var-202207-1358
Vulnerability from variot
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. Linux Kernel Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ========================================================================== Ubuntu Security Notice USN-5589-1 August 30, 2022
linux, linux-raspi vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061)
It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: linux-image-5.4.0-1069-raspi 5.4.0-1069.79 linux-image-5.4.0-125-generic 5.4.0-125.141 linux-image-5.4.0-125-generic-lpae 5.4.0-125.141 linux-image-5.4.0-125-lowlatency 5.4.0-125.141 linux-image-generic 5.4.0.125.126 linux-image-generic-lpae 5.4.0.125.126 linux-image-lowlatency 5.4.0.125.126 linux-image-oem 5.4.0.125.126 linux-image-oem-osp1 5.4.0.125.126 linux-image-raspi 5.4.0.1069.102 linux-image-raspi2 5.4.0.1069.102 linux-image-virtual 5.4.0.125.126
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2023:2736-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2736 Issue date: 2023-05-16 CVE Names: CVE-2021-26341 CVE-2021-33655 CVE-2021-33656 CVE-2022-1462 CVE-2022-1679 CVE-2022-1789 CVE-2022-2196 CVE-2022-2663 CVE-2022-3028 CVE-2022-3239 CVE-2022-3522 CVE-2022-3524 CVE-2022-3564 CVE-2022-3566 CVE-2022-3567 CVE-2022-3619 CVE-2022-3623 CVE-2022-3625 CVE-2022-3628 CVE-2022-3707 CVE-2022-4129 CVE-2022-20141 CVE-2022-25265 CVE-2022-30594 CVE-2022-39188 CVE-2022-39189 CVE-2022-41218 CVE-2022-41674 CVE-2022-42703 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 CVE-2022-43750 CVE-2022-47929 CVE-2023-0394 CVE-2023-0461 CVE-2023-1195 CVE-2023-1582 CVE-2023-23454 ==================================================================== 1. Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux NFV (v. 8) - x86_64 Red Hat Enterprise Linux RT (v. 8) - x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
-
use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
-
net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
-
hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
-
malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
-
when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)
-
possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
-
use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
-
KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
-
KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
-
netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
-
race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
-
media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
-
race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
-
memory leak in ipv6_renew_options() (CVE-2022-3524)
-
data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
-
data races around sk->sk_prot (CVE-2022-3567)
-
memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
-
denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
-
use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
-
USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
-
Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
-
l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
-
igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
-
Executable Space Protection Bypass (CVE-2022-25265)
-
Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)
-
unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
-
TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
-
Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
-
u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
-
use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
-
use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
-
BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
-
Denial of service in beacon protection for P2P-device (CVE-2022-42722)
-
memory corruption in usbmon driver (CVE-2022-43750)
-
NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
-
NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
-
use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
-
Soft lockup occurred during __page_mapcount (CVE-2023-1582)
-
slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2055499 - CVE-2022-25265 kernel: Executable Space Protection Bypass 2061703 - CVE-2021-26341 hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch 2078466 - CVE-2022-1462 kernel: possible race condition in drivers/tty/tty_buffers.c 2084125 - CVE-2022-1679 kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges 2085300 - CVE-2022-30594 kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option 2090723 - CVE-2022-1789 kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva 2108691 - CVE-2021-33655 kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory 2108696 - CVE-2021-33656 kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds 2114937 - CVE-2022-20141 kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets 2122228 - CVE-2022-3028 kernel: race condition in xfrm_probe_algs can lead to OOB read/write 2122960 - CVE-2022-41218 kernel: Report vmalloc UAF in dvb-core/dmxdev 2123056 - CVE-2022-2663 kernel: netfilter: nf_conntrack_irc message handling issue 2124788 - CVE-2022-39189 kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning 2127985 - CVE-2022-3239 kernel: media: em28xx: initialize refcount before kref_get 2130141 - CVE-2022-39188 kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry 2133483 - CVE-2022-42703 kernel: use-after-free related to leaf anon_vma double reuse 2134377 - CVE-2022-41674 kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans() 2134451 - CVE-2022-42720 kernel: use-after-free in bss_ref_get in net/wireless/scan.c 2134506 - CVE-2022-42721 kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c 2134517 - CVE-2022-42722 kernel: Denial of service in beacon protection for P2P-device 2134528 - CVE-2022-4129 kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference 2137979 - CVE-2022-3707 kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed 2143893 - CVE-2022-3566 kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt 2143943 - CVE-2022-3567 kernel: data races around sk->sk_prot 2144720 - CVE-2022-3625 kernel: use-after-free after failed devlink reload in devlink_param_get 2150947 - CVE-2022-3524 kernel: memory leak in ipv6_renew_options() 2150960 - CVE-2022-3628 kernel: USB-accessible buffer overflow in brcmfmac 2150979 - CVE-2022-3522 kernel: race condition in hugetlb_no_page() in mm/hugetlb.c 2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c 2151270 - CVE-2022-43750 kernel: memory corruption in usbmon driver 2154171 - CVE-2023-1195 kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c 2154235 - CVE-2022-3619 kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c 2160023 - CVE-2022-2196 kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks 2162120 - CVE-2023-0394 kernel: NULL pointer dereference in rawv6_push_pending_frames 2165721 - CVE-2022-3623 kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry 2168246 - CVE-2022-47929 kernel: NULL pointer dereference in traffic control subsystem 2168297 - CVE-2023-23454 kernel: slab-out-of-bounds read vulnerabilities in cbq_classify 2176192 - CVE-2023-0461 kernel: net/ulp: use-after-free in listening ULP sockets 2180936 - CVE-2023-1582 kernel: Soft lockup occurred during __page_mapcount
- Package List:
Red Hat Enterprise Linux NFV (v. 8):
Source: kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm
x86_64: kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
Red Hat Enterprise Linux RT (v. 8):
Source: kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm
x86_64: kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm kernel-rt-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-26341 https://access.redhat.com/security/cve/CVE-2021-33655 https://access.redhat.com/security/cve/CVE-2021-33656 https://access.redhat.com/security/cve/CVE-2022-1462 https://access.redhat.com/security/cve/CVE-2022-1679 https://access.redhat.com/security/cve/CVE-2022-1789 https://access.redhat.com/security/cve/CVE-2022-2196 https://access.redhat.com/security/cve/CVE-2022-2663 https://access.redhat.com/security/cve/CVE-2022-3028 https://access.redhat.com/security/cve/CVE-2022-3239 https://access.redhat.com/security/cve/CVE-2022-3522 https://access.redhat.com/security/cve/CVE-2022-3524 https://access.redhat.com/security/cve/CVE-2022-3564 https://access.redhat.com/security/cve/CVE-2022-3566 https://access.redhat.com/security/cve/CVE-2022-3567 https://access.redhat.com/security/cve/CVE-2022-3619 https://access.redhat.com/security/cve/CVE-2022-3623 https://access.redhat.com/security/cve/CVE-2022-3625 https://access.redhat.com/security/cve/CVE-2022-3628 https://access.redhat.com/security/cve/CVE-2022-3707 https://access.redhat.com/security/cve/CVE-2022-4129 https://access.redhat.com/security/cve/CVE-2022-20141 https://access.redhat.com/security/cve/CVE-2022-25265 https://access.redhat.com/security/cve/CVE-2022-30594 https://access.redhat.com/security/cve/CVE-2022-39188 https://access.redhat.com/security/cve/CVE-2022-39189 https://access.redhat.com/security/cve/CVE-2022-41218 https://access.redhat.com/security/cve/CVE-2022-41674 https://access.redhat.com/security/cve/CVE-2022-42703 https://access.redhat.com/security/cve/CVE-2022-42720 https://access.redhat.com/security/cve/CVE-2022-42721 https://access.redhat.com/security/cve/CVE-2022-42722 https://access.redhat.com/security/cve/CVE-2022-43750 https://access.redhat.com/security/cve/CVE-2022-47929 