var-202206-1186
Vulnerability from variot
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2022:6983-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6983 Issue date: 2022-10-18 CVE Names: CVE-2021-45485 CVE-2021-45486 CVE-2022-2588 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
The following packages have been upgraded to a later upstream version: kernel (4.18.0).
Security Fix(es):
-
A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
-
Information leak in the IPv6 implementation (CVE-2021-45485)
-
Information leak in the IPv4 implementation (CVE-2021-45486)
-
Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
-
Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
-
Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
DR, Ignore modify TTL if ConnectX-5 doesn't support it (BZ#2075549)
-
execve exit tracepoint not called (BZ#2106663)
-
Unable to boot RHEL-8.6 on Brazos max. config (Install is success) (BZ#2107475)
-
"vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107490)
-
soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110773)
-
Allow substituting custom vmlinux.h for the build (BZ#2116407)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation 2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation 2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW) 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
- Package List:
Red Hat Enterprise Linux BaseOS EUS (v.8.4):
Source: kernel-4.18.0-305.65.1.el8_4.src.rpm
aarch64: bpftool-4.18.0-305.65.1.el8_4.aarch64.rpm bpftool-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-core-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-cross-headers-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-core-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-devel-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-modules-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-modules-extra-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-devel-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-headers-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-modules-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-modules-extra-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-tools-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-tools-libs-4.18.0-305.65.1.el8_4.aarch64.rpm perf-4.18.0-305.65.1.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm python3-perf-4.18.0-305.65.1.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-305.65.1.el8_4.noarch.rpm kernel-doc-4.18.0-305.65.1.el8_4.noarch.rpm
ppc64le: bpftool-4.18.0-305.65.1.el8_4.ppc64le.rpm bpftool-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-core-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-cross-headers-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-core-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-modules-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-modules-extra-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-headers-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-modules-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-modules-extra-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-tools-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-tools-libs-4.18.0-305.65.1.el8_4.ppc64le.rpm perf-4.18.0-305.65.1.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm python3-perf-4.18.0-305.65.1.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm
s390x: bpftool-4.18.0-305.65.1.el8_4.s390x.rpm bpftool-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm kernel-4.18.0-305.65.1.el8_4.s390x.rpm kernel-core-4.18.0-305.65.1.el8_4.s390x.rpm kernel-cross-headers-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-core-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-devel-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-modules-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debug-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-305.65.1.el8_4.s390x.rpm kernel-devel-4.18.0-305.65.1.el8_4.s390x.rpm kernel-headers-4.18.0-305.65.1.el8_4.s390x.rpm kernel-modules-4.18.0-305.65.1.el8_4.s390x.rpm kernel-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm kernel-tools-4.18.0-305.65.1.el8_4.s390x.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-core-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-devel-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-modules-4.18.0-305.65.1.el8_4.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm perf-4.18.0-305.65.1.el8_4.s390x.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm python3-perf-4.18.0-305.65.1.el8_4.s390x.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm
x86_64: bpftool-4.18.0-305.65.1.el8_4.x86_64.rpm bpftool-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-core-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-cross-headers-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-core-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-devel-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-modules-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-devel-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-headers-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-modules-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-modules-extra-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-tools-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-tools-libs-4.18.0-305.65.1.el8_4.x86_64.rpm perf-4.18.0-305.65.1.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm python3-perf-4.18.0-305.65.1.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.4):
aarch64: bpftool-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm kernel-tools-libs-devel-4.18.0-305.65.1.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm kernel-tools-libs-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.65.1.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-45485 https://access.redhat.com/security/cve/CVE-2021-45486 https://access.redhat.com/security/cve/CVE-2022-2588 https://access.redhat.com/security/cve/CVE-2022-21123 https://access.redhat.com/security/cve/CVE-2022-21125 https://access.redhat.com/security/cve/CVE-2022-21166 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY06+8tzjgjWX9erEAQgCtA//f0ySJLrYcFKpxldWHCr7HnGpfBaXh4g/ XLr++MsSvHZX02L5L5+lx2o3K0ZlnBdb9J3K3JykN6cApvHJw3lwy3fyBU3gWFz/ exkwTvF6CdPs9CpsXGdpmdVd9jKDNub08KGemS4LL7VSI75Enleoe2vGNOOhlbIA O8taEzIfq4m4BX8VZwuflAYjsOFkV1ax0iiL2vcmF7deXZDrGk0axHEaXJLmP9w/ tD+VnoKSV2eQnirVCblG94WqOce20EUF4+o3WAYjkcueWdY4gLRjTOKdLrzUF7EI aDvZyvcxtvIWq+0CgC0NBb9mbvQjsr7jdDT4MnERyePFlQNInKR5YKKbnS9Blw5p OM6o8/nxjKAOxDNe1ob9AaPOhu/nxKVVgEiq0pn603ZMZPGGtkP2QclCvPZ7NOyH J1G/89l2sbSK5d+d+Z7v2/CXimogCqaW9F2ysrkxYVIE8LDSCeqZttyHtOFI0yrm 3OJfJfLJFcz/8beY7hXWWGQ697IJNl8uymY7SdPk47ulec7FTSrax8F9DcI+bn1q qG4ekwG6BOycTH7epRRVCKwiRglhJwoO4zDZsEsjyTsAg0HUdo7MYsU3l4IGJeLO 26YmdgdRAagVGiEBdlH9dNwI5GjtOP3JhCy4qUErGNrRRV/otEbdQvLBSbQOUBLY n4FMroQf7Lo=5/cJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 7) - noarch, x86_64
Bug Fix(es):
-
The kernel-rt crashes where one task is indefinitely looping in __start_cfs_bandwidth() with the cfs_b->lock spinlock being held (BZ#2079976)
-
update to the latest RHEL7.9.z16 source tree (BZ#2100182)
-
Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.12 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/
Security fix:
- CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
Bug fixes:
-
Remove 1.9.1 from Proxy Patch Documentation (BZ# 2076856)
-
RHACM 2.3.12 images (BZ# 2101411)
-
Bugs fixed (https://bugzilla.redhat.com/):
2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation 2101411 - RHACM 2.3.12 images 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
Bug Fix(es):
-
sched/pelt: Fix attach_entity_load_avg() corner case (BZ#2105360)
-
RHEL9[fleetwood][P9]:kdump fails to capture vmcore when crash is triggered while running forkoff. (BZ#2109144)
-
ISST-LTE:[P10 Everest] [5.14.0-70.9.1.el9_0.ppc64le] HPT:RHEL9.0:ecolp95: lpar crashed at __list_del_entry_valid+0x90/0x100 and LPM failed (BZ#2112823)
-
[rhel9] livepatch panic: RIP: 0010:0xffffffffc0e070c4 seq_read_iter+0x124/0x4b0 (BZ#2122625)
-
System crashes due to list_add double add at iwl_mvm_mac_wake_tx_queue+0x71 (BZ#2123315)
-
[Dell EMC 9.0 BUG] Any process performing I/O doesn't fail on degraded LVM RAID and IO process hangs (BZ#2126215)
-
[HPEMC RHEL 9.0 REGRESSION] net, e810, ice: not enough device MSI-X vectors (BZ#2126491)
-
RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127874)
-
Enable check-kabi (BZ#2132372)
-
Add symbols to stablelist (BZ#2132373)
-
Update RHEL9.1 kabi tooling (BZ#2132380)
-
kABI: Prepare the MM subsystem for kABI lockdown (BZ#2133464)
-
[Dell Storage 9.1 BUG] NVME command hang during storage array node reboot (BZ#2133553)
-
WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134589)
-
crypto/testmgr.c should not list dh, ecdh-nist-p256, ecdh-nist-p384 as .fips_allowed = 1 (BZ#2136523)
-
FIPS self-tests for RSA pkcs7 signature verification (BZ#2136552)
-
[ovs-tc] Bad length in dpctl/dump-flows (BZ#2137354)
-
[RHEL9] s_pf0vf2: hw csum failure for mlx5 (BZ#2137355)
-
kernel memory leak while freeing nested actions (BZ#2137356)
-
ovs: backports from upstream (BZ#2137358)
-
kernel should conform to FIPS-140-3 requirements (both parts) (BZ#2139095)
-
[DELL EMC 9.0-RT BUG] System is not booting into RT Kernel with perc12. (BZ#2139214)
-
Fix panic in nbd/004 test (BZ#2139535)
-
Nested KVM is not working on RHEL 8.6 with hardware error 0x7 (BZ#2140141)
-
[RHEL9] Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142169)
-
9) - x86_64
-
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-23
https://security.gentoo.org/
Severity: High Title: Xen: Multiple Vulnerabilities Date: August 14, 2022 Bugs: #810341, #812485, #816882, #825354, #832039, #835401, #850802 ID: 202208-23
Synopsis
Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape).
