var-202203-0043
Vulnerability from variot
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Linux Kernel Has an initialization vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This update provides security fixes, bug fixes, and updates the container images. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.4.3 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/
Security updates:
-
golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
-
nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)
-
nanoid: Information disclosure via valueOf() function (CVE-2021-23566)
-
nodejs-shelljs: improper privilege management (CVE-2022-0144)
-
search-ui-container: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)
-
node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
-
follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
-
openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
-
imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path (CVE-2022-24778)
-
golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
-
opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)
Related bugs:
-
RHACM 2.4.3 image files (BZ #2057249)
-
Observability - dashboard name contains
/would cause error when generating dashboard cm (BZ #2032128) -
ACM application placement fails after renaming the application name (BZ
2033051)
-
Disable the obs metric collect should not impact the managed cluster upgrade (BZ #2039197)
-
Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard (BZ #2039820)
-
The value of name label changed from clusterclaim name to cluster name (BZ #2042223)
-
VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys (BZ
2048500)
-
clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI (BZ #2053211)
-
Application cluster status is not updated in UI after restoring (BZ
2053279)
-
OpenStack cluster creation is using deprecated floating IP config for 4.7+ (BZ #2056610)
-
The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift (BZ #2059039)
-
Subscriptions stop reconciling after channel secrets are recreated (BZ
2059954)
-
Placementrule is not reconciling on a new fresh environment (BZ #2074156)
-
The cluster claimed from clusterpool cannot auto imported (BZ #2074543)
-
Bugs fixed (https://bugzilla.redhat.com/):
2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion
2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic
2032128 - Observability - dashboard name contains / would cause error when generating dashboard cm
2033051 - ACM application placement fails after renaming the application name
2039197 - disable the obs metric collect should not impact the managed cluster upgrade
2039820 - Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard
2042223 - the value of name label changed from clusterclaim name to cluster name
2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management
2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor
2048500 - VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys
2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function
2052573 - CVE-2022-24450 nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
2053211 - clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI
2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak
2053279 - Application cluster status is not updated in UI after restoring
2056610 - OpenStack cluster creation is using deprecated floating IP config for 4.7+
2057249 - RHACM 2.4.3 images
2059039 - The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift
2059954 - Subscriptions stop reconciling after channel secrets are recreated
2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
2069368 - CVE-2022-24778 imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path
2074156 - Placementrule is not reconciling on a new fresh environment
2074543 - The cluster claimed from clusterpool can not auto imported
- See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/
Security updates:
-
nanoid: Information disclosure via valueOf() function (CVE-2021-23566)
-
nodejs-shelljs: improper privilege management (CVE-2022-0144)
-
follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)
-
node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
-
follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
Bug fix:
-
RHACM 2.3.8 images (Bugzilla #2062316)
-
Bugs fixed (https://bugzilla.redhat.com/):
2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2062316 - RHACM 2.3.8 images
- ========================================================================== Ubuntu Security Notice USN-5317-1 March 09, 2022
linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oem-5.14, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636)
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960)
Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847)
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001, CVE-2022-0002)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: linux-image-5.13.0-1016-kvm 5.13.0-1016.17 linux-image-5.13.0-1017-aws 5.13.0-1017.19 linux-image-5.13.0-1017-azure 5.13.0-1017.19 linux-image-5.13.0-1019-gcp 5.13.0-1019.23 linux-image-5.13.0-1020-raspi 5.13.0-1020.22 linux-image-5.13.0-1020-raspi-nolpae 5.13.0-1020.22 linux-image-5.13.0-1021-oracle 5.13.0-1021.26 linux-image-5.13.0-35-generic 5.13.0-35.40 linux-image-5.13.0-35-generic-64k 5.13.0-35.40 linux-image-5.13.0-35-generic-lpae 5.13.0-35.40 linux-image-5.13.0-35-lowlatency 5.13.0-35.40 linux-image-aws 5.13.0.1017.18 linux-image-azure 5.13.0.1017.17 linux-image-gcp 5.13.0.1019.17 linux-image-generic 5.13.0.35.44 linux-image-generic-64k 5.13.0.35.44 linux-image-generic-lpae 5.13.0.35.44 linux-image-gke 5.13.0.1019.17 linux-image-kvm 5.13.0.1016.16 linux-image-lowlatency 5.13.0.35.44 linux-image-oem-20.04 5.13.0.35.44 linux-image-oracle 5.13.0.1021.21 linux-image-raspi 5.13.0.1020.25 linux-image-raspi-nolpae 5.13.0.1020.25 linux-image-virtual 5.13.0.35.44
Ubuntu 20.04 LTS: linux-image-5.13.0-1017-aws 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1017-azure 5.13.0-1017.19~20.04.1 linux-image-5.13.0-1019-gcp 5.13.0-1019.23~20.04.1 linux-image-5.13.0-1021-oracle 5.13.0-1021.26~20.04.1 linux-image-5.13.0-35-generic 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-64k 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-generic-lpae 5.13.0-35.40~20.04.1 linux-image-5.13.0-35-lowlatency 5.13.0-35.40~20.04.1 linux-image-5.14.0-1027-oem 5.14.0-1027.30 linux-image-aws 5.13.0.1017.19~20.04.10 linux-image-azure 5.13.0.1017.19~20.04.7 linux-image-gcp 5.13.0.1019.23~20.04.1 linux-image-generic-64k-hwe-20.04 5.13.0.35.40~20.04.20 linux-image-generic-hwe-20.04 5.13.0.35.40~20.04.20 linux-image-generic-lpae-hwe-20.04 5.13.0.35.40~20.04.20 linux-image-lowlatency-hwe-20.04 5.13.0.35.40~20.04.20 linux-image-oem-20.04 5.14.0.1027.24 linux-image-oem-20.04b 5.14.0.1027.24 linux-image-oem-20.04c 5.14.0.1027.24 linux-image-oem-20.04d 5.14.0.1027.24 linux-image-oracle 5.13.0.1021.26~20.04.1 linux-image-virtual-hwe-20.04 5.13.0.35.40~20.04.20