https://access.redhat.com/security/cve/CVE-2023-0394 https://access.redhat.com/security/cve/CVE-2023-0461 https://access.redhat.com/security/cve/CVE-2023-1195 https://access.redhat.com/security/cve/CVE-2023-1582 https://access.redhat.com/security/cve/CVE-2023-23454 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBZGNu2tzjgjWX9erEAQh93A/9F2L57OgQtbqD3gy1RyYVyiSnovPSukbF MXVqHkJHDfKqynLRrFqm8FztET3BNsDC+tTmyMSDHxiZo4IF2x0ldkbi1sJ9YTx/ RdnlHnIFcmv7ubu628ATv/LvhOwCzVVw52pAJHJFQPiPEa29hGDC8aBk/YQBigXH PqYyMMfeEocvsFkMjf22FZ4t2CN6ktUQh38goKgYbN/wqYhjwHsXtlYTw51SW5+v TXaLFtH7VrARlC2YtzTrQZ+mvnLdutapSZJudb9lPPDTEeQGXxaqnzjgjPEUYl3y wM480wj5NxB+taVlnZGJh1Uwy75sISoWL/b7wyQH8OHqOyZ3pY8dcYE2scbkDlPx 1hA8PqpwHSyp7nFpPBSfYXtgrAMeLSsYRVyptTLwgRr28L29mFnfjd4PE0oL+hZV igKd6NbyVWbJ0Z7JnI305ghqp/SMr6t5nX5TRWpgOysPbWQH+mwnlf+xa72hyaCb cgmeDa1s28jCZeIREQoW8uVk4HGKhyqr/EQ66VCXaXJhF8m7qXoVPMCpE7gr0GPA WQ5N5haLNJQiPKFfaucuVGIS9syifMHs9nTeFLfCBXjKca4xBi/pWysj+XntceLH y+SBHI/AQPzBbN+uMCezkfvndP+Rbo/dTgAUwlVe61wwNmZUBBSP1FwyJUoeH2AH pumjkxlxpLs=ytDn -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Bug Fix(es):
-
Simultaneous writes to a page on xfs can result in zero-byte data (BZ#2184103)
-
Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208286)
-
Low memory deadlock with md devices and external (imsm) metadata handling
-
- requires a kernfs notification backport (BZ#2208542)
-
Windows Server 2019 guest randomly pauses with "KVM: entry failed, hardware error 0x80000021" (BZ#2211663)
-
Marvell 8.7 Bug qedi shutdown handler hangs upon reboot (BZ#2215334)
-
aacraid misses interrupts when a CPU is disabled resulting in scsi timeouts and the adapter being unusable until reboot. (BZ#2216499)
-
rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9] (BZ#2216770)
-
OCS 4.8 cephfs kernel crash : mds_dispatch ceph_handle_snap unable to handle kernel NULL (BZ#2218273)
-
FJ8.6 Bug: System panic occurs because the list used by i40e driver is corrupted (BZ#2219262)
-
st_gmac tx-checksum offload on vlan is not consistent with st_gmac interface (BZ#2219908)
-
Regression of 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()") (BZ#2220811)
-
refcount_t overflow often happens in mem_cgroup_id_get_online() (BZ#2221011)
-
Scheduler update (rhel8.8) (BZ#2221304)
-
RHEL8.6 boot panic with message "kernel BUG at lib/list_debug.c:28!" (BZ#2222247)
-
Enable conntrack clash resolution for GRE (BZ#2223543)
-
Intel 8.8 BUG SPR perf: Workaround the UPI intel_uncore_has_discovery_tables issue on SPR MCC and LCC (BZ#2225514)
-
KVM: x86: fix sending PV IPI (BZ#2226580)
-
libceph: harden msgr2.1 frame segment length checks [8.x] (BZ#2227074)
Enhancement(s):
-
Mellanox 8.7 FEAT mlx5: It's possible to enable LRO when XDP is active (BZ#2165585)
-
Export symbol pci_find_host_bridge (BZ#2225335)
4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1358",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openeuler",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "20.03"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.127"
},
{
"model": "openeuler",
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "kernel",
"scope": null,
"trust": 0.8,
"vendor": "linux",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
}
],
"trust": 0.7
},
"cve": "CVE-2021-33656",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2021-33656",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-33656",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-33656",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-33656",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-1508",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. Linux Kernel Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ==========================================================================\nUbuntu Security Notice USN-5589-1\nAugust 30, 2022\n\nlinux, linux-raspi vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. A local attacker could possibly use this to cause a denial \nof service. (CVE-2021-33061)\n\nIt was discovered that the virtual terminal driver in the Linux kernel \ndid not properly handle VGA console font changes, leading to an \nout-of-bounds write. A local attacker could use this to cause a denial \nof service (system crash) or possibly execute arbitrary code. \n(CVE-2021-33656)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n linux-image-5.4.0-1069-raspi 5.4.0-1069.79\n linux-image-5.4.0-125-generic 5.4.0-125.141\n linux-image-5.4.0-125-generic-lpae 5.4.0-125.141\n linux-image-5.4.0-125-lowlatency 5.4.0-125.141\n linux-image-generic 5.4.0.125.126\n linux-image-generic-lpae 5.4.0.125.126\n linux-image-lowlatency 5.4.0.125.126\n linux-image-oem 