Background
Xen is a bare-metal hypervisor.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.15.3 >= 4.15.3 2 app-emulation/xen-tools < 4.15.3 >= 4.15.3
Description
Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.15.3"
All Xen tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-tools-4.15.3"
References
[ 1 ] CVE-2021-28694 https://nvd.nist.gov/vuln/detail/CVE-2021-28694 [ 2 ] CVE-2021-28695 https://nvd.nist.gov/vuln/detail/CVE-2021-28695 [ 3 ] CVE-2021-28696 https://nvd.nist.gov/vuln/detail/CVE-2021-28696 [ 4 ] CVE-2021-28697 https://nvd.nist.gov/vuln/detail/CVE-2021-28697 [ 5 ] CVE-2021-28698 https://nvd.nist.gov/vuln/detail/CVE-2021-28698 [ 6 ] CVE-2021-28699 https://nvd.nist.gov/vuln/detail/CVE-2021-28699 [ 7 ] CVE-2021-28700 https://nvd.nist.gov/vuln/detail/CVE-2021-28700 [ 8 ] CVE-2021-28701 https://nvd.nist.gov/vuln/detail/CVE-2021-28701 [ 9 ] CVE-2021-28702 https://nvd.nist.gov/vuln/detail/CVE-2021-28702 [ 10 ] CVE-2021-28710 https://nvd.nist.gov/vuln/detail/CVE-2021-28710 [ 11 ] CVE-2022-21123 https://nvd.nist.gov/vuln/detail/CVE-2022-21123 [ 12 ] CVE-2022-21125 https://nvd.nist.gov/vuln/detail/CVE-2022-21125 [ 13 ] CVE-2022-21166 https://nvd.nist.gov/vuln/detail/CVE-2022-21166 [ 14 ] CVE-2022-23033 https://nvd.nist.gov/vuln/detail/CVE-2022-23033 [ 15 ] CVE-2022-23034 https://nvd.nist.gov/vuln/detail/CVE-2022-23034 [ 16 ] CVE-2022-23035 https://nvd.nist.gov/vuln/detail/CVE-2022-23035 [ 17 ] CVE-2022-26362 https://nvd.nist.gov/vuln/detail/CVE-2022-26362 [ 18 ] CVE-2022-26363 https://nvd.nist.gov/vuln/detail/CVE-2022-26363 [ 19 ] CVE-2022-26364 https://nvd.nist.gov/vuln/detail/CVE-2022-26364 [ 20 ] XSA-378 [ 21 ] XSA-379 [ 22 ] XSA-380 [ 23 ] XSA-382 [ 24 ] XSA-383 [ 25 ] XSA-384 [ 26 ] XSA-386 [ 27 ] XSA-390 [ 28 ] XSA-401 [ 29 ] XSA-402 [ 30 ] XSA-404
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-23
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . Bugs fixed (https://bugzilla.redhat.com/):
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
This advisory contains OpenShift Virtualization 4.9.7 images. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2094982 - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key 2130218 - 4.9.7 containers
5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esxi",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "sgx sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.17.100.3"
},
{
"model": "xen",
"scope": "eq",
"trust": 1.0,
"vendor": "xen",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "sgx sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.16.100.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "sgx dcap",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "1.14.100.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "sgx psw",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.17.100.3"
},
{
"model": "sgx psw",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.16.100.3"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "168426"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "170226"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168503"
},
{
"db": "PACKETSTORM",
"id": "169997"
}
],
"trust": 0.8
},
"cve": "CVE-2022-21125",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2022-21125",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-406836",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-21125",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-21125",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-406836",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html\n\n3. Solution:\n\nFor OpenShift Container Platform 4.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter\n2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2022:6983-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:6983\nIssue date: 2022-10-18\nCVE Names: CVE-2021-45485 CVE-2021-45486 CVE-2022-2588\n CVE-2022-21123 CVE-2022-21125 CVE-2022-21166\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8.4\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64\nRed Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nThe following packages have been upgraded to a later upstream version:\nkernel (4.18.0). \n\nSecurity Fix(es):\n\n* A use-after-free in cls_route filter implementation may lead to privilege\nescalation (CVE-2022-2588)\n\n* Information leak in the IPv6 implementation (CVE-2021-45485)\n\n* Information leak in the IPv4 implementation (CVE-2021-45486)\n\n* Incomplete cleanup of multi-core shared buffers (aka SBDR)\n(CVE-2022-21123)\n\n* Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n(CVE-2022-21125)\n\n* Incomplete cleanup in specific special register write operations (aka\nDRPW) (CVE-2022-21166)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* DR, Ignore modify TTL if ConnectX-5 doesn\u0027t support it (BZ#2075549)\n\n* execve exit tracepoint not called (BZ#2106663)\n\n* Unable to boot RHEL-8.6 on Brazos max. config (Install is success)\n(BZ#2107475)\n\n* \"vmcore failed, _exitcode:139\" error observed while capturing vmcore\nduring fadump after memory remove. incomplete vmcore is