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. 8.2) - x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
kernel-rt: update RT source tree to the latest RHEL-8.2.z16 Batch (BZ#2057698)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2022:0825-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0825 Issue date: 2022-03-10 CVE Names: CVE-2021-0920 CVE-2021-4154 CVE-2022-0330 CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 CVE-2022-0847 CVE-2022-22942 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2036888)
Security Fix(es):
-
kernel: improper initialization of the "flags" member of the new pipe_buffer (CVE-2022-0847)
-
kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
-
kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout (CVE-2021-4154)
-
kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
-
kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)
-
kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
-
kernel: missing check in ioctl allows kernel memory read/write (CVE-2022-0516)
-
kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Intel QAT Kernel power up fix (BZ#2016437)
-
RHEL8.4 seeing scsi_dma_map failed with mpt3sas driver and affecting performance (BZ#2018928)
-
[Lenovo 8.4 bug] audio_HDMI certification failed on RHEL 8.4GA (No hdmi out) (BZ#2027335)
-
[RHEL-8.5][4.18.0-323.el8.ppc64le][POWER8/9/10] security_flavor mode is not set back to zero post online migration (BZ#2027448)
-
iommu/amd: Fix unable to handle page fault due to AVIC (BZ#2030854)
-
[Lenovo 8.4 bug]The VGA display shows no signal (black screen) when install RHEL8.4(beta or rc1) in the legacy BIOS mode. (BZ#2034949)
-
Double free of kmalloc-64 cache struct ib_port->pkey_group from module ib_core . (BZ#2038724)
-
Bus error with huge pages enabled (BZ#2039015)
-
RHEL8 - kvm: floating interrupts may get stuck (BZ#2040769)
-
Data corruption on small files served by httpd, which is backed by cifs-mount (BZ#2041529)
-
Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042663)
-
Windows guest random Bsod when 'hv-tlbflush' enlightenment is enabled (BZ#2043237)
-
DNS lookup failures when run two times in a row (BZ#2043548)
-
net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043550)
-
Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel (BZ#2047427)
-
OCP node XFS metadata corruption after numerous reboots (BZ#2049292)
-
Broadcom bnxt_re: RDMA stats are not incrementing (BZ#2049684)
-
ice: bug fix series for 8.6 (BZ#2051951)
-
panic while looking up a symlink due to NULL i_op->get_link (BZ#2052558)
-
ceph omnibus backport for RHEL-8.6.0 (BZ#2053725)
-
SCTP peel-off with SELinux and containers in OCP (BZ#2054112)
-
Selinux is not allowing SCTP connection setup between inter pod communication in enforcing mode (BZ#2054117)
-
dnf fails with fsync() over local repository present on CIFS mount point (BZ#2055824)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation 2034514 - CVE-2021-4154 kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation 2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS 2050237 - CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation 2060795 - CVE-2022-0847 kernel: improper initialization of the "flags" member of the new pipe_buffer
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: kernel-4.18.0-348.20.1.el8_5.src.rpm
aarch64: bpftool-4.18.0-348.20.1.el8_5.aarch64.rpm bpftool-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-core-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-cross-headers-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-core-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-devel-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-modules-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-modules-extra-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-devel-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-headers-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-modules-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-modules-extra-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-tools-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-tools-libs-4.18.0-348.20.1.el8_5.aarch64.rpm perf-4.18.0-348.20.1.el8_5.aarch64.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm python3-perf-4.18.0-348.20.1.el8_5.aarch64.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-348.20.1.el8_5.noarch.rpm kernel-doc-4.18.0-348.20.1.el8_5.noarch.rpm
ppc64le: bpftool-4.18.0-348.20.1.el8_5.ppc64le.rpm bpftool-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-core-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-cross-headers-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-core-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-modules-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-modules-extra-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-headers-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-modules-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-modules-extra-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-tools-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-tools-libs-4.18.0-348.20.1.el8_5.ppc64le.rpm perf-4.18.0-348.20.1.el8_5.ppc64le.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm python3-perf-4.18.0-348.20.1.el8_5.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm
s390x: bpftool-4.18.0-348.20.1.el8_5.s390x.rpm bpftool-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm kernel-4.18.0-348.20.1.el8_5.s390x.rpm kernel-core-4.18.0-348.20.1.el8_5.s390x.rpm kernel-cross-headers-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-core-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-devel-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-modules-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debug-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-348.20.1.el8_5.s390x.rpm kernel-devel-4.18.0-348.20.1.el8_5.s390x.rpm kernel-headers-4.18.0-348.20.1.el8_5.s390x.rpm kernel-modules-4.18.0-348.20.1.el8_5.s390x.rpm kernel-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm kernel-tools-4.18.0-348.20.1.el8_5.s390x.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-core-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-devel-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-modules-4.18.0-348.20.1.el8_5.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm perf-4.18.0-348.20.1.el8_5.s390x.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm python3-perf-4.18.0-348.20.1.el8_5.s390x.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm
x86_64: bpftool-4.18.0-348.20.1.el8_5.x86_64.rpm bpftool-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-core-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-cross-headers-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-core-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-devel-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-modules-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-devel-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-headers-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-modules-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-modules-extra-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-tools-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-tools-libs-4.18.0-348.20.1.el8_5.x86_64.rpm perf-4.18.0-348.20.1.el8_5.x86_64.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm python3-perf-4.18.0-348.20.1.el8_5.x86_64.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: bpftool-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm kernel-tools-libs-devel-4.18.0-348.20.1.el8_5.aarch64.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm kernel-tools-libs-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.20.1.el8_5.x86_64.rpm perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm python3-perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-0920 https://access.redhat.com/security/cve/CVE-2021-4154 https://access.redhat.com/security/cve/CVE-2022-0330 https://access.redhat.com/security/cve/CVE-2022-0435 https://access.redhat.com/security/cve/CVE-2022-0492 https://access.redhat.com/security/cve/CVE-2022-0516 https://access.redhat.com/security/cve/CVE-2022-0847 https://access.redhat.com/security/cve/CVE-2022-22942 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2022-002
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYippdNzjgjWX9erEAQjVrg//WBuZgEcpFf/4YBR6yXjJpyzeNdP/33wU b+G6E6fGXrwoJkMNfLMMr+PmoK5QxZvX3GAqJFApn9SHXtk5M7IM68TCnTXZsXVF M0V2ktlHJwOABXBJEXHFjnq9QllGzRkV+xJPOLKJwRB2fKtNAgOiLTJ7MrJZJtNu WIt5IsPclPoTKrSChCL/b535XKh3hAUqD1eymuk05SqWv3mo2joLQbZpHbM0fQW3 pnvDPnE+HDM8lW8dPJTiw1K3nBRrwmuvyKxNpnGYoRN/8USNJrIGJP5gGjrI1/b8 IrV/OGeA2lk6lu48JmkAjrE/FZ+VeGn51fngrYYk6nfj8Ln8nklZjdLWQ8o+ImGD /CbWFlY3qw1Ml90mjyFyXhUWnz6rhquJvIZo2w3CeCR6/in4qN195aikaLmMAzZm 5ar+9AkUGd2YsSAzeYn+FuGKEVucYZZCYc0wntVYwAMDTL3WPSIx+0m4TO+7pEvi 9ZqnZ0Rn7iaAx6nEc1TQynzGbWBQr13k6h/2xhPhURDYnkULuxjJlWtIo8r+SdEH N8g66V55B16BkLXPRYg/DikuiF9+d2neszj8ZWvBKTnU2iSVaGCii7MQ5EdjkCdi 0xk52SLKdk2I+Q2fLa+DJh5RW3fnP1NULPuW7350UBgbCUX2QdHsLMK+UnYkkmyV /Hdqi2gHENg= =duKX -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for real time for nfv tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "sma1000",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "12.4.2-02044"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.102"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux for real time tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "enterprise linux for power little endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.15.25"
},
{
"model": "enterprise linux server for power little endian update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.15"
},
{
"model": "enterprise linux server for power little endian update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "ovirt-engine",
"scope": "eq",
"trust": 1.0,
"vendor": "ovirt",
"version": "4.4.10.2"
},
{
"model": "h300e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "virtualization host",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux for ibm z systems eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux for real time for nfv tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "h700e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for real time tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.16"
},
{
"model": "scalance lpe9403",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.16.11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.8"
},
{
"model": "enterprise linux for power little endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "codeready linux builder",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux for ibm z systems eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "h500e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server for power little endian update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "sma1000",
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "red hat enterprise linux eus",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "h300s",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "ovirt-engine",
"scope": null,
"trust": 0.8,
"vendor": "ovirt",
"version": null
},
{
"model": "red hat enterprise linux for ibm z systems - extended update support",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat enterprise linux for ibm z systems",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.8,
"vendor": "linux",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "scalance lpe9403",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "166812"
},
{
"db": "PACKETSTORM",
"id": "166516"
},
{
"db": "PACKETSTORM",
"id": "166305"
},
{
"db": "PACKETSTORM",
"id": "166280"
},
{
"db": "PACKETSTORM",
"id": "166282"
},
{
"db": "PACKETSTORM",
"id": "166281"
},
{
"db": "PACKETSTORM",
"id": "166272"
}
],
"trust": 0.7
},