5.4.0.125.126\n linux-image-oem-osp1 5.4.0.125.126\n linux-image-raspi 5.4.0.1069.102\n linux-image-raspi2 5.4.0.1069.102\n linux-image-virtual 5.4.0.125.126\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel-rt security and bug fix update\nAdvisory ID: RHSA-2023:2736-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:2736\nIssue date: 2023-05-16\nCVE Names: CVE-2021-26341 CVE-2021-33655 CVE-2021-33656\n CVE-2022-1462 CVE-2022-1679 CVE-2022-1789\n CVE-2022-2196 CVE-2022-2663 CVE-2022-3028\n CVE-2022-3239 CVE-2022-3522 CVE-2022-3524\n CVE-2022-3564 CVE-2022-3566 CVE-2022-3567\n CVE-2022-3619 CVE-2022-3623 CVE-2022-3625\n CVE-2022-3628 CVE-2022-3707 CVE-2022-4129\n CVE-2022-20141 CVE-2022-25265 CVE-2022-30594\n CVE-2022-39188 CVE-2022-39189 CVE-2022-41218\n CVE-2022-41674 CVE-2022-42703 CVE-2022-42720\n CVE-2022-42721 CVE-2022-42722 CVE-2022-43750\n CVE-2022-47929 CVE-2023-0394 CVE-2023-0461\n CVE-2023-1195 CVE-2023-1582 CVE-2023-23454\n====================================================================\n1. Summary:\n\nAn update for kernel-rt is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux NFV (v. 8) - x86_64\nRed Hat Enterprise Linux RT (v. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nSecurity Fix(es):\n\n* use-after-free caused by l2cap_reassemble_sdu() in\nnet/bluetooth/l2cap_core.c (CVE-2022-3564)\n\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n\n* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct\nbranch (CVE-2021-26341)\n\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory\n(CVE-2021-33655)\n\n* when setting font with malicious data by ioctl PIO_FONT, kernel will\nwrite memory out of bounds (CVE-2021-33656)\n\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n\n* use-after-free in ath9k_htc_probe_device() could cause an escalation of\nprivileges (CVE-2022-1679)\n\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to\nSpectre v2 attacks (CVE-2022-2196)\n\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n\n* race condition in xfrm_probe_algs can lead to OOB read/write\n(CVE-2022-3028)\n\n* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)\n\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c\n(CVE-2022-3619)\n\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte\nentry (CVE-2022-3623)\n\n* use-after-free after failed devlink reload in devlink_param_get\n(CVE-2022-3625)\n\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n\n* Double-free in split_2MB_gtt_entry when function\nintel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer\ndereference (CVE-2022-4129)\n\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet\nsockets (CVE-2022-20141)\n\n* Executable Space Protection Bypass (CVE-2022-25265)\n\n* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP\noption (CVE-2022-30594)\n\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to\nstale TLB entry (CVE-2022-39188)\n\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading\nto guest malfunctioning (CVE-2022-39189)\n\n* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)\n\n* u8 overflow problem in cfg80211_update_notlisted_nontrans()\n(CVE-2022-41674)\n\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c\n(CVE-2022-42721)\n\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n\n* memory corruption in usbmon driver (CVE-2022-43750)\n\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c\n(CVE-2023-1195)\n\n* Soft lockup occurred during __page_mapcount (CVE-2023-1582)\n\n* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.8 Release Notes linked from the References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2055499 - CVE-2022-25265 kernel: Executable Space Protection Bypass\n2061703 - CVE-2021-26341 hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch\n2078466 - CVE-2022-1462 kernel: possible race condition in drivers/tty/tty_buffers.c\n2084125 - CVE-2022-1679 kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges\n2085300 - CVE-2022-30594 kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option\n2090723 - CVE-2022-1789 kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva\n2108691 - CVE-2021-33655 kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory\n2108696 - CVE-2021-33656 kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds\n2114937 - CVE-2022-20141 kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets\n2122228 - CVE-2022-3028 kernel: race condition in xfrm_probe_algs can lead to OOB read/write\n2122960 - CVE-2022-41218 kernel: Report vmalloc UAF in dvb-core/dmxdev\n2123056 - CVE-2022-2663 kernel: netfilter: nf_conntrack_irc message handling issue\n2124788 - CVE-2022-39189 kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning\n2127985 - CVE-2022-3239 