AusCERT - Security Bulletins

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2357 Advisory (icsa-22-132-07) Siemens SICAM P850 and SICAM P855 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens SICAM P850 Siemens SICAM P855 Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-29883 CVE-2022-29882 CVE-2022-29881 CVE-2022-29880 CVE-2022-29879 CVE-2022-29878 CVE-2022-29877 CVE-2022-29876 CVE-2022-29874 CVE-2022-29873 CVE-2022-29872 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-07 Comment: CVSS (Max): 9.8 CVE-2022-29873 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-07) Siemens SICAM P850 and SICAM P855 Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 9.8 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Siemens o Equipment: Siemens SICAM P850 and SICAM P855 o Vulnerabilities: Improper Neutralization of Parameter/Argument Delimiters, Cleartext Transmission of Sensitive Information, Cross-site Scripting, Missing Authentication for Critical Function, Authentication Bypass by Capture-replay, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker management interface access, traffic capture, interface with the functionality of the device, control of the program counter, cause a denial-of-service condition, loss of device information, and allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SICAM P850 and SICAM P855, electrical variable measuring devices, are affected: o SICAM P850 7KG8500-0AA00-0AA0: All versions prior to v3.0 o SICAM P850 7KG8500-0AA00-2AA0: All versions prior to v3.0 o SICAM P850 7KG8500-0AA10-0AA0: All versions prior to v3.0 o SICAM P850 7KG8500-0AA10-2AA0: All versions prior to v3.0 o SICAM P850 7KG8500-0AA30-0AA0: All versions prior to v3.0 o SICAM P850 7KG8500-0AA30-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA01-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA01-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA02-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA02-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA11-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA11-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA12-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA12-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA31-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA31-2AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA32-0AA0: All versions prior to v3.0 o SICAM P850 7KG8501-0AA32-2AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA00-0AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA00-2AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA10-0AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA10-2AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA30-0AA0: All versions prior to v3.0 o SICAM P855 7KG8550-0AA30-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA01-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA01-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA02-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA02-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA11-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA11-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA12-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA12-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA31-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA31-2AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA32-0AA0: All versions prior to v3.0 o SICAM P855 7KG8551-0AA32-2AA0: All versions prior to v3.0 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF PARAMETER/ARGUMENT DELIMITERS CWE-141 The affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to cause a denial-of-service condition or to control the program counter and execute arbitrary code on the device. CVE-2022-29872 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/C:H/ I:H/A:H ). 3.2.2 IMPROPER NEUTRALIZATION OF PARAMETER/ARGUMENT DELIMITERS CWE-141 The affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to cause a denial-of-service condition or to control the program counter and execute arbitrary code on the device. CVE-2022-29873 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.3 CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319 The affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device. CVE-2022-29874 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:R/S:U/C:H/ I:H/A:H ). 3.2.4 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected cross-site scripting (XSS) attacks. CVE-2022-29876 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:R/S:C/C:L/ I:L/A:L ). 3.2.5 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the attacker achieves the role of authenticated administrator. CVE-2022-29877 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:L/ I:L/A:N ). 3.2.6 AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294 The affected devices use a limited range for challenges sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user and request the webpage repeatedly to wait for the same challenge to reappear for the correct response to be revealed. This could allow the attacker to access the management interface of the device. CVE-2022-29878 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:N/UI:R/S:U/C:H/ I:H/A:H ). 3.2.7 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The web-based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information. CVE-2022-29879 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/C:L/ I:N/A:N ). 3.2.8 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user who accesses the affected views. CVE-2022-29880 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:R/S:C/C:L/ I:L/A:L ). 3.2.9 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The web-based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details. CVE-2022-29881 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:L/ I:N/A:N ). 3.2.10 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this to store an XSS attack, which could (when a legitimate user accesses the error logs) perform arbitrary actions in the name of the user. CVE-2022-29882 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:R/S:C/C:L/ I:L/A:L ). 