captured. \n(BZ#2107490)\n\n* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110773)\n\n* Allow substituting custom vmlinux.h for the build (BZ#2116407)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation\n2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation\n2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)\n2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)\n2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS EUS (v.8.4):\n\nSource:\nkernel-4.18.0-305.65.1.el8_4.src.rpm\n\naarch64:\nbpftool-4.18.0-305.65.1.el8_4.aarch64.rpm\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-core-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-cross-headers-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-core-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-devel-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-modules-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-modules-extra-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-devel-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-headers-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-modules-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-modules-extra-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-tools-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-tools-libs-4.18.0-305.65.1.el8_4.aarch64.rpm\nperf-4.18.0-305.65.1.el8_4.aarch64.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\npython3-perf-4.18.0-305.65.1.el8_4.aarch64.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\n\nnoarch:\nkernel-abi-stablelists-4.18.0-305.65.1.el8_4.noarch.rpm\nkernel-doc-4.18.0-305.65.1.el8_4.noarch.rpm\n\nppc64le:\nbpftool-4.18.0-305.65.1.el8_4.ppc64le.rpm\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-core-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-cross-headers-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-core-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-modules-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-modules-extra-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-headers-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-modules-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-modules-extra-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-tools-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-tools-libs-4.18.0-305.65.1.el8_4.ppc64le.rpm\nperf-4.18.0-305.65.1.el8_4.ppc64le.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\npython3-perf-4.18.0-305.65.1.el8_4.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\n\ns390x:\nbpftool-4.18.0-305.65.1.el8_4.s390x.rpm\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-core-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-cross-headers-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-core-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-devel-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-modules-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debug-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-debuginfo-common-s390x-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-devel-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-headers-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-modules-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-tools-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-core-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-devel-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-modules-4.18.0-305.65.1.el8_4.s390x.rpm\nkernel-zfcpdump-modules-extra-4.18.0-305.65.1.el8_4.s390x.rpm\nperf-4.18.0-305.65.1.el8_4.s390x.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\npython3-perf-4.18.0-305.65.1.el8_4.s390x.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.s390x.rpm\n\nx86_64:\nbpftool-4.18.0-305.65.1.el8_4.x86_64.rpm\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-core-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-cross-headers-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-core-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-devel-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-modules-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-modules-extra-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-devel-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-headers-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-modules-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-modules-extra-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-tools-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-tools-libs-4.18.0-305.65.1.el8_4.x86_64.rpm\nperf-4.18.0-305.65.1.el8_4.x86_64.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\npython3-perf-4.18.0-305.65.1.el8_4.x86_64.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\n\nRed Hat CodeReady Linux Builder EUS (v. 8.4):\n\naarch64:\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\nkernel-tools-libs-devel-4.18.0-305.65.1.el8_4.aarch64.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.aarch64.rpm\n\nppc64le:\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\nkernel-tools-libs-devel-4.18.0-305.65.1.el8_4.ppc64le.