MMIO Stale Data vulnerabilities. \n These are similar to the previously published Microarchitectural\n Data Sampling (MDS) issues and could be exploited by local users\n to leak sensitive information. \n\n For some CPUs, the mitigations for these issues require updated\n microcode. An updated intel-microcode package may be provided at\n a later date. The updated CPU microcode may also be available as\n part of a system firmware (\"BIOS\") update. \n\n Further information on the mitigation can be found at\n \u003chttps://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html\u003e\n or in the linux-doc-4.19 package. \n\nCVE-2022-23960\n\n Researchers at VUSec discovered that the Branch History Buffer in\n Arm processors can be exploited to create information side-\n channels with speculative execution. This issue is similar to\n Spectre variant 2, but requires additional mitigations on some\n processors. \n\n This was previously mitigated for 32-bit Arm (armel and armhf)\n architectures and is now also mitigated for 64-bit Arm (arm64). \n\n This can be exploited to obtain sensitive information from a\n different security context, such as from user-space to the kernel,\n or from a KVM guest to the kernel. \n\nCVE-2022-26490\n\n Buffer overflows in the STMicroelectronics ST21NFCA core driver\n can result in denial of service or privilege escalation. \n\n This driver is not enabled in Debian\u0027s official kernel\n configurations. \n\nCVE-2022-27666\n\n \"valis\" reported a possible buffer overflow in the IPsec ESP\n transformation code. \n\nCVE-2022-28356\n\n \"Beraphin\" discovered that the ANSI/IEEE 802.2 LLC type 2 driver did\n not properly perform reference counting on some error paths. \n\nCVE-2022-28388\n\n A double free vulnerability was discovered in the 8 devices\n USB2CAN interface driver. \n\nCVE-2022-28389\n\n A double free vulnerability was discovered in the Microchip CAN\n BUS Analyzer interface driver. \n\nCVE-2022-28390\n\n A double free vulnerability was discovered in the EMS CPC-USB/ARM7\n CAN/USB interface driver. \n\nCVE-2022-29581\n\n Kyle Zeng discovered a reference-counting bug in the cls_u32\n network classifier which can lead to a use-after-free. \n\nCVE-2022-30594\n\n Jann Horn discovered a flaw in the interaction between ptrace and\n seccomp subsystems. A process sandboxed using seccomp() but still\n permitted to use ptrace() could exploit this to remove the seccomp\n restrictions. \n\nCVE-2022-32250\n\n Aaron Adams discovered a use-after-free in Netfilter which may\n result in local privilege escalation to root. \n\nCVE-2022-33981\n\n Yuan Ming from Tsinghua University reported a race condition in\n the floppy driver involving use of the FDRAWCMD ioctl, which could\n lead to a use-after-free. A local user with access to a floppy\n drive device could exploit this to cause a denial of service\n (crash or memory corruption) or possibly for privilege escalation. \n This ioctl is now disabled by default. \n\nFor the oldstable distribution (buster), these problems have been\nfixed in version 4.19.249-2. \n\nDue to an issue in the signing service (Cf. Debian bug #1012741), the\nvport-vxlan module cannot be loaded for the signed kernel for amd64 in\nthis update. \n\nThis update also corrects a regression in the network scheduler\nsubsystem (bug #1013299). \n\nFor the 32-bit Arm (armel and armhf) architectures, this update\nenables optimised implementations of several cryptographic and CRC\nalgorithms. For at least AES, this should remove a timing side-\nchannel that could lead to a leak of sensitive information. \n\nThis update includes many more bug fixes from stable updates\n4.19.236-4.19.249 inclusive, including for bug #1006346. The random\ndriver has been backported from Linux 5.19, fixing numerous\nperformance and correctness issues. Some changes will be visible:\n\n- - The entropy pool size is now 256 bits instead of 4096. You may need\n to adjust the configuration of system monitoring or user-space\n entropy gathering services to allow for this. \n\n- - On systems without a hardware RNG, the kernel may log more uses of\n /dev/urandom before it is fully initialised. These uses were\n previously under-counted and this is not a regression. \n\nWe recommend that you upgrade your linux packages. \n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLBuTxfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TdzQ//Yxq7eTZmPsDVvj1ArPIDwE4w/CPyoYeXiiSBhWD4ueYAvWp3moPmUZmc\na6is1JkP8MILLekkeAUJQjaxjHOn+kWIlfV7ZLJ7fzTrVjkHoQvzs8a8mv85ybaD\nsfQlVuEA7VPxfJI/4/31fIAuTPy1S+qd3r6qtESL2IQdZPFS8SOHwZrTt9DPGXhl\nXtY3XNm4fysgRmtDYNpqndluVXeTc39bXe9YBRG1bTdrI9QCTykSx2/HeZDOBiMQ\nWb7cjXAUoy0q3c5QncTcqtgN3ax549qx/1oGZGXDlycZFOIE8vHMY3FyBXXURPz4\nJgKkSf+NR87aeDi2SREjOm0CIp/laSc1VFxpf0TTT51kuPWhXzsleZ23eN2po106\nUTyDFsNtNToHgoDpPFA/3GsioqirzbwwVUs0qKDeFdC1VZjJ5H+1JzO4JPbWGOTo\nrtoz64JHU9oIA3OJs3rYpgIphd6fzUfia89tuflE5/MkeAWSVP7f0rpUgGQy8gzw\nTdsN4p7aCLhQezMpFVKADIB1WfkBtXncDrPC//pxxnRZuu2efrlYv6se+dnOJM9/\nWeDSm4hsi6u+MH7DBmVhDgjF/gatSbejud8rXYUcVKZArraj9k9rCArxcVKmJHMr\n6teKhjSMX1B27AUJtTqSU1eEmErxbA+yEHCSEOW+8JNnLQZWDSI=\n=j1cH\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-4197"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "168136"
},
{
"db": "PACKETSTORM",
"id": "167072"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
},
{
"db": "PACKETSTORM",
"id": "169299"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-410862",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-4197",
"trust": 3.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167694",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167443",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168136",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167748",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167714",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167072",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167746",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168019",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166392",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167822",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167886",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167852",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1396",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2022-68560",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-410862",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167622",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169299",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "168136"
},
{
"db": "PACKETSTORM",
"id": "167072"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
},
{
"db": "PACKETSTORM",
"id": "169299"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"id": "VAR-202201-0496",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
}
],
"trust": 0.725
},
"last_update_date": "2024-11-29T21:19:08.749000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NTAP-20220602-0006 Oracle Oracle\u00a0Critical\u00a0Patch\u00a0Update",
"trust": 0.8,
"url": "https://www.broadcom.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5127"
},
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"trust": 1.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4197"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220602-0006/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.0,