kernel: media: em28xx: initialize refcount before kref_get\n2130141 - CVE-2022-39188 kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry\n2133483 - CVE-2022-42703 kernel: use-after-free related to leaf anon_vma double reuse\n2134377 - CVE-2022-41674 kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans()\n2134451 - CVE-2022-42720 kernel: use-after-free in bss_ref_get in net/wireless/scan.c\n2134506 - CVE-2022-42721 kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c\n2134517 - CVE-2022-42722 kernel: Denial of service in beacon protection for P2P-device\n2134528 - CVE-2022-4129 kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference\n2137979 - CVE-2022-3707 kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed\n2143893 - CVE-2022-3566 kernel: data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt\n2143943 - CVE-2022-3567 kernel: data races around sk-\u003esk_prot\n2144720 - CVE-2022-3625 kernel: use-after-free after failed devlink reload in devlink_param_get\n2150947 - CVE-2022-3524 kernel: memory leak in ipv6_renew_options()\n2150960 - CVE-2022-3628 kernel: USB-accessible buffer overflow in brcmfmac\n2150979 - CVE-2022-3522 kernel: race condition in hugetlb_no_page() in mm/hugetlb.c\n2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c\n2151270 - CVE-2022-43750 kernel: memory corruption in usbmon driver\n2154171 - CVE-2023-1195 kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c\n2154235 - CVE-2022-3619 kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c\n2160023 - CVE-2022-2196 kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks\n2162120 - CVE-2023-0394 kernel: NULL pointer dereference in rawv6_push_pending_frames\n2165721 - CVE-2022-3623 kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry\n2168246 - CVE-2022-47929 kernel: NULL pointer dereference in traffic control subsystem\n2168297 - CVE-2023-23454 kernel: slab-out-of-bounds read vulnerabilities in cbq_classify\n2176192 - CVE-2023-0461 kernel: net/ulp: use-after-free in listening ULP sockets\n2180936 - CVE-2023-1582 kernel: Soft lockup occurred during __page_mapcount\n\n6. Package List:\n\nRed Hat Enterprise Linux NFV (v. 8):\n\nSource:\nkernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm\n\nx86_64:\nkernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\n\nRed Hat Enterprise Linux RT (v. 8):\n\nSource:\nkernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm\n\nx86_64:\nkernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debug-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\nkernel-rt-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-26341\nhttps://access.redhat.com/security/cve/CVE-2021-33655\nhttps://access.redhat.com/security/cve/CVE-2021-33656\nhttps://access.redhat.com/security/cve/CVE-2022-1462\nhttps://access.redhat.com/security/cve/CVE-2022-1679\nhttps://access.redhat.com/security/cve/CVE-2022-1789\nhttps://access.redhat.com/security/cve/CVE-2022-2196\nhttps://access.redhat.com/security/cve/CVE-2022-2663\nhttps://access.redhat.com/security/cve/CVE-2022-3028\nhttps://access.redhat.com/security/cve/CVE-2022-3239\nhttps://access.redhat.com/security/cve/CVE-2022-3522\nhttps://access.redhat.com/security/cve/CVE-2022-3524\nhttps://access.redhat.com/security/cve/CVE-2022-3564\nhttps://access.redhat.com/security/cve/CVE-2022-3566\nhttps://access.redhat.com/security/cve/CVE-2022-3567\nhttps://access.redhat.com/security/cve/CVE-2022-3619\nhttps://access.redhat.com/security/cve/CVE-2022-3623\nhttps://access.redhat.com/security/cve/CVE-2022-3625\nhttps://access.redhat.com/security/cve/CVE-2022-3628\nhttps://access.redhat.com/security/cve/CVE-2022-3707\nhttps://access.redhat.com/security/cve/CVE-2022-4129\nhttps://access.redhat.com/security/cve/CVE-2022-20141\nhttps://access.redhat.com/security/cve/CVE-2022-25265\nhttps://access.redhat.com/security/cve/CVE-2022-30594\nhttps://access.redhat.com/security/cve/CVE-2022-39188\nhttps://access.redhat.com/security/cve/CVE-2022-39189\nhttps://access.redhat.com/security/cve/CVE-2022-41218\nhttps://access.redhat.com/security/cve/CVE-2022-41674\nhttps://access.redhat.com/security/cve/CVE-2022-42703\nhttps://access.redhat.com/security/cve/CVE-2022-42720\nhttps://access.redhat.com/security/cve/CVE-2022-42721\nhttps://access.redhat.com/security/cve/CVE-2022-42722\nhttps://access.redhat.com/security/cve/CVE-2022-43750\nhttps://access.redhat.com/security/cve/CVE-2022-47929\nhttps://access.redhat.com/security/cve/CVE-2023-0394\nhttps://access.redhat.com/security/cve/CVE-2023-0461\nhttps://access.redhat.com/security/cve/CVE-2023-1195\nhttps://access.redhat.com/security/cve/CVE-2023-1582\nhttps://access.redhat.com/security/cve/CVE-2023-23454\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2023 