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\nkernel-tools-libs-devel-4.18.0-305.65.1.el8_4.x86_64.rpm\nperf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\npython3-perf-debuginfo-4.18.0-305.65.1.el8_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-45485\nhttps://access.redhat.com/security/cve/CVE-2021-45486\nhttps://access.redhat.com/security/cve/CVE-2022-2588\nhttps://access.redhat.com/security/cve/CVE-2022-21123\nhttps://access.redhat.com/security/cve/CVE-2022-21125\nhttps://access.redhat.com/security/cve/CVE-2022-21166\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY06+8tzjgjWX9erEAQgCtA//f0ySJLrYcFKpxldWHCr7HnGpfBaXh4g/\nXLr++MsSvHZX02L5L5+lx2o3K0ZlnBdb9J3K3JykN6cApvHJw3lwy3fyBU3gWFz/\nexkwTvF6CdPs9CpsXGdpmdVd9jKDNub08KGemS4LL7VSI75Enleoe2vGNOOhlbIA\nO8taEzIfq4m4BX8VZwuflAYjsOFkV1ax0iiL2vcmF7deXZDrGk0axHEaXJLmP9w/\ntD+VnoKSV2eQnirVCblG94WqOce20EUF4+o3WAYjkcueWdY4gLRjTOKdLrzUF7EI\naDvZyvcxtvIWq+0CgC0NBb9mbvQjsr7jdDT4MnERyePFlQNInKR5YKKbnS9Blw5p\nOM6o8/nxjKAOxDNe1ob9AaPOhu/nxKVVgEiq0pn603ZMZPGGtkP2QclCvPZ7NOyH\nJ1G/89l2sbSK5d+d+Z7v2/CXimogCqaW9F2ysrkxYVIE8LDSCeqZttyHtOFI0yrm\n3OJfJfLJFcz/8beY7hXWWGQ697IJNl8uymY7SdPk47ulec7FTSrax8F9DcI+bn1q\nqG4ekwG6BOycTH7epRRVCKwiRglhJwoO4zDZsEsjyTsAg0HUdo7MYsU3l4IGJeLO\n26YmdgdRAagVGiEBdlH9dNwI5GjtOP3JhCy4qUErGNrRRV/otEbdQvLBSbQOUBLY\nn4FMroQf7Lo=5/cJ\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* The kernel-rt crashes where one task is indefinitely looping in\n__start_cfs_bandwidth() with the cfs_b-\u003elock spinlock being held\n(BZ#2079976)\n\n* update to the latest RHEL7.9.z16 source tree (BZ#2100182)\n\n4. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.12 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity fix:\n\n* CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n\nBug fixes:\n\n* Remove 1.9.1 from Proxy Patch Documentation (BZ# 2076856)\n\n* RHACM 2.3.12 images (BZ# 2101411)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation\n2101411 - RHACM 2.3.12 images\n2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n\n5. \n\nBug Fix(es):\n\n* sched/pelt: Fix attach_entity_load_avg() corner case (BZ#2105360)\n\n* RHEL9[fleetwood][P9]:kdump fails to capture vmcore when crash is\ntriggered while running forkoff. (BZ#2109144)\n\n* ISST-LTE:[P10 Everest] [5.14.0-70.9.1.el9_0.ppc64le] HPT:RHEL9.0:ecolp95:\nlpar crashed at __list_del_entry_valid+0x90/0x100 and LPM failed\n(BZ#2112823)\n\n* [rhel9] livepatch panic: RIP: 0010:0xffffffffc0e070c4\nseq_read_iter+0x124/0x4b0 (BZ#2122625)\n\n* System crashes due to list_add double add at\niwl_mvm_mac_wake_tx_queue+0x71 (BZ#2123315)\n\n* [Dell EMC 9.0 BUG] Any process performing I/O doesn\u0027t fail on degraded\nLVM RAID and IO process hangs (BZ#2126215)\n\n* [HPEMC RHEL 9.0 REGRESSION] net, e810, ice: not enough device MSI-X\nvectors (BZ#2126491)\n\n* RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports\n(BZ#2127874)\n\n* Enable check-kabi (BZ#2132372)\n\n* Add symbols to stablelist (BZ#2132373)\n\n* Update RHEL9.1 kabi tooling (BZ#2132380)\n\n* kABI: Prepare the MM subsystem for kABI lockdown (BZ#2133464)\n\n* [Dell Storage 9.1 BUG] NVME command hang during storage array node reboot\n(BZ#2133553)\n\n* WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105\nex_handler_fprestore+0x3f/0x50 (BZ#2134589)\n\n* crypto/testmgr.c should not list dh, ecdh-nist-p256, ecdh-nist-p384 as\n.fips_allowed = 1 (BZ#2136523)\n\n* FIPS self-tests for RSA pkcs7 signature verification (BZ#2136552)\n\n* [ovs-tc] Bad length in dpctl/dump-flows (BZ#2137354)\n\n* [RHEL9] s_pf0vf2: hw csum failure for mlx5 (BZ#2137355)\n\n* kernel memory leak while freeing nested actions (BZ#2137356)\n\n* ovs: backports from upstream (BZ#2137358)\n\n* kernel should conform to FIPS-140-3 requirements (both parts)\n(BZ#2139095)\n\n* [DELL EMC 9.0-RT BUG] System is not booting into RT Kernel with perc12. \n(BZ#2139214)\n\n* Fix panic in nbd/004 test (BZ#2139535)\n\n* Nested KVM is not working on RHEL 8.6 with hardware error 0x7\n(BZ#2140141)\n\n* [RHEL9] Practically limit \"Dummy wait\" workaround to old Intel systems\n(BZ#2142169)\n\n4. 9) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-23\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Xen: Multiple Vulnerabilities\n Date: August 14, 2022\n Bugs: #810341, #812485, #816882, #825354, #832039, #835401, #850802\n ID: 202208-23\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in Xen, the worst of which\ncould result in remote code execution (guest sandbox escape). \n\nBackground\n=========\nXen is a bare-metal hypervisor. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/xen \u003c 4.15.3 \u003e= 4.15.3\n 2 app-emulation/xen-tools \u003c 4.15.3 \u003e= 4.15.3\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in Xen. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Xen users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.15.3\"\n\nAll Xen tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-tools-4.15.3\"\n\nReferences\n=========\n[ 1 ] CVE-2021-28694\n https://nvd.nist.gov/vuln/detail/CVE-2021-28694\n[ 2 ] CVE-2021-28695\n https://nvd.nist.gov/vuln/detail/CVE-2021-28695\n[ 3 ] CVE-2021-28696\n https://nvd.nist.gov/vuln/detail/CVE-2021-28696\n[ 4 ] CVE-2021-28697\n https://nvd.nist.gov/vuln/detail/CVE-2021-28697\n[ 5 ] CVE-2021-28698\n https://nvd.nist.gov/vuln/detail/CVE-2021-28698\n[ 6 ] CVE-2021-28699\n https://nvd.nist.gov/vuln/detail/CVE-2021-28699\n[ 7 ] CVE-2021-28700\n https://nvd.nist.gov/vuln/detail/CVE-2021-28700\n[ 8 ] CVE-2021-28701\n https://nvd.nist.gov/vuln/detail/CVE-2021-28701\n[ 9 ] CVE-2021-28702\n https://nvd.nist.gov/vuln/detail/CVE-2021-28702\n[ 10 ] CVE-2021-28710\n https://nvd.nist.gov/vuln/detail/CVE-2021-28710\n[ 11 ] CVE-2022-21123\n https://nvd.nist.gov/vuln/detail/CVE-2022-21123\n[ 12 ] CVE-2022-21125\n https://nvd.nist.gov/vuln/detail/CVE-2022-21125\n[ 13 ] CVE-2022-21166\n https://nvd.nist.gov/vuln/detail/CVE-2022-21166\n[ 14 ] CVE-2022-23033\n https://nvd.nist.gov/vuln/detail/CVE-2022-23033\n[ 15 ] CVE-2022-23034\n https://nvd.nist.gov/vuln/detail/CVE-2022-23034\n[ 16 ] CVE-2022-23035\n https://nvd.nist.gov/vuln/detail/CVE-2022-23035\n[ 17 ] CVE-2022-26362\n https://nvd.nist.gov/vuln/detail/CVE-2022-26362\n[ 18 ] CVE-2022-26363\n https://nvd.nist.gov/vuln/detail/CVE-2022-26363\n[ 19 ] CVE-2022-26364\n https://nvd.nist.gov/vuln/detail/CVE-2022-26364\n[ 20 ] XSA-378\n[ 21 ] XSA-379\n[ 22 ] XSA-380\n[ 23 ] XSA-382\n[ 24 ] XSA-383\n[ 25 ] XSA-384\n[ 26 ] XSA-386\n[ 27 ] XSA-390\n[ 28 ] XSA-401\n[ 29 ] XSA-402\n[ 30 ] XSA-404\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-23\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. Bugs fixed (https://bugzilla.redhat.com/):\n\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n5. \n\nThis advisory contains OpenShift Virtualization 4.9.7 images. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n2094982 - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key\n2130218 - 4.9.7 containers\n\n5",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21125"
},
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "PACKETSTORM",
"id": "168426"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "170226"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168076"
},
{
"db": "PACKETSTORM",
"id": "168503"
},
{
"db": "PACKETSTORM",
"id": "169997"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-21125",
"trust": 2.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/06/16/1",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "168018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168503",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168076",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "169997",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170226",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167785",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169688",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169695",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169941",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168461",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168694",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167862",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167692",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168355",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-406836",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168426",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169409",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169852",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "PACKETSTORM",
"id": "168426"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "170226"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168076"
},
{
"db": "PACKETSTORM",
"id": "168503"
},
{
"db": "PACKETSTORM",
"id": "169997"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"id": "VAR-202206-1186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:14:11.713000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-459",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"trust": 1.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2022-21123"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2022-21166"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2022-21125"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21166"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21123"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21125"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0391"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-20107"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-34903"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-20107"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0391"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-34903"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45486"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45485"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2588"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2588"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-32206"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-32208"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/6971358"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29900"