"url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/t/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1353"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-4197"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-4203"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1011"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3752"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1679"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1419"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1652"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1734"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4202"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4157"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3669"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3744"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3773"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43976"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-44733"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4037"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-37159"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3772"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3669"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3764"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41864"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1011"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0322"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0286"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0001"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3759"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0002"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-42739"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4203"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1012"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3772"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1199"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1516"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1204"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28356"
},
{
"trust": 0.1,
"url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/t/"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5505-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3760"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39714"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0330"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3609"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1708"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21781"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3634"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43056"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29526"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3697"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-4788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5392"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29810"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21781"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-34169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1012"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-34169"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:6052"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32250"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-42739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3759"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4083"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37159"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4157"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41864"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-189.200"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1133.143"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5515-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1131.147"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1102.113"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1146.161"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1123.128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2380"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1137.148"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1115.123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24958"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1065.75"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1083.87"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1158"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1078.84"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.4.0-117.132"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-117.132~18.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23039"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1074.79~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1065.75~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1026.29~18.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1966"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1046.48~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1083.87~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1078.84"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1076.83"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1076.83~18.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21499"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1078.84~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-fde/5.4.0-1083.87+cvm1.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1026.29"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1074.79"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1068.72"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26966"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5467-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1046.48"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5500-1"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0812"
},
{
"trust": 0.1,
"url": "https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0494"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/linux"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "168136"
},
{
"db": "PACKETSTORM",
"id": "167072"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
},
{
"db": "PACKETSTORM",
"id": "169299"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-410862"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "168136"
},
{
"db": "PACKETSTORM",
"id": "167072"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
},
{
"db": "PACKETSTORM",
"id": "169299"
},
{
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-410862"
},
{
"date": "2023-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"date": "2022-07-07T13:08:49",
"db": "PACKETSTORM",
"id": "167714"
},
{
"date": "2022-06-29T20:27:02",
"db": "PACKETSTORM",
"id": "167622"
},
{
"date": "2022-08-23T14:06:31",
"db": "PACKETSTORM",
"id": "168136"
},
{
"date": "2022-05-11T16:37:26",
"db": "PACKETSTORM",
"id": "167072"
},
{
"date": "2022-07-14T14:32:30",
"db": "PACKETSTORM",
"id": "167748"
},
{
"date": "2022-06-08T15:58:59",
"db": "PACKETSTORM",
"id": "167443"
},
{
"date": "2022-07-04T14:32:13",
"db": "PACKETSTORM",
"id": "167694"
},
{
"date": "2022-07-28T19:12:00",
"db": "PACKETSTORM",
"id": "169299"
},
{
"date": "2022-03-23T20:15:10.200000",
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-410862"
},
{
"date": "2023-08-02T06:47:00",
"db": "JVNDB",
"id": "JVNDB-2021-019487"
},
{
"date": "2024-11-21T06:37:07.517000",
"db": "NVD",
"id": "CVE-2021-4197"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
}
],
"trust": 0.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux\u00a0Kernel\u00a0 Authentication vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "167714"
},
{
"db": "PACKETSTORM",
"id": "167748"
},
{
"db": "PACKETSTORM",
"id": "167443"
},
{
"db": "PACKETSTORM",
"id": "167694"
}
],
"trust": 0.4
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.