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBZGNu2tzjgjWX9erEAQh93A/9F2L57OgQtbqD3gy1RyYVyiSnovPSukbF\nMXVqHkJHDfKqynLRrFqm8FztET3BNsDC+tTmyMSDHxiZo4IF2x0ldkbi1sJ9YTx/\nRdnlHnIFcmv7ubu628ATv/LvhOwCzVVw52pAJHJFQPiPEa29hGDC8aBk/YQBigXH\nPqYyMMfeEocvsFkMjf22FZ4t2CN6ktUQh38goKgYbN/wqYhjwHsXtlYTw51SW5+v\nTXaLFtH7VrARlC2YtzTrQZ+mvnLdutapSZJudb9lPPDTEeQGXxaqnzjgjPEUYl3y\nwM480wj5NxB+taVlnZGJh1Uwy75sISoWL/b7wyQH8OHqOyZ3pY8dcYE2scbkDlPx\n1hA8PqpwHSyp7nFpPBSfYXtgrAMeLSsYRVyptTLwgRr28L29mFnfjd4PE0oL+hZV\nigKd6NbyVWbJ0Z7JnI305ghqp/SMr6t5nX5TRWpgOysPbWQH+mwnlf+xa72hyaCb\ncgmeDa1s28jCZeIREQoW8uVk4HGKhyqr/EQ66VCXaXJhF8m7qXoVPMCpE7gr0GPA\nWQ5N5haLNJQiPKFfaucuVGIS9syifMHs9nTeFLfCBXjKca4xBi/pWysj+XntceLH\ny+SBHI/AQPzBbN+uMCezkfvndP+Rbo/dTgAUwlVe61wwNmZUBBSP1FwyJUoeH2AH\npumjkxlxpLs=ytDn\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nBug Fix(es):\n\n* Simultaneous writes to a page on xfs can result in zero-byte data\n(BZ#2184103)\n\n* Invalid character detected by rpminspect in\nDocumentation/translations/zh_CN/process/magic-number.rst (BZ#2208286)\n\n* Low memory deadlock with md devices and external (imsm) metadata handling\n- - requires a kernfs notification backport (BZ#2208542)\n\n* Windows Server 2019 guest randomly pauses with \"KVM: entry failed,\nhardware error 0x80000021\" (BZ#2211663)\n\n* Marvell 8.7 Bug qedi shutdown handler hangs upon reboot (BZ#2215334)\n\n* aacraid misses interrupts when a CPU is disabled resulting in scsi\ntimeouts and the adapter being unusable until reboot. (BZ#2216499)\n\n* rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9]\n(BZ#2216770)\n\n* OCS 4.8 cephfs kernel crash : mds_dispatch ceph_handle_snap unable to\nhandle kernel NULL (BZ#2218273)\n\n* FJ8.6 Bug: System panic occurs because the list used by i40e driver is\ncorrupted (BZ#2219262)\n\n* st_gmac tx-checksum offload on vlan is not consistent with st_gmac\ninterface (BZ#2219908)\n\n* Regression of 3b8cc6298724 (\"blk-cgroup: Optimize blkcg_rstat_flush()\")\n(BZ#2220811)\n\n* refcount_t overflow often happens in mem_cgroup_id_get_online()\n(BZ#2221011)\n\n* Scheduler update (rhel8.8) (BZ#2221304)\n\n* RHEL8.6 boot panic with message \"kernel BUG at lib/list_debug.c:28!\"\n(BZ#2222247)\n\n* Enable conntrack clash resolution for GRE (BZ#2223543)\n\n* Intel 8.8 BUG SPR perf: Workaround the UPI \nintel_uncore_has_discovery_tables issue on SPR MCC and LCC (BZ#2225514)\n\n* KVM: x86: fix sending PV IPI (BZ#2226580)\n\n* libceph: harden msgr2.1 frame segment length checks [8.x] (BZ#2227074)\n\nEnhancement(s):\n\n* Mellanox 8.7 FEAT mlx5: It\u0027s possible to enable LRO when XDP is active\n(BZ#2165585)\n\n* Export symbol pci_find_host_bridge (BZ#2225335)\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33656"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "VULHUB",
"id": "VHN-393734"
},
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
},
{
"db": "PACKETSTORM",
"id": "172336"
},
{
"db": "PACKETSTORM",
"id": "174369"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-33656",
"trust": 4.2
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/07/19/3",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "168253",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168203",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168335",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168238",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168264",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168177",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168221",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168589",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.4257",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4278",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4342",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4317",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4225",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3339",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4087",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4184",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4063",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3060",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4118",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "168251",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168236",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168261",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168237",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-393734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "172336",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174369",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-393734"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