3.2.11 IMPROPER AUTHENTICATION CWE-287 The affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication. CVE-2022-29883 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/ I:L/A:N ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Michael Messner from Siemens Energy reported these vulnerabilities to Siemens. 4. MITIGATIONS Siemens has recommended the following: o Update SICAM P850 to Version 3.0 or later o Update SICAM P855 to Version 3.0 or later o Do not access links from untrusted sources while logged in to SICAM P850 or SICAM P855 devices As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals. For additional information, please refer to Siemens Security Advisory SSA-165073 CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2SkckNZI30y1K9AQiuxQ/+Mt8/VEX+IP1D51k9RE6thIqqWOx8GBls JxLEjsZPfiXhUnIpsctk4K7uSj/ZwA6/nvjaoOeLBhndKWyfzWkKOPrEbRhMTeeS gEdld/pjrXWtoxcDaN+i/AkM9yU0JSoKyUEJ8X41b+dx5vRaAfotK8LN9ZPDceZZ 4mMwqbQKbp/aGRGnmoHHzaV+9Z6qzp0i/WRmf6eGVzSc4OdGbVyMtHKlIQWyJ3/6 XSIiux5WnWQD+ojsyzeKJJvDoRITQII04hsKt3mvSelMfDmD3/+iwRydV+Q3+zHY q5FHb09aZFffiEkQzNV6Sxmyqh3mfpqiA72QiOJ8zexgGMr3JWhLI9VF5R4PAbCc D4QqzhK5s2qGBNEG0d7wouy7Cbc5ACL2HxPSuG3kV6rkrLFat+Ghb/TFFTd4I62x zY9Q1itGXIDuhgPh8yVsaEn12HGHpXGLtJJF3IrpsS0VAerPHaXGCH9FMnJQv392 lLvtpjVePOmYC3eIR//947V10kfc1rhM5mfiX5qfAoNvv15VtaWFCGzXPmXIE5Rf njt6u0Z9oz4Tf5S3vq2FWRNpswA3JN6KYHtuTaVdpKfpgFE4bSfQtIJWx7bryO5V h7YGOciDkIXsZMatPQWVEblZ9xLym39KSc9vgXJBX8FympztSTYmgkb2vV0aRxkI N9CMEia8EeY= =7PfK -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2356 Advisory (icsa-22-132-06) Siemens SIMATIC WinCC 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens SIMATIC WinCC Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-24287 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-06 Comment: CVSS (Max): 7.8 CVE-2022-24287 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-06) Siemens SIMATIC WinCC Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.8 o ATTENTION: Low attack complexity o Vendor: Siemens o Equipment: SIMATIC PCS, WinCC o Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow authenticated attackers to escape the kiosk mode. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: o SIMATIC PCS 7 v9.0: All versions o SIMATIC PCS 7 v9.1: All versions o SIMATIC WinCC Runtime Professional v16: All versions o SIMATIC WinCC Runtime Professional v17: All versions o SIMATIC WinCC v7.4: All versions o SIMATIC WinCC v7.5: All versions prior to 7.5 SP2 Update 8 3.2 VULNERABILITY OVERVIEW 3.2.1 INSECURE DEFAULT INITIALIZATION OF RESOURCE CWE-1188 An authenticated attacker could escape the WinCC kiosk mode by opening the printer dialog in the affected application if no printer is installed. CVE-2022-24287 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/ C:H/I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Siemens reported this vulnerability to CISA. 4. MITIGATIONS Siemens recommends updating their software to the latest version: o SIMATIC PCS 7 v9.0: No fix currently planned o SIMATIC PCS 7 v9.1: Update to v7.5 SP2 Update 8 or later (No fix currently available) o SIMATIC WinCC Runtime Professional v16: No fix currently planned o SIMATIC WinCC Runtime Professional v17: No fix currently planned o SIMATIC WinCC v7.4: No fix currently planned o SIMATIC WinCC v7.5: Update to v7.5 SP2 Update 8 or later Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk: o At least one default printer (but not a file-based printer, as e.g., PDF/ XPS printer) should be installed on the affected system o No file-based printer (e.g. PDF/XPS printers) should be installed on the affected system o Harden the application's host to prevent local access by untrusted personnel As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals. For additional information, please refer to Siemens Security Advisory SSA-363107 CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2R48kNZI30y1K9AQhulA//WjNI+DfEmMZubA45ar3AcHg/irgZFf/l hcembXN9cEDDtNRlq/4DTKlrjtPB5pl+dsB5t2dP2I/JRNqvSGWkCR4mCzr3sQoy DS7Xle0L0WlUzkXYNcgDAMO/CwNPOt1LD2iYfHAXEkZVmkP1gKM+x042Y75M8Omv aGSEVEplldwWAOlME/isUnstwro8aLRUbqEfMvC8pEjioWkp7C7yZNqbLweuxdmn qOaaV+C/18J6CYVY08Qual8lSUCX5s5CPEmUtoNvmgKj8VmOGoV6dUhXlCg90x4n +KgCsuraCAJAjJPGEIqwOK2YfRgy+eYa0b503dht6LibCjimcH4Mo4fIUvlpVC+q gF44wbtvG8NjhiPcrGVdG8rK+yNQwR9gp0JkrkESu367OmGF5IIfrl7XcwHsJTEM wBDRxHvES9kmV5EG42Dm1Ul4Psm1FA4TCNCTxNIUmnZdpB41UZUY6b8DN/OQzZ9J 9tYWWYgHTwMfVIKsqUsBi9GRyGZccPZh2xmRoucmyekpeWvrwLXkFkK7UMPr2+fA hTT9gA5bCsQlrVZtagSe1tbFIT1ozw94cjjCbFeTEDRS6m9SaiHmPBTVRYlT1wxs K1xs861bRd1/8Mhil08j47GvxvrtwQnpcP4vDfHN6PNyL9O6WH/akVjUVYPWviNJ Fu9nlcT/jZA= =8Z9/ -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2355 Advisory (icsa-22-132-05) Siemens Industrial PCs and CNC devices 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens Industrial PCs and CNC devices Publisher: ICS-CERT Operating System: Network Appliance Resolution: Mitigation CVE Names: CVE-2020-8745 CVE-2020-8698 CVE-2020-8694 CVE-2020-0590 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05 Comment: CVSS (Max): 7.8 CVE-2020-0590 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-05) Siemens Industrial PCs and CNC devices Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.8 o ATTENTION: Low attack complexity o Vendor: Siemens o Equipment: Industrial PCs and CNC devices o Vulnerabilities: Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an authenticated user to enable escalation of privilege via local access. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports these vulnerabilities affect the following Industrial PCs and CNC devices: o SIMATIC Drive Controller family: All versions prior to v05.00.01.00 o SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): All versions prior to v0209_0105 o SIMATIC Field PG M5: All BIOS versions prior to v22.01.08 o SIMATIC Field PG M6: All versions o SIMATIC IPC127E: All versions o SIMATIC IPC427E (incl. SIPLUS variants): All BIOS versions prior to v21.01.15 o SIMATIC IPC477E: All BIOS versions prior to v21.01.15 o SIMATIC IPC477E Pro: All BIOS versions prior to v21.01.15 o SIMATIC IPC527G: All BIOS versions prior to v1.4.0 o SIMATIC IPC527G: All BIOS versions prior to v1.4.0 o SIMATIC IPC547G: All versions prior to R1.30.0 o SIMATIC IPC627E: All BIOS versions prior to v25.02.08 o SIMATIC IPC647E: All BIOS versions prior to v25.02.08 o SIMATIC IPC677E: All BIOS versions prior to v25.02.08 o SIMATIC IPC847E: All BIOS versions prior to v25.02.08 o SIMATIC ITP1000: All BIOS versions prior to v23.01.08 o SINUMERIK 828D HW PU.4: All versions prior to v08.00.00.00 o SINUMERIK MC MCU 1720: All versions prior to v05.00.00.00 o SINUMERIK ONE / SINUMERIK 840D sl Handheld Terminal HT 10: All versions o SINUMERIK ONE NCU 1740: All versions prior to v04.00.00.00 o SINUMERIK ONE PPU 1740: All versions prior to v06.00.00.00 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER INPUT VALIDATION CWE-20 Improper input validation in BIOS firmware for some Intel processors may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-0590 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/ C:H/I:H/A:H ). 3.2.2 IMPROPER AUTHENTICATION CWE-287 Insufficient access control in the Linux kernel driver for some Intel processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8694 has been assigned to this vulnerability. A CVSS v3 base score of 5.6 has been calculated; the CVSS vector string is ( AV:L/AC:H/PR:L/UI:N/S:C/ C:H/I:N/A:N ). 3.2.3 IMPROPER ISOLATION OF SHARED RESOURCES ON SYSTEM-ON-A-CHIP CWE-1189 Improper isolation of shared resources in some Intel processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8698 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/ C:H/I:N/A:N ). 3.2.4 IMPROPER PRIVILEGE MANAGEMENT CWE-269 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-8745 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ( AV:P/AC:L/PR:N/UI:N/S:U/ C:H/I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Siemen reported these vulnerabilities to CISA. 4. MITIGATIONS Siemens has released updates for several affected products and is currently working on BIOS updates that include chipset microcode updates for further products. o SIMATIC Drive Controller family: Update BIOS to v05.00.01.00. The update can be obtained from a Siemens account manager o SIMATIC ET 200SP Open Controller CPU 1515SP PC2: Update BIOS to v0209_0105 or later versions o SIMATIC Field PG M5: Update BIOS to v22.01.08 o SIMATIC IPC127E: Update BIOS to v27.01.05 o SIMATIC IPC427E (incl. SIPLUS variants): Update BIOS to v21.01.15 o SIMATIC IPC477E: Update BIOS to v21.01.15 o SIMATIC IPC477E Pro: Update BIOS to v21.01.15 o SIMATIC IPC527G: Update BIOS to v1.4.0 o SIMATIC IPC547G: Update BIOS to R1.30.0 o SIMATIC IPC627E: Update BIOS to v25.02.08 o SIMATIC IPC647E: Update BIOS to v25.02.08 o SIMATIC IPC677E: Update BIOS to v25.02.08 o SIMATIC IPC847E: Update BIOS to v25.02.08 o SIMATIC ITP1000: Update BIOS to v23.01.08 o SINUMERIK 828D HW PU.4: Update BIOS to v08.00.00.00. SINUMERIK software can be obtained from a Siemens account manager o SINUMERIK MC MCU 1720: Update BIOS to v05.00.00.00. SINUMERIK software can be obtained from a Siemens account manager o SINUMERIK ONE NCU 1740: Update BIOS to v04.00.00.00. SINUMERIK software can be obtained from a Siemens account manager o SINUMERIK ONE PPU 1740: Update BIOS to v06.00.00.00. SINUMERIK software can be obtained from a Siemens account manager Siemens has identified the following specific workarounds and mitigations users can apply to reduce risk: o Siemens recommends limiting the possibilities to run untrusted code. o Siemens recommends applying the defense-in-depth concept to reduce the probability for untrusted code to run on the system. As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals. Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage . For more information see Siemens Security Advisory SSA-678983 CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2R28kNZI30y1K9AQjqCg//WekJACPZW/H6/Waswk58e9MleFHWGkzH t3/B2knXrwtbr4VckSsG0Y0u6aa17Hz32BXt/UnivbaAxvmD3J+vLP3+J+Xn3IZc z2yrRv6wD+1QK1iyzlVQh8teRDeWTisMKsK3/FLX3zf6KXgqmvsmc/b4lwdgk/DD xhg4xBTNQtH8YJKD1Hdzkpi/VfY1cxQ9yW/upOM6vQN7PFK8oNmoL4H4iZJL60Br jJtT9xEqkRRpLGzY0oMBq3wy+i+X5neEXUp70mG8eTYrZHIHyc0wcuavHqryfx8N a2juKoQ3McpZgRno9fyYJ6ZoOdXcxbNcjl2BlXhEhxjvdGv6ZCszj6S4BqyTHjCu LpPyZTY2lOQcoS3YE32lVAXzXTOKjwkaX8oMKRqT79WvQE+yp8KxIPOpf7UOQExK 5SWKXZa8OWsIxKyTp2nEk4iCHLQmkyLiNh+yJbNHpCisbh74vx6Y4mh01HpKwvRH qsL/22VFnII1X0mlvPRx7633t+ZkOlbcwweAVvQTmaj2Sv568PH0BOSOW8qF9HdW LmGUv3/LN+Ea/0/RmArFDO3v0RChQDfs1GqVWCleTt+y8BiwdD9MDVbkxuOntNkC uMKLTzfnNaXvxU+cLqR2CTDHET3j1C/rqJ4mtSzpDP9f+lR8JxoK6ShRRTva/jqm m1n0hJj+Aps= =lza8 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2354 Advisory (icsa-22-132-04) Cambium Networks cnMaestro 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cambium Networks cnMaestro Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-1362 CVE-2022-1361 CVE-2022-1360 CVE-2022-1359 CVE-2022-1358 CVE-2022-1357 CVE-2022-1356 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-04 Comment: CVSS (Max): 9.8 CVE-2022-1357 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-04) Cambium Networks cnMaestro Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 9.8 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Cambium Networks o Equipment: cnMaestro o Vulnerabilities: OS Command Injection, SQL Injection, Path Traversal, Use of Potentially Dangerous Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain remote code execution, sensitive data exfiltration, and complete takeover of the main multi-tenant cloud infrastructure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of cnMaestro, a Network management system, are affected: o cnMaestro On-Premises: All versions prior to 3.0.3-r32 o cnMaestro On-Premises: All versions prior to 2.4.2-r29 o cnMaestro On-Premises: All versions prior to 3.0.0-r34 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78 The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command. CVE-2022-1357 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.2 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89 The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database. CVE-2022-1358 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:H/UI:N/S:U/C:H/ I:H/A:N ). 3.2.3 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89 The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user's accounts and devices. CVE-2022-1361 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:N/UI:N/S:U/C:H/ I:H/A:N ). 3.2.4 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78 The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings. CVE-2022-1360 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:H/UI:N/S:C/C:L/ I:H/A:L ). 3.2.5 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78 The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server. CVE-2022-1362 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:R/S:U/C:N/ I:H/A:N ). 3.2.6 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an attacker to write any data to any file in the server. CVE-2022-1359 has been assigned to this vulnerability. A CVSS v3 base score of 5.7 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:R/S:U/C:N/ I:H/A:N ). 3.2.7 USE OF POTENTIALLY DANGEROUS FUNCTION CWE-676 The affected product is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands. CVE-2022-1356 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/C:N/ I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Information Technology o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: United States 3.4 RESEARCHER Noam Moshe of Claroty reported these vulnerabilities to CISA. 4. MITIGATIONS Cambium Networks recommends affected users apply one of the following upgrade packages: o 3.0.3-r32 o 2.4.2-r29 o 3.0.0-r34 The security patches are available from Cambium Networks support (login required). For users of cnMaestro Cloud, these vulnerabilities have been patched by Cambium Networks and no further action is required. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2R0skNZI30y1K9AQi/eA/+Nu88GJfnIBMAQh9rJJ9uNLbpBNP4L3yp WvrLFc33q23fabVGjJKixRXNI9LZgSDgUl+886wdK559jVs/oFnPvYaF3SQQO7+w eOAjhSWN7TnTCgHY/GtpcYuGI9VYGkoGhyWmiURDdjWSeQze3r2Uh8H+vEF80Y7X yGEUUC/15DwCHNrrPntNd0znuNRqHNbY53//7hfaSTg179WqSIhDIHwQNzHxxSKB Bh46ivSQCqk/LR6JIH8o6Aiyj3FF1YN9AKcOHTY6W5sqvgeKK33KhzdL+7JcR93K UzaTnNp86rvpRDBJy0TnDEQBkqU7tIVMXy6zc8b9eEj53s4CoGIx6Se228hkJIwA lyBGS8iLWmtoQxslbdG1iiNCoL6OL61bcuANuMbPEaBhDji+mTVXEanG7DylbISR atZ+gPUfaq5T4dOxHAZkfFU1wWfP0mxPEWn7tNdnUqhK6O/ermCngXhQCLQfIM0q U6DXwKqTAnRJYyyLkgb4AD8vPafYwQahRT1373gDz3/e7lWaZ78bQ1+/oDcGdwpN RS3Q2MGY3tG8Sfl1LqIuQX723atQQh0CknvRnqcLMNkmJSlzLqWT/8yOnnn5wTKw 88BnssyELXsEKacRVdi+zri0HiOSF/F4ZiQyTmpxFMgUrnZ5PjKDbm+CFU/vHnhK oo0o9dxAySE= =gNCe -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2353 Advisory (icsa-22-132-03) Inkscape in Industrial Products 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Inkscape in Industrial Products Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-42704 CVE-2021-42702 CVE-2021-42700 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-03 Comment: CVSS (Max): 7.8 CVE-2021-42704 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-03) Inkscape in Industrial Products Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.8 o ATTENTION: Low attack complexity o Vendor: Inkscape o Equipment: Inkscape, an open-source graphics editor o Vulnerabilities: Out-of-bounds Read, Access of Uninitialized Pointer, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthorized information disclosure and code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the Inkscape open-source graphics editor are affected: o Inkscape Version 0.91 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS READ CWE-125 The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. CVE-2021-42700 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:L/I:N/A:N ). 3.2.2 ACCESS OF UNINITIALIZED POINTER CWE-824 The affected product can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. CVE-2021-42702 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:L/I:N/A:N ). 3.2.3 OUT-OF-BOUNDS WRITE CWE-787 The affected product is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. CVE-2021-42704 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:H/I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Open-source 3.4 RESEARCHER Tran Van Khang - khangkito (VinCSS), working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to CISA. 4. MITIGATIONS Inkscape has fixed these vulnerabilities and recommends users update to Version Inkscape 1.0 or later . See the following links for more information and mitigations on products that use Inkscape: o Ecava IntegraXor CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2RzMkNZI30y1K9AQi0WBAAitrhuDM9wwefnGvLBQauh8YacQXXjH0g cAkVKMU2NffZFffOxm+GY3PF0DjHpKVU5Gti1rprh1X19rgdywSO/1IzAWBCZSbr Njzgtc0wojh8yW79NsXTPjEufIsq94+nBFFQBQLHyYhHSALsbksDPw3TsONRLssU cHc6jtscEhiCBOgzeayJG+tIeMHt1oMfJD3uIzNW84ubMG/Ukl7MBBGMW5TiN9AA 3bdlNFdQf8yfR6bfb76KHi8rGBn7dVllCexobr9Sv3ZZJGk83saFCoyCZ57DusiD 453d5fyLBPI07KAaIKRAlROwwDe27LO5GrZJ2TtLFulpw8KjCQgAxgityezylv2q SF5XOuo7cZ1heAOkIWiFH45vOmYqcBh+phgGtsS4r6dEJ37nhZ6N/+aOlxjeilb8 y15Wpis8Esgx76R5eahPIOXF8QHvrsoa84mXy5AwGjP2y/jdgZVjBCsvNX1HzvU8 zelq41WaM+juBfXwpKWxYtsxMmQ5ibmHuz/1ObHNFlxhPAKJbD23qaJHKEbvw4U3 DZoqgxmZ0ER5vD3iTPATLggzegjMFkIGfvPRU2tlBM0qLp0RdxKCROFdEDQ5sUyb YlAF0qsyJz5aQ5oT+mGBbjlQGmp1nzyXU03ZUfJV8QADNGUacOLV37d0nPODWSPG 6CnEYMF45O8= =jbz+ -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2352 Advisory (icsa-22-132-02) Mitsubishi Electric MELSOFT iQ AppPortal 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mitsubishi Electric MELSOFT iQ AppPortal Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-23943 CVE-2022-22720 CVE-2022-0778 CVE-2021-44790 CVE-2021-34798 CVE-2021-26691 CVE-2021-3711 CVE-2020-13938 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-02 Comment: CVSS (Max): 9.8 CVE-2022-23943 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-02) Mitsubishi Electric MELSOFT iQ AppPortal Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 9.8 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Mitsubishi Electric o Equipment: MELSOFT iQ AppPortal o Vulnerabilities: Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service condition, malicious program execution, information disclosure, information tampering, or authentication bypass. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MELSOFT iQ AppPortal versions using the vulnerable open-source software used by VisualSVN Server, are affected: o MELSOFT iQ AppPortal (SW1DND-IQAPL-M): Versions 1.00A through 1.26C 3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHORIZATION CWE-862 Apache HTTP Server Versions 2.4.0 to 2.4.46 allow unprivileged local users to stop httpd on Windows. CVE-2020-13938 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:L/UI:N/S:U/C:N/ I:N/A:H ). 3.2.2 OUT-OF-BOUNDS WRITE CWE-787 In Apache HTTP Server Versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. CVE-2021-26691 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.3 NULL POINTER DEREFERENCE CWE-476 Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server Versions 2.4.48 and earlier. CVE-2021-34798 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/ I:N/A:H ). 3.2.4 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120 An attacker who can present SM2 content for decryption to an application could cause data to overflow the buffer up to a maximum of 62 bytes, altering the contents of other data held after the buffer or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1 (Affected 1.1.1-1.1.1k). This issue is detailed further in CVE-2021-3711 . CVE-2021-3711 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.5 OUT-OF-BOUNDS WRITE CWE-787 A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for this vulnerability, though it might be possible to craft one. This issue affects Apache HTTP Server Versions 2.4.51 and earlier. CVE-2021-44790 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.6 INCONSISTENT INTERPRETATION OF HTTP REQUESTS ('HTTP REQUEST SMUGGLING') CWE-444 Apache HTTP Server Versions 2.4.52 and earlier fail to close inbound connections when errors are encountered discarding the request body, exposing the server to HTTP request smuggling. CVE-2022-22720 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.7 OUT-OF-BOUNDS WRITE CWE-787 An out-of-bounds write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 Versions 2.4.52 and earlier. CVE-2022-23943 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/ I:H/A:H ). 3.2.8 LOOP WITH UNREACHABLE EXIT CONDITION ('INFINITE LOOP') CWE-835 The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop for non-prime moduli. An attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue, which is further detailed in CVE-2022-0778, affects OpenSSL Versions 1.0.2, 1.1.1, and 3.0.xxx CVE-2022-0778 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:N/ I:N/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Japan 3.4 RESEARCHER Mitsubishi Electric notified CISA of these vulnerabilities. 4. MITIGATIONS Mitsubishi Electric recommends the following: o Update to 1.29F or later . Unzip the downloaded file (zip format) and execute the file "setup.exe." o Restrict network access to the computer running this product so it can be accessed only from trusted networks or hosts. o Minimize user privilege for product users. o Install an antivirus software in the personal computer that runs this product. o Please follow the safety precautions in the operating manual for the product. For more information see Mitsubishi Electric's advisory 2022-003 CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2RxckNZI30y1K9AQi8CBAAqUqs25nG50ePscL54RdGJ52VkGxCpn2Y v5+p4mbRSuL6sH6L2EaRfm33tco9gktzcRxtN1XGMODNLIuc2NWH6gqjbT4IY7vu gCkgQScKlJI0FpcAYVQnXwR06xixl9/PtETKno03atkDysb4w9g/2foQEhWH0LmY qudrCzqO7+ez6dfnb8WqaNIhlvRFoNtEvH2NlZMF35k4qprkittc8U8ZQn6kgyXI 0FkOGmAzX6OAkXSRM7OCx1cvNDotcnNpr7bRbix4sW69CI4GUkgW3OKm3CP+6PG1 HUtewOvJDGH/jBq+nxCw+ASkjy8CQItkpKtTla2rAEoy6U7MKoKMtB1V1C0BQuuM U9OaPxQCujfXyrsOl6AD3EeapZQLb0te82iZO6KXnyxHpWzRQB77/b8f/yT7Mxgq LeD1AoFcjV9AeABbqXdVYu/10teNMBTa3st3KucofKH9KGJecrk9OMhvnyHODoGL kaiWCYBla0AFVc1XpVEN8CQ0qmCZTmzAUN0Vnsc55OEMgjtsmaADwLhfkhUXV3TI lSWBUt0rjN5aGE0VTA9X2s7fSUpqRaiMguzajmenCk7dwUBCr1tPttECvRslSgH4 zbbKdOBKmZvvYIf+OHVT+oc1xp1kL5CH70iHLi3Vd20RKIz+YJg+Lc+CnXkB1xto v9IthHgJ8/k= =QUrM -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2351 waitress security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: waitress Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-24761 CVE-2019-16792 CVE-2019-16789 CVE-2019-16786 CVE-2019-16785 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html Comment: CVSS (Max): 8.2 CVE-2019-16789 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3000-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Stefano Rivera May 12, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : waitress Version : 1.0.1-1+deb9u1 CVE ID : CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2022-24761 Debian Bug : 1008013 Waitress is a Python WSGI server, an application server for Python web apps. Security updates to fix request smuggling bugs, when combined with another http proxy that interprets requests differently. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This can result in cache poisoning or unexpected information disclosure. CVE-2019-16785 Only recognise CRLF as a line-terminator, not a plain LF. Before this change waitress could see two requests where the front-end proxy only saw one. CVE-2019-16786 Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not "chunked" it would fall through and use the Content-Length header instead. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. CVE-2019-16789 Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. CVE-2019-16792 If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. CVE-2022-24761 There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: 1. The use of Python's int() to parse strings into integers, leading to +10 to be parsed as 10, or 0x01 to be parsed as 1, where as the standard specifies that the string should contain only digits or hex digits. 2. Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. For Debian 9 stretch, these problems have been fixed in version 1.0.1-1+deb9u1. We recommend that you upgrade your waitress packages. For the detailed security status of waitress please refer to its security tracker page at: https://security-tracker.debian.org/tracker/waitress Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYn1/tgAKCRBHew2wJjpU 2IFwAQDVDLPcMmO8nVczyfRKS9vc6Y7LpwU6Nv8LDRlqt9R5OgD7BEBxhqKTjwe1 GTBoU3rtNF/LQ/FVp++PSk08twlx5gY= =07f2 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2L2skNZI30y1K9AQhHaxAAu0RiDwuvl7gYWNxqG5MBd5SmzEbl20en XwF7ibWainN0Gg0y6uooBNHJwwH03vaPFQu2y92ZWaXlNlGxb0YKFgFCoqxF7OPO IZiktp5FBxk1Kg+6nbQ7Vu1j8SWfMF5aM2grLf/JanIBetjN232WOytAXQKmhdFn Bvl/UdUWPoLPm+zZAWl/N6GLOOINBwGh4vxVFbeLQxKT92GBrP/gJSKHdwVRC+a6 xWDfZ7PsoU/Z2PaJzchlVO6RFdM3yKTJC63aUX+tUN0CFqWAtBRMTHYf+o98o6b5 IzwxbaYRTLatGq7nX0Y6TTV/7yCCELLAJwKTgZfZjwlzNrjVGc5/l6RJt1NqNvQ3 vObvdAnVpIddWZk+NewYVuRtGoQI1Z9nqvXLnjcpdtHdRnyERPXD7q9iD0G3sLfh ccPlVj99ykNBhIEowDC6IbnIZV/gWzgDmaeM74XhWepLahhePtxYPYM/1Flo5Fjb rwDCXG/fWw6WBOh/aC+W/C/XU1LigWHj58WvCssAd0WLIGjo4uGUgAJRKWkFlx97 BtVy8MKyjHXy0UyZzBv/YxQshuXn3vRfk71GRo+3++F/56mgGPwSaG9omKkkNEYd p0wBvnscbdKvy3v0pKxfWsKFyhye8UNq7/DSAPF8+92PK6r58Bi64tuBoqObMLEF wciKezx3wjo= =XFQo -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2350 Advisory (icsa-22-132-09) Siemens JT2GO and Teamcenter Visualization 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens JT2GO and Teamcenter Visualization Publisher: ICS-CERT Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-29033 CVE-2022-29032 CVE-2022-29031 CVE-2022-29030 CVE-2022-29029 CVE-2022-29028 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-09 Comment: CVSS (Max): 7.8 CVE-2022-29033 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-09) Siemens JT2GO and Teamcenter Visualization Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.8 o ATTENTION: Low attack complexity o Vendor: Siemens o Equipment: JT2GO, Teamcenter Visualization o Vulnerabilities: Infinite Loop, Null Pointer Dereference, Integer Overflow to Buffer Overflow, Double Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to trick a user to open a malicious file (crafted as CGM, TIFF or TG4) with any of the affected products, which could lead the application to crash or to arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: o JT2GO: All versions prior to v13.3.0.3 o Teamcenter Visualization v13.3: All versions prior to v13.3.0.3 o Teamcenter Visualization v14.0: All versions prior to v14.0.0.1 3.2 VULNERABILITY OVERVIEW 3.2.1 LOOP WITH UNREACHABLE EXIT CONDITION ('INFINITE LOOP') CWE-835 The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application and cause a denial-of-service condition. CVE-2022-29028 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:N/I:N/A:L ). 3.2.2 NULL POINTER DEREFERENCE CWE-476 The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application and cause a denial-of-service condition. CVE-2022-29029 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:N/I:N/A:L ). 3.2.3 INTEGER OVERFLOW TO BUFFER OVERFLOW CWE-680 The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application and cause a denial-of-service condition. CVE-2022-29030 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:N/I:N/A:L ). 3.2.4 NULL POINTER DEREFERENCE CWE-476 The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. CVE-2022-29031 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:N/I:N/A:L ). 3.2.5 DOUBLE FREE CWE-415 The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2022-29032 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:H/I:H/A:H ). 3.2.6 ACCESS OF UNINITIALIZED POINTER CWE-824 The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2022-29033 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/ C:H/I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Jin Huang, of ADLab of Venustech, reported these vulnerabilities to CISA. 4. MITIGATIONS Siemens recommends updating its software to the latest version: o JT2GO: Update to v13.3.0.3 o Teamcenter Visualization v13.3: Update to v13.3.0.3 o Teamcenter Visualization v14.0: Update to v14.0.0.1 Siemens has identified the following workarounds and mitigations users can apply to reduce the risk: o Avoid opening untrusted files from unknown sources in affected products. As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals. For additional information, please refer to Siemens Security Advisory SSA-553086 CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2Lz8kNZI30y1K9AQgI5Q/+L1epPxVL+/TSce/nXtmH18YvxMKWJYEZ QHAWFOJa1TNiar7s3YOx1V2VAgU8KVPqF89YPZWib2m0GoYb75et7pVFpgu4smMM QGGtnjb4kbDzlHW+TJhrxmAfb2zarCeWohOGBFS+dFCWjQAghm4xFg4amVoo6Cpo pi30NOCLX4V/zvYSvQaVpuOt6Wl1QouWmzHHvUNvuEMNXZpGLD3t74raRFePUlXw L7uQ26itzAtJw7Mq2Nv/Fca3wjw5zn4XqDxz2jLi3kPCi+maZ4Fp5onzKX6JX5VS YcxVwxy8Cv+XCopnv/B1dVjJ82CPfG4z49R1RPkB1eoxhfoLNjmnePlL9yTRUCCc rpjRLReAFsKHlbDxRXHJ9BqAJqNG5mh8K6mITYqV4zlxOunJfXCiF2gilsfySQcO JFG9bIPl3n6BECQTqJzgfnRbEKu8O1c6K495V/VEG6D8l1UZKR9pXDU+V8+i7VdU /5xXRM6tGjHYxbg/ZWc+8Sd0qvnp8DGRQi6bRfsaJTmtZxnE9zMwHQ/HLD7NCYH8 FCo77eeCSqO6WyGoweVbUhA702umMgYqyTlgOPXw1BFmIYZuLEVOwYs78qHtWTtF HSKTi3avC1Y3nL4nCZWNgvhWKASKkadm5aOUsNQT6ziAAOyoJQhFmsTpCl9Y37Ea RU6VmBOWpm8= =41l5 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2349 Advisory (icsa-22-132-10) Siemens Desigo PXC and DXR Devices 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Siemens Desigo PXC and DXR Devices Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-24045 CVE-2022-24044 CVE-2022-24043 CVE-2022-24042 CVE-2022-24041 CVE-2022-24040 CVE-2022-24039 CVE-2021-41545 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-132-10 Comment: CVSS (Max): 9.0 CVE-2022-24039 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-132-10) Siemens Desigo PXC and DXR Devices Original release date: May 12, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 9.0 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Siemens o Equipment: PXC and DXR Devices o Vulnerabilities: Special Element Injection, Uncontrolled Resource Consumption, Use of Password Hash with Insufficient Computational Effort, Insufficient Session Expiration, Observable Discrepancy, Improper Restriction of Excessive Authentication Attempts, Sensitive Cookie in HTTPS Session Without 'Secure' Attribute, Uncaught Exception 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to potentially intercept unencrypted transmission of sensitive information, cause a denial-of-service condition, perform remote code execution, or disable and reset a device to factory state. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports this vulnerability affects the following Desigo DXR and PXC controllers: o Desigo DXR2: All versions prior to v01.21.142.5-22 o Desigo PXC3: All versions prior to v01.21.142.4-18 o Desigo PXC4: All versions prior to v02.20.142.10-10884 o Desigo PXC5: All versions prior to v02.20.142.10-10884 3.2 VULNERABILITY OVERVIEW 3.2.1 FAILURE TO SANITIZE SPECIAL ELEMENTS INTO A DIFFERENT PLANE (SPECIAL ELEMENT INJECTION) CWE-75 The "addCell" JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document as it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges could corrupt the content used to generate XLS reports to leverage the application to deliver malicious files against higher-privileged users and obtain remote code execution (RCE) against the administrator's workstation. CVE-2022-24039 has been assigned to this vulnerability. A CVSS v3 base score of 9.0 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:R/S:C/ C:H/I:H/A:H ). 3.2.2 UNCONTROLLED RESOURCE CONSUMPTION CWE-400 The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial-of-service condition through CPU consumption by setting a PBKDF2 derived key with a high-cost effort, followed by a login attempt to the modified account. CVE-2022-24040 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/ C:N/I:N/A:H ). 3.2.3 USE OF PASSWORD HASH WITH INSUFFICIENT COMPUTATIONAL EFFORT CWE-916 The web application stores the PBKDF2 derived key of user's passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users. CVE-2022-24041 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/ C:H/I:N/A:N ). 3.2.4 INSUFFICIENT SESSION EXPIRATION CWE-613 The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could capture this token and re-use old session credentials or session IDs for authorization. CVE-2022-24042 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/ C:H/I:N/A:N ). 3.2.5 OBSERVABLE DISCREPANCY CWE-203 The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames. A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames. CVE-2022-24043 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:L/I:N/A:N ). 3.2.6 IMPROPER RESTRICTION OF EXCESSIVE AUTHENTICATION ATTEMPTS CWE-307 The login functionality of the application does not employ countermeasures against password spraying attacks or credential stuffing attacks. An attacker could obtain a list of valid usernames on the device and use that list to perform a precise password spraying or credential stuffing attack to obtain access to at least one account. CVE-2022-24044 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:H/I:N/A:N ). 3.2.7 SENSITIVE COOKIE IN HTTPS SESSION WITHOUT 'SECURE' ATTRIBUTE CWE-614 Following a successful login, the application sets the session cookie on the browser via client-side JavaScript code without applying security attributes (such as "Secure" "HttpOnly" or "SameSite"). Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all session cookies in plaintext through the network. An attacker could then sniff the network and capture sensitive information. CVE-2022-24045 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/ C:H/I:N/A:N ). 3.2.8 UNCAUGHT EXCEPTION CWE-248 When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a "out of work" state and could result in the controller going into a "factory reset" state. CVE-2021-41545 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:N/I:N/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Andrea Palanca, of Nozomi Networks, reported these vulnerabilities to CISA. 4. MITIGATIONS Siemens recommends updating to the latest software version: o Desigo DXR2: Update to v01.21.142.5-22 or later o Desigo PXC3: Update to v01.21.142.4-18 or later o Desigo PXC4: Update to v02.20.142.10-10884 or later o Desigo PXC5: Update to v02.20.142.10-10884 or later Contact Siemens for update information. As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following the recommendations in the product manuals. For additional information, please refer to Siemens Security Advisory SSA-626968 For additional information, please refer to Siemens Security Advisory SSA-662649 CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics . Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2Lw8kNZI30y1K9AQjf2A//dTC5ZPCkNeiEJZ0xdeKGXFVaBeB7Be59 BwMfybv6R98BcAjfcyNGbayYPZL66b2cd5qbVtc9jiFXk+ILKn8V6G6xirohQcom 9FRSf4vshOFOP0Pd0wUpxSnRNTyZJHBUW2TBorVYYG4ChqoTOiqegYao4Z1UyJyo s/ZSiujIMGisTts2GZyBXxOrSjK9Uzz+vFDybnzNQsQ9MbAIiZ/VOve7jlRUZMqS DBe6R3qkaXa6tORWg+mpEVXiI2oj5Xc6GPOmAyqIEA+P/Pvt8vxtyid63Tiw5ApP dXkV+hjf69E1lk0SR1ZznR65nLSH08zgxahnjCklVEq9lQTP+D21x7A+v6ZgqpjM rTtwaTqdOnrZ9HYW9/IDccTQ7PKmIdJWzV3CIhJHGktPacAor371+MqnHzNESoPm a78zsAzhNHfxIpv8bfH22W4U18ANGUrXDt/uqN2d74bTy2MPdoSViwyA6MQ/VFfy 7G+1cfQJEaT7WC0ew/tlIm/4B3H0/btpGVF5b75BjE/AmDPeJzpGfSwyvtIS5G99 6JSQiTtbN8uhNt9WfNixR38meC4IOkenbMFgUkizrYpk68c4zT5rgKJdmlP9+S5E atwqqjeW38ow3Pck4/Z/RAT7CWZuWMry6Y5Io25UQokY57UJs/pltGbtBOmnlTJd vg6/0iuh0/s= =WTmk -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2348 postgresql-13 security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql-13 Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-1552 Original Bulletin: http://www.debian.org/security/2022/dsa-5136 Comment: CVSS (Max): 5.4 CVE-2022-1552 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5136-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : postgresql-13 CVE ID : CVE-2022-1552 Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/ For the stable distribution (bullseye), this problem has been fixed in version 13.7-0+deb11u1. We recommend that you upgrade your postgresql-13 packages. For the detailed security status of postgresql-13 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/postgresql-13 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJ9XzYACgkQEMKTtsN8 TjaXEg/6A20M1f3qUJjlvF179uLyZda0E64zTNWA85jUMS+8GHvztVr11hPbtanN 5W9TpO/gFZE9B9lYTmEXBUB7ttF2nf1+NIs5vpTrSOQZvZgFrWK7TT9BHk9p81fb vjsB8UqzpHQLbBlVJmaQ/uxyGb3Ds2DebwltuBC6X5+vqGshbYz6Ksg2Plvg3R2M eZzGqQpwY3wRquQ4zIETj2A/Xy9VF2DuJQLZlV3kknuJ5i71WfTEIRYF6URag2B4 MJU21uTKTZmit+uvBGgh4EwkcfQWLfyj4vaSyQt51qTl5nDr7TLP37hI3y5JEBH8 vJx06h7mdl2hS269N+7PIlbD3HEs/i38fKDnk4l2rqXi24ULoMoO1D2sbNpmVqxg PIb5OSfTQNDVqpLYcRfqs4kDp3rsR1iSr9lnRxAGCsQcNRFYzi8PNohbByUhtQLP mnUaaWBnvdPtse3pGwS0dtPL32EM8CyGaYwqiRUFsLmiqKV29YxAnZ14ka0JSAgs 4im6Wuk0bD3q5BN0XH9pCTOzjSPa8GkYD1fICmAz5ROMtt0CjQTvODfJN5IaFZd4 a6tZT236Pv0x4pIJChtK85J6PaIo/GudIF2xkg/BEigWqmsXqF1BFHEo+TPc5/n+ LYmnZug54ynqyo9ng4dy03kq1EA8dNLO1a0wbVod1wfdaRjOsY8= =HcUh - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LuMkNZI30y1K9AQhMXBAAuACWiIuC62nTTZU5Zp2/h+X50Cm5qHc+ DhFlYdZEelsmrc1i/Bkges16nBxInfvL3Cylzf+gHiJ2Uera7+t8I9JFKDrEs/TY noeLj1d0d6bJo02/DrdQUiz+u7eMCUzKYGKQFB0NgJURYNJrxL58dFJpmVXN4wOF c17sLDgBsEv+nmE9994NQTPmIqyYnenfvRzYj4b7APp7sFqM/VUiCgpdmdXdcytO 9IVy9bk6Jt4XpaYRPq7HSMi4aYLINTQrVwsP9iUss8vr6wBv3iZ88kQe40XMbgSW aOz83sPc+IFfO/dl+zOOidyhAGY1H0pBnEy3ApclNeDz/tMjbsSAE3TPVD2Sn5zD JEYyueyn08U/nZbB2JjydTRs8pj7QouapuClNjT9KZda4i9qJF4Lvl1y25Gw5/zk o1NsqAwTZS9pENHAyUuSyesSgmrnwbBgl1KMUW3jl3BlL2l5xbHgSkBSi9sCRhxn 9dlIPGex/M/xxXz4sLXDz4y2SAykVymF7sd7TNZIFV9Ybmu4Rn8cWi3C7LL7n7zs 9z9ULpuGJt3UyZyeNBkT8BPfw/QKsgx6JBLuw9gGYWQLfslpM4xvuTWSflt7Agtf /KH3W0pOLkorgh1dSJjkZxTVPlYT2kgNVNi597BbFFze0bMzsSKrA8uhXzAtJVwh S5gcDMRnOJ4= =uIMn -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2347 postgresql-11 security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql-11 Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-1552 Original Bulletin: http://www.debian.org/security/2022/dsa-5135 Comment: CVSS (Max): 5.4 CVE-2022-1552 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5135-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : postgresql-11 CVE ID : CVE-2022-1552 Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/ For the oldstable distribution (buster), this problem has been fixed in version 11.16-0+deb10u1. We recommend that you upgrade your postgresql-11 packages. For the detailed security status of postgresql-11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/postgresql-11 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJ9XysACgkQEMKTtsN8 TjaHVBAAj18AwRwQOHa0Yym85RlQWTcQVWD7oZIUGP/SSSaBf4fpDJXAK8zQpf6s HjyEnYUJsuUPJo+QkltV0d43RN/KFWivFJOKpdr6RaVDL2n/B6wpKFo4BpBDby/6 4YBdYdOVTqfv9pNF6SbjTQWF2MVpsYX3PP0fJb3TGzHsdeNeE3+4Wk76gSBehVeR Peq9AnL9FpwuLra3Hu6Gy5iPmVbkFZUkkeVE1SqwmX97xPxinm+v0b/xLhClM3du 4pX/BDsKp8ze87cYyFLfryWg6IBjpj9Nu/hIadl4jNdq4iGbHwmZFZ62sHeln/qQ taLZzgmf8/Bni5I5+LpNMJdVWOTk0amWUXA/sgBnjwGuWynV5mKUAUDBDeJfIyaY fg4+9lGOG3etaaA+VDEBg7wW8TwdoGfuOaM6eLgWc7qLudJoZrVSDHGaEa42Xcsr F+/pI5cia7jieKQmZsk2tbBN4hjTmisgqX2wD+wsTzXeZBbmaDOPYVyRBKgUU6w8 SP5bY6Mct7qu3ICafPv//clftsVhqWCHaZScl64wC8zujpT+HHHWPLntlttnB++s wvLpV1EPrVaBgHABKN/84Xchy4L1XFoUgVdPJCSKy6TDwnmneeiFRnphT/l0Ab1E JOp78KkMq3Qmk0KhpHSi+tbt3PqAOBjidAYztnhku7dgqE/v6q0= =WmUR - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LrckNZI30y1K9AQhTAhAAqDQupA7zfnPa6tgZ77ua98T+E6hyct8b fX4932XpZwW8P7oDVbwMUglezEx4medBLEYi9FdwUJOOiTzlwwz3P97IPLYFYy83 V4Va7BtrTFwsWk+q1qKSA3Qiv9EzGXXNDTRNBKwud6KtPCj17RJRx06qaTLbMwij kWhcP+2UECh4OlUOofqkwPwaKuHlVBmTSJTqbEpmEqG8kUCphkuJqw2bc2Zx0kqw xaBoxwJjwHerR6ALkXpMtqrvpwSNa9jAXjI/3LDgWy24DRgc7Lyan5EBGjNMqmFG zxTejs+WsSgRn/Lufyh/3+JyZsojXH+weFJlVKawQPsDyBh9t9D0qTpgGJoUhcbl KYBoS98hXSsJzKrqF0KQzOr61iqX4+mrppzNauVSDILEo5MsgBMtqVzwXc266M1n /3BpWeYBMZCM4fGbnyh+l/EkbI1QuZ7tAQpCepNA37HKdFVl00gMyp42xCzDgIOL SXc0NFlMudXjYeID8tEEycCwJynU1v/BeRKv8rqFfHLhwFieSd9eYq5BCLg5bHTl lDGGfBjnPdjdv7OhgDBtNcqCbFzgbCDuLxSxMD+0vLdEVA927Uzkr4I+Dno0alq2 1nDqtFWYChjM9C3FtIBejdINzI4oc02bJlGcZ4qC8OhzB807XybzkWnYTChD9y+j aLeNqUKnaYQ= =trJX -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2346 chromium security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: chromium Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-1641 CVE-2022-1640 CVE-2022-1639 CVE-2022-1638 CVE-2022-1637 CVE-2022-1636 CVE-2022-1635 CVE-2022-1634 CVE-2022-1633 Original Bulletin: http://www.debian.org/security/2022/dsa-5134 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5134-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : chromium CVE ID : CVE-2022-1633 CVE-2022-1634 CVE-2022-1635 CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640 CVE-2022-1641 Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the stable distribution (bullseye), these problems have been fixed in version 101.0.4951.64-1~deb11u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJ9VO8ACgkQEMKTtsN8 TjaGVRAAu2DMDg8jS4CFnJIkJfI8zcMQq2nZEJ+/b1lz1m+rXt2wKplcEikt4U56 e89OFi3WcbQ8kn1+hTHJMphsoxtDpH+IlntfbtZ0sWmjR5hI6vFuH2jYY9iT1iE5 3vL7TYIysb0wSZpi+uwYgLbqakP+pKfEaF2kAs9BQM4mhap4cJI+xbtlOJb1e7zc OyxgSo9LjOvze30ujVyQQkciyVS/PxJSqbHEwV1ohlAcIrXr0NoVPwELmq5Z7mU/ 3pdCvj6jfNTRoqRE2HRnm20wvsejlW1RK+1pCzVqxKvrt5H/ODokvmza4hUtDXvi JWDl2Pl4JxxMq+ZWoAx5jZhE1nyEF966yFz2wq15T2qQiXb6z+Yj1hQRvVC1L0yw Ra+UiJq92ZTnzlpHw1GpNVRmrXbixTdJwBzmMwIWtotO5n1fWfqVIU14VCDzroY8 +EB2TO6+jWlJdzAqBmzJDtd8qr9axE7dhRyQvT9rcpkDJyycwksBwX30DUZ5Tx/C 5s8bsa9F/9lxXFYwVgsQmKRPi6svSvVYboIlh9X7YQDwC9kdNYsCJMjsgFL+p0FG 3JodDnrhwZeYwZvagW2VMbWqkqb4eKqucD6gudcFKj24NwcdMU9Cgc/MQ/8PS1ls lodlQdnR6JacnhwtQIEVE+uoh9iazyp1qzkZTs52y+uojPVXBhA= =xsBe - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LoskNZI30y1K9AQifXA/+M1KVf6KgLaOSdTNkadYpsCE7r8kCTsKs 9t3KoM/TaWexAE0WqCACq4DpOTMt7OHmlcOCzfHG1PR+2y2fapmvKaEWquIIpElc OYYoLdFcDkrxuFpLQcbSfqkRgx9Z7E70hYEpsON0xjk74s2ZYwR1ne+