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23825"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-26373"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29901"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2639"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23816"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6536"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6537"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5939"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26116"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26116"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25314"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27782"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27776"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-22576"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-40528"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25313"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26137"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27774"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1012"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-40528"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2526"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6271"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29824"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31129"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8973"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43945"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23825"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-43945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26373"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2959"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23816"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1280"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1353"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29581"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1679"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-36946"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1353"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24448"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26363"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28697"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28696"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26362"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28694"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28699"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28695"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28700"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28702"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32206"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32208"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6560"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-40674"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-40674"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-41974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8609"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3515"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-38177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-38178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38178"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "PACKETSTORM",
"id": "168426"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "170226"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168076"
},
{
"db": "PACKETSTORM",
"id": "168503"
},
{
"db": "PACKETSTORM",
"id": "169997"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "PACKETSTORM",
"id": "168426"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "170226"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168076"
},
{
"db": "PACKETSTORM",
"id": "168503"
},
{
"db": "PACKETSTORM",
"id": "169997"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-406836"
},
{
"date": "2022-09-20T13:59:11",
"db": "PACKETSTORM",
"id": "168426"
},
{
"date": "2022-10-18T22:30:43",
"db": "PACKETSTORM",
"id": "169409"
},
{
"date": "2022-08-10T15:50:10",
"db": "PACKETSTORM",
"id": "168018"
},
{
"date": "2022-09-01T16:30:25",
"db": "PACKETSTORM",
"id": "168213"
},
{
"date": "2022-12-14T15:49:10",
"db": "PACKETSTORM",
"id": "170226"
},
{
"date": "2022-11-15T16:41:36",
"db": "PACKETSTORM",
"id": "169852"
},
{
"date": "2022-08-15T16:03:21",
"db": "PACKETSTORM",
"id": "168076"
},
{
"date": "2022-09-26T15:37:32",
"db": "PACKETSTORM",
"id": "168503"
},
{
"date": "2022-11-23T15:18:44",
"db": "PACKETSTORM",
"id": "169997"
},
{
"date": "2022-06-15T20:15:17.547000",
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-406836"
},
{
"date": "2024-11-21T06:43:56.937000",
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "168076"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2022-6537-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "168426"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168076"
}
],
"trust": 0.2
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.