},
{
"db": "PACKETSTORM",
"id": "172336"
},
{
"db": "PACKETSTORM",
"id": "174369"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"id": "VAR-202207-1358",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-393734"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T21:58:13.489000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "drop\u00a0old\u00a0FONT\u00a0ioctls",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
},
{
"title": "Linux kernel Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=207700"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-393734"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/3"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33656"
},
{
"trust": 1.6,
"url": "https://www.openeuler.org/en/security/cve/detail.html?id=cve-2021-33656\u0026packagename=kernel"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4317"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168335/ubuntu-security-notice-usn-5605-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3060"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168177/ubuntu-security-notice-usn-5580-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168238/ubuntu-security-notice-usn-5592-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168203/ubuntu-security-notice-usn-5589-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168589/ubuntu-security-notice-usn-5650-1.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-33656/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/linux-kernel-buffer-overflow-via-pio-font-38848"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168253/ubuntu-security-notice-usn-5595-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4063"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4184"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3339"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4087"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4342"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4257"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4278"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168221/ubuntu-security-notice-usn-5591-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4225"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168264/ubuntu-security-notice-usn-5597-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4118"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33061"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5591-1"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-33656"
},
{
"trust": 0.1,
"url": "https://www.openeuler.org/en/security/cve/detail.html?id=cve-2021-33656\u0026amp;packagename=kernel"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1069.79"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.4.0-125.141"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5589-1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5591-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1087.95~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1045.50"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1082.90"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1090.95"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1084.91"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1032.36"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1052.55"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1032.36~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1074.79"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1087.95"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5592-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1081.87"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1082.90~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1105.116"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5598-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1084.91~18.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5595-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1090.95~18.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5591-4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1140.151"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5605-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-fde/5.4.0-1090.95+cvm1.