"cve": "CVE-2022-0847",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-0847",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-0847",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-0847",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-0847",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-0847",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-522",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-0847",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Linux Kernel Has an initialization vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This update provides security fixes, bug\nfixes, and updates the container images. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.4.3 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity updates:\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* nats-server: misusing the \"dynamically provisioned sandbox accounts\"\nfeature authenticated user can obtain the privileges of the System account\n(CVE-2022-24450)\n\n* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)\n\n* nodejs-shelljs: improper privilege management (CVE-2022-0144)\n\n* search-ui-container: follow-redirects: Exposure of Private Personal\nInformation to an Unauthorized Actor (CVE-2022-0155)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor\n(CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization\nHeader leak (CVE-2022-0536)\n\n* openssl: Infinite loop in BN_mod_sqrt() reachable when parsing\ncertificates (CVE-2022-0778)\n\n* imgcrypt: Unauthorized access to encryted container image on a shared\nsystem due to missing check in CheckAuthorization() code path\n(CVE-2022-24778)\n\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\n* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)\n\nRelated bugs:\n\n* RHACM 2.4.3 image files (BZ #2057249)\n\n* Observability - dashboard name contains `/` would cause error when\ngenerating dashboard cm (BZ #2032128)\n\n* ACM application placement fails after renaming the application name (BZ\n#2033051)\n\n* Disable the obs metric collect should not impact the managed cluster\nupgrade (BZ #2039197)\n\n* Observability - cluster list should only contain OCP311 cluster on OCP311\ndashboard (BZ #2039820)\n\n* The value of name label changed from clusterclaim name to cluster name\n(BZ #2042223)\n\n* VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys (BZ\n#2048500)\n\n* clusterSelector matchLabels spec are cleared when changing app\nname/namespace during creating an app in UI (BZ #2053211)\n\n* Application cluster status is not updated in UI after restoring (BZ\n#2053279)\n\n* OpenStack cluster creation is using deprecated floating IP config for\n4.7+ (BZ #2056610)\n\n* The value of Vendor reported by cluster metrics was Other even if the\nvendor label in managedcluster was Openshift (BZ #2059039)\n\n* Subscriptions stop reconciling after channel secrets are recreated (BZ\n#2059954)\n\n* Placementrule is not reconciling on a new fresh environment (BZ #2074156)\n\n* The cluster claimed from clusterpool cannot auto imported (BZ #2074543)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion\n2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic\n2032128 - Observability - dashboard name contains `/` would cause error when generating dashboard cm\n2033051 - ACM application placement fails after renaming the application name\n2039197 - disable the obs metric collect should not impact the managed cluster upgrade\n2039820 - Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard\n2042223 - the value of name label changed from clusterclaim name to cluster name\n2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management\n2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2048500 - VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys\n2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function\n2052573 - CVE-2022-24450 nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account\n2053211 - clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2053279 - Application cluster status is not updated in UI after restoring\n2056610 - OpenStack cluster creation is using deprecated floating IP config for 4.7+\n2057249 - RHACM 2.4.3 images\n2059039 - The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift\n2059954 - Subscriptions stop reconciling after channel secrets are recreated\n2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates\n2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server\n2069368 - CVE-2022-24778 imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path\n2074156 - Placementrule is not reconciling on a new fresh environment\n2074543 - The cluster claimed from clusterpool can not auto imported\n\n5. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity updates:\n\n* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)\n\n* nodejs-shelljs: improper privilege management (CVE-2022-0144)\n\n* follow-redirects: Exposure of Private Personal Information to an\nUnauthorized Actor (CVE-2022-0155)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor\n(CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization\nHeader leak (CVE-2022-0536)\n\nBug fix:\n\n* RHACM 2.3.8 images (Bugzilla #2062316)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management\n2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2062316 - RHACM 2.3.8 images\n\n5. ==========================================================================\nUbuntu Security Notice USN-5317-1\nMarch 09, 2022\n\nlinux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13,\nlinux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oem-5.14,\nlinux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of\nservice or possibly execute arbitrary code. (CVE-2022-25636)\n\nEnrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano\nGiuffrida discovered that hardware mitigations added by ARM to their\nprocessors to address Spectre-BTI were insufficient. A local attacker could\npotentially use this to expose sensitive information. (CVE-2022-23960)\n\nMax Kellermann discovered that the Linux kernel incorrectly handled Unix\npipes. A local attacker could potentially use this to modify any file that\ncould be opened for reading. (CVE-2022-0847)\n\nEnrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano\nGiuffrida discovered that hardware mitigations added by Intel to their\nprocessors to address Spectre-BTI were insufficient. A local attacker could\npotentially use this to expose sensitive information. (CVE-2022-0001,\nCVE-2022-0002)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n linux-image-5.13.0-1016-kvm 5.13.0-1016.17\n linux-image-5.13.0-1017-aws 5.13.0-1017.19\n linux-image-5.13.0-1017-azure 5.13.0-1017.19\n linux-image-5.13.0-1019-gcp 5.13.0-1019.23\n linux-image-5.13.0-1020-raspi 5.13.0-1020.22\n linux-image-5.13.0-1020-raspi-nolpae 5.13.0-1020.22\n linux-image-5.13.0-1021-oracle 5.13.0-1021.26\n linux-image-5.13.0-35-generic 5.13.0-35.40\n linux-image-5.13.0-35-generic-64k 5.13.0-35.40\n linux-image-5.13.0-35-generic-lpae 5.13.0-35.40\n linux-image-5.13.0-35-lowlatency 5.13.0-35.40\n linux-image-aws 5.13.0.1017.18\n linux-image-azure 5.13.0.1017.17\n linux-image-gcp 5.13.0.1019.17\n linux-image-generic 5.13.0.35.44\n linux-image-generic-64k 5.13.0.35.44\n linux-image-generic-lpae 5.13.0.35.44\n linux-image-gke 5.13.0.1019.17\n linux-image-kvm 5.13.0.1016.16\n linux-image-lowlatency 5.13.0.35.44\n linux-image-oem-20.04 5.13.0.35.44\n linux-image-oracle 5.13.0.1021.21\n linux-image-raspi 5.13.0.1020.25\n linux-image-raspi-nolpae 5.13.0.1020.25\n linux-image-virtual 5.13.0.35.44\n\nUbuntu 20.04 LTS:\n linux-image-5.13.0-1017-aws 5.13.0-1017.19~20.04.1\n linux-image-5.13.0-1017-azure 5.13.0-1017.19~20.04.1\n linux-image-5.13.0-1019-gcp 5.13.0-1019.23~20.04.1\n linux-image-5.13.0-1021-oracle 5.13.0-1021.26~20.04.1\n linux-image-5.13.0-35-generic 5.13.0-35.40~20.04.1\n linux-image-5.13.0-35-generic-64k 5.13.0-35.40~20.04.1\n linux-image-5.13.0-35-generic-lpae 5.13.0-35.40~20.04.1\n linux-image-5.13.0-35-lowlatency 5.13.0-35.40~20.04.1\n linux-image-5.14.0-1027-oem 5.14.0-1027.30\n linux-image-aws 5.13.0.1017.19~20.04.10\n linux-image-azure 5.13.0.1017.19~20.04.7\n linux-image-gcp 5.13.0.1019.23~20.04.1\n linux-image-generic-64k-hwe-20.04 5.13.0.35.40~20.04.20\n linux-image-generic-hwe-20.04 5.13.0.35.40~20.04.20\n linux-image-generic-lpae-hwe-20.04 5.13.0.35.40~20.04.20\n linux-image-lowlatency-hwe-20.04 5.13.0.35.40~20.04.20\n linux-image-oem-20.04 5.14.0.1027.24\n linux-image-oem-20.04b 5.14.0.1027.24\n linux-image-oem-20.04c 5.14.0.1027.24\n linux-image-oem-20.04d 5.14.0.1027.24\n linux-image-oracle 5.13.0.1021.26~20.04.1\n linux-image-virtual-hwe-20.04 5.13.0.35.40~20.04.20\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. 8.2) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.2.z16 Batch\n(BZ#2057698)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2022:0825-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:0825\nIssue date: 2022-03-10\nCVE Names: CVE-2021-0920 CVE-2021-4154 CVE-2022-0330 \n CVE-2022-0435 CVE-2022-0492 CVE-2022-0516 \n CVE-2022-0847 CVE-2022-22942 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nThe following packages have been upgraded to a later upstream version:\nkernel (4.18.0). (BZ#2036888)\n\nSecurity Fix(es):\n\n* kernel: improper initialization of the \"flags\" member of the new\npipe_buffer (CVE-2022-0847)\n\n* kernel: Use After Free in unix_gc() which could result in a local\nprivilege escalation (CVE-2021-0920)\n\n* kernel: local privilege escalation by exploiting the fsconfig syscall\nparameter leads to container breakout (CVE-2021-4154)\n\n* kernel: possible privileges escalation due to missing TLB flush\n(CVE-2022-0330)\n\n* kernel: remote stack overflow via kernel panic on systems using TIPC may\nlead to DoS (CVE-2022-0435)\n\n* kernel: cgroups v1 release_agent feature may allow privilege escalation\n(CVE-2022-0492)\n\n* kernel: missing check in ioctl allows kernel memory read/write\n(CVE-2022-0516)\n\n* kernel: failing usercopy allows for use-after-free exploitation\n(CVE-2022-22942)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Intel QAT Kernel power up fix (BZ#2016437)\n\n* RHEL8.4 seeing scsi_dma_map failed with mpt3sas driver and affecting\nperformance (BZ#2018928)\n\n* [Lenovo 8.4 bug] audio_HDMI certification failed on RHEL 8.4GA (No hdmi\nout) (BZ#2027335)\n\n* [RHEL-8.5][4.18.0-323.el8.ppc64le][POWER8/9/10] security_flavor mode is\nnot set back to zero post online migration (BZ#2027448)\n\n* iommu/amd: Fix unable to handle page fault due to AVIC (BZ#2030854)\n\n* [Lenovo 8.4 bug]The VGA display shows no signal (black screen) when\ninstall RHEL8.4(beta or rc1) in the legacy BIOS mode. (BZ#2034949)\n\n* Double free of kmalloc-64 cache struct ib_port-\u003epkey_group from module\nib_core . (BZ#2038724)\n\n* Bus error with huge pages enabled (BZ#2039015)\n\n* RHEL8 - kvm: floating interrupts may get stuck (BZ#2040769)\n\n* Data corruption on small files served by httpd, which is backed by\ncifs-mount (BZ#2041529)\n\n* Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042663)\n\n* Windows guest random Bsod when \u0027hv-tlbflush\u0027 enlightenment is enabled\n(BZ#2043237)\n\n* DNS lookup failures when run two times in a row (BZ#2043548)\n\n* net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043550)\n\n* Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan\ntunnel (BZ#2047427)\n\n* OCP node XFS metadata corruption after numerous reboots (BZ#2049292)\n\n* Broadcom bnxt_re: RDMA stats are not incrementing (BZ#2049684)\n\n* ice: bug fix series for 8.6 (BZ#2051951)\n\n* panic while looking up a symlink due to NULL i_op-\u003eget_link (BZ#2052558)\n\n* ceph omnibus backport for RHEL-8.6.0 (BZ#2053725)\n\n* SCTP peel-off with SELinux and containers in OCP (BZ#2054112)\n\n* Selinux is not allowing SCTP connection setup between inter pod\ncommunication in enforcing mode (BZ#2054117)\n\n* dnf fails with fsync() over local repository present on CIFS mount point\n(BZ#2055824)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation\n2034514 - CVE-2021-4154 kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout\n2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush\n2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation\n2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS\n2050237 - CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write\n2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation\n2060795 - CVE-2022-0847 kernel: improper initialization of the \"flags\" member of the new pipe_buffer\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nkernel-4.18.0-348.20.1.el8_5.src.rpm\n\naarch64:\nbpftool-4.18.0-348.20.1.el8_5.aarch64.rpm\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-core-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-cross-headers-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-core-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-devel-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-modules-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-modules-extra-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-devel-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-headers-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-modules-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-modules-extra-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-tools-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-tools-libs-4.18.0-348.20.1.el8_5.aarch64.rpm\nperf-4.18.0-348.20.1.el8_5.aarch64.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\npython3-perf-4.18.0-348.20.1.el8_5.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\n\nnoarch:\nkernel-abi-stablelists-4.18.0-348.20.1.el8_5.noarch.rpm\nkernel-doc-4.18.0-348.20.1.el8_5.noarch.rpm\n\nppc64le:\nbpftool-4.18.0-348.20.1.el8_5.ppc64le.rpm\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-core-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-cross-headers-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-core-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-modules-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-modules-extra-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-headers-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-modules-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-modules-extra-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-tools-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-tools-libs-4.18.0-348.20.1.el8_5.ppc64le.rpm\nperf-4.18.0-348.20.1.el8_5.ppc64le.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\npython3-perf-4.18.0-348.20.1.el8_5.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\n\ns390x:\nbpftool-4.18.0-348.20.1.el8_5.s390x.rpm\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-core-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-cross-headers-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-core-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-devel-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-modules-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debug-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-debuginfo-common-s390x-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-devel-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-headers-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-modules-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-tools-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-core-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-devel-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-modules-4.18.0-348.20.1.el8_5.s390x.rpm\nkernel-zfcpdump-modules-extra-4.18.0-348.20.1.el8_5.s390x.rpm\nperf-4.18.0-348.20.1.el8_5.s390x.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\npython3-perf-4.18.0-348.20.1.el8_5.s390x.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.s390x.rpm\n\nx86_64:\nbpftool-4.18.0-348.20.1.el8_5.x86_64.rpm\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-core-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-cross-headers-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-core-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-devel-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-modules-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-modules-extra-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-devel-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-headers-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-modules-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-modules-extra-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-tools-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-tools-libs-4.18.0-348.20.1.el8_5.x86_64.rpm\nperf-4.18.0-348.20.1.el8_5.x86_64.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\npython3-perf-4.18.0-348.20.1.el8_5.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\nkernel-tools-libs-devel-4.18.0-348.20.1.el8_5.aarch64.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.aarch64.rpm\n\nppc64le:\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\nkernel-tools-libs-devel-4.18.0-348.20.1.el8_5.ppc64le.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\nkernel-tools-libs-devel-4.18.0-348.20.1.el8_5.x86_64.rpm\nperf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.20.1.el8_5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-0920\nhttps://access.redhat.com/security/cve/CVE-2021-4154\nhttps://access.redhat.com/security/cve/CVE-2022-0330\nhttps://access.redhat.com/security/cve/CVE-2022-0435\nhttps://access.redhat.com/security/cve/CVE-2022-0492\nhttps://access.redhat.com/security/cve/CVE-2022-0516\nhttps://access.redhat.com/security/cve/CVE-2022-0847\nhttps://access.redhat.com/security/cve/CVE-2022-22942\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2022-002\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYippdNzjgjWX9erEAQjVrg//WBuZgEcpFf/4YBR6yXjJpyzeNdP/33wU\nb+G6E6fGXrwoJkMNfLMMr+PmoK5QxZvX3GAqJFApn9SHXtk5M7IM68TCnTXZsXVF\nM0V2ktlHJwOABXBJEXHFjnq9QllGzRkV+xJPOLKJwRB2fKtNAgOiLTJ7MrJZJtNu\nWIt5IsPclPoTKrSChCL/b535XKh3hAUqD1eymuk05SqWv3mo2joLQbZpHbM0fQW3\npnvDPnE+HDM8lW8dPJTiw1K3nBRrwmuvyKxNpnGYoRN/8USNJrIGJP5gGjrI1/b8\nIrV/OGeA2lk6lu48JmkAjrE/FZ+VeGn51fngrYYk6nfj8Ln8nklZjdLWQ8o+ImGD\n/CbWFlY3qw1Ml90mjyFyXhUWnz6rhquJvIZo2w3CeCR6/in4qN195aikaLmMAzZm\n5ar+9AkUGd2YsSAzeYn+FuGKEVucYZZCYc0wntVYwAMDTL3WPSIx+0m4TO+7pEvi\n9ZqnZ0Rn7iaAx6nEc1TQynzGbWBQr13k6h/2xhPhURDYnkULuxjJlWtIo8r+SdEH\nN8g66V55B16BkLXPRYg/DikuiF9+d2neszj8ZWvBKTnU2iSVaGCii7MQ5EdjkCdi\n0xk52SLKdk2I+Q2fLa+DJh5RW3fnP1NULPuW7350UBgbCUX2QdHsLMK+UnYkkmyV\n/Hdqi2gHENg=\n=duKX\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-0847"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"db": "PACKETSTORM",
"id": "166812"
},
{
"db": "PACKETSTORM",
"id": "166516"
},
{
"db": "PACKETSTORM",
"id": "166241"
},
{
"db": "PACKETSTORM",
"id": "166305"
},
{
"db": "PACKETSTORM",
"id": "166280"
},
{
"db": "PACKETSTORM",
"id": "166282"
},
{
"db": "PACKETSTORM",
"id": "166281"
},
{
"db": "PACKETSTORM",
"id": "166272"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-0847",
"trust": 4.1
},
{
"db": "PACKETSTORM",
"id": "166230",
"trust": 2.4
},
{
"db": "PACKETSTORM",
"id": "166258",
"trust": 2.4
},
{
"db": "PACKETSTORM",
"id": "166229",
"trust": 2.4
},
{
"db": "SIEMENS",
"id": "SSA-222547",
"trust": 1.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-167-09",
"trust": 1.4
},
{
"db": "PACKETSTORM",
"id": "176534",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU99030761",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "166812",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166516",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166241",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166305",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166280",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166569",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032843",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031421",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022030808",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042576",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031308",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031036",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1027",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0965",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2981",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1677",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1405",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1064",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0944",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2022030042",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2022030060",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "50808",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-0847",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166281",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166272",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "PACKETSTORM",
"id": "166812"
},
{
"db": "PACKETSTORM",
"id": "166516"
},
{
"db": "PACKETSTORM",
"id": "166241"
},
{
"db": "PACKETSTORM",
"id": "166305"
},
{
"db": "PACKETSTORM",
"id": "166280"
},
{
"db": "PACKETSTORM",
"id": "166282"
},
{
"db": "PACKETSTORM",
"id": "166281"
},
{
"db": "PACKETSTORM",
"id": "166272"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"id": "VAR-202203-0043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26739928
},
"last_update_date": "2024-11-29T20:38:01.546000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bug\u00a02060795",
"trust": 0.8,
"url": "https://fedoraproject.org/"
},
{
"title": "Linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=184957"
},
{
"title": "Red Hat: Important: kernel-rt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20220822 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20220831 - Security Advisory"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-0847"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-0847"
},
{
"title": "Dirty-Pipe-Oneshot",
"trust": 0.1,
"url": "https://github.com/badboy-sft/Dirty-Pipe-Oneshot "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-665",
"trust": 1.0
},
{
"problemtype": "Improper initialization (CWE-665) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/166229/dirty-pipe-linux-privilege-escalation.html"
},
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/166258/dirty-pipe-local-privilege-escalation.html"
},
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/166230/dirty-pipe-suid-binary-hijack-privilege-escalation.html"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0847"
},
{
"trust": 1.6,
"url": "https://dirtypipe.cm4all.com/"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"
},
{
"trust": 1.6,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0015"
},
{
"trust": 1.6,
"url": "https://www.suse.com/support/kb/doc/?id=000020603"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060795"
},
{
"trust": 1.6,
"url": "https://security.netapp.com/advisory/ntap-20220325-0005/"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0847"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/176534/linux-4.20-ktls-read-only-write.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99030761/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-167-09"
},
{
"trust": 0.7,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0330"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-0330"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-22942"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022030060"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/50808"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022030042"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166305/red-hat-security-advisory-2022-0841-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031308"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166516/red-hat-security-advisory-2022-1083-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032843"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166241/ubuntu-security-notice-usn-5317-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1405"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031036"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166280/red-hat-security-advisory-2022-0822-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1027"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022030808"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1064"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-167-09"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042576"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166569/ubuntu-security-notice-usn-5362-1.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-0847/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166812/red-hat-security-advisory-2022-1476-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/linux-kernel-file-write-via-dirty-pipe-37724"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2022-05-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0944"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2981"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0965"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031421"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1677"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0920"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2021-0920"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-0492"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0492"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2022-002"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0435"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-0435"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4154"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-4154"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22942"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0516"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0413"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25236"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-31566"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22822"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22827"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0392"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22824"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23219"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3999"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23308"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0392"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0261"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3999"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31566"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45960"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-46143"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0361"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23177"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23852"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0261"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0155"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22826"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23566"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22825"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0318"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0359"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-46143"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0359"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0413"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22822"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45960"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0144"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0318"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23566"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22823"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0361"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25315"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23218"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-25235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0144"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4083"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0778"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0778"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0811"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27191"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1476"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24778"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-41190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24450"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22825"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1083"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22823"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22824"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.13/5.13.0-1021.26~20.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25636"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.13.0-1017.19"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0001"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.13/5.13.0-35.40~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.13.0-1017.19"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.13.0-35.40"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.13/5.13.0-1017.19~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.13/5.13.0-1019.23~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.13.0-1020.22"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.13/5.13.0-1017.19~20.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0002"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.13.0-1019.23"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5317-1"
},
{
"trust": 0.1,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/bhi"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.13.0-1021.26"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem-5.14/5.14.0-1027.30"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.13.0-1016.17"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24407"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24407"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0841"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0822"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0823"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0825"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "PACKETSTORM",
"id": "166812"
},
{
"db": "PACKETSTORM",
"id": "166516"
},
{
"db": "PACKETSTORM",
"id": "166241"
},
{
"db": "PACKETSTORM",
"id": "166305"
},
{
"db": "PACKETSTORM",
"id": "166280"
},
{
"db": "PACKETSTORM",
"id": "166282"
},
{
"db": "PACKETSTORM",
"id": "166281"
},
{
"db": "PACKETSTORM",
"id": "166272"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"db": "PACKETSTORM",
"id": "166812"
},
{
"db": "PACKETSTORM",
"id": "166516"
},
{
"db": "PACKETSTORM",
"id": "166241"
},
{
"db": "PACKETSTORM",
"id": "166305"
},
{
"db": "PACKETSTORM",
"id": "166280"
},
{
"db": "PACKETSTORM",
"id": "166282"
},
{
"db": "PACKETSTORM",
"id": "166281"
},
{
"db": "PACKETSTORM",
"id": "166272"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"date": "2023-07-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"date": "2022-04-21T15:12:25",
"db": "PACKETSTORM",
"id": "166812"
},
{
"date": "2022-03-29T15:53:19",
"db": "PACKETSTORM",
"id": "166516"
},
{
"date": "2022-03-09T15:15:52",
"db": "PACKETSTORM",
"id": "166241"
},
{
"date": "2022-03-14T18:59:34",
"db": "PACKETSTORM",
"id": "166305"
},
{
"date": "2022-03-11T16:38:56",
"db": "PACKETSTORM",
"id": "166280"
},
{
"date": "2022-03-11T16:39:27",
"db": "PACKETSTORM",
"id": "166282"
},
{
"date": "2022-03-11T16:39:13",
"db": "PACKETSTORM",
"id": "166281"
},
{
"date": "2022-03-11T16:33:46",
"db": "PACKETSTORM",
"id": "166272"
},
{
"date": "2022-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"date": "2022-03-10T17:44:57.283000",
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-01-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-0847"
},
{
"date": "2023-07-12T06:29:00",
"db": "JVNDB",
"id": "JVNDB-2022-007117"
},
{
"date": "2022-08-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-522"
},
{
"date": "2024-11-21T06:39:30.990000",
"db": "NVD",
"id": "CVE-2022-0847"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "166241"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux\u00a0Kernel\u00a0 Initialization vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007117"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-522"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.