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3239"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:2736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25265"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-47929"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42703"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-4129"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3567"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-43750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20141"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3564"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3239"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25265"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26341"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3522"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1789"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39188"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-0461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42721"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-1195"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-1582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2663"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3623"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3707"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-20141"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42722"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3522"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33655"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3524"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1679"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-26341"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41674"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-0394"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2663"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33655"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-23454"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-35788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:4789"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-1637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-42896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1637"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42896"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-2002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-2124"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-28466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-35788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-3390"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-20593"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-1829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2124"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-393734"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
},
{
"db": "PACKETSTORM",
"id": "172336"
},
{
"db": "PACKETSTORM",
"id": "174369"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-393734"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
},
{
"db": "PACKETSTORM",
"id": "172336"
},
{
"db": "PACKETSTORM",
"id": "174369"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-393734"
},
{
"date": "2023-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"date": "2022-08-31T16:43:40",
"db": "PACKETSTORM",
"id": "168203"
},
{
"date": "2022-09-02T15:20:53",
"db": "PACKETSTORM",
"id": "168236"
},
{
"date": "2022-09-02T15:21:29",
"db": "PACKETSTORM",
"id": "168238"
},
{
"date": "2022-09-06T16:25:28",
"db": "PACKETSTORM",
"id": "168261"
},
{
"date": "2022-09-05T15:09:08",
"db": "PACKETSTORM",
"id": "168253"
},
{
"date": "2022-09-05T15:08:18",
"db": "PACKETSTORM",
"id": "168251"
},
{
"date": "2022-09-09T16:17:30",
"db": "PACKETSTORM",
"id": "168335"
},
{
"date": "2023-05-16T17:04:05",
"db": "PACKETSTORM",
"id": "172336"
},
{
"date": "2023-08-29T16:27:47",
"db": "PACKETSTORM",
"id": "174369"
},
{
"date": "2022-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"date": "2022-07-18T15:15:08.043000",
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-393734"
},
{
"date": "2023-09-28T03:25:00",
"db": "JVNDB",
"id": "JVNDB-2021-020211"
},
{
"date": "2023-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-1508"
},
{
"date": "2022-10-29T02:52:00.693000",
"db": "NVD",
"id": "CVE-2021-33656"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-1508"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux\u00a0Kernel\u00a0 Out-of-bounds write vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020211"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "168203"
},
{
"db": "PACKETSTORM",
"id": "168236"
},
{
"db": "PACKETSTORM",
"id": "168238"
},
{
"db": "PACKETSTORM",
"id": "168261"
},
{
"db": "PACKETSTORM",
"id": "168253"
},
{
"db": "PACKETSTORM",
"id": "168251"
},
{
"db": "PACKETSTORM",
"id": "168335"
}
],
"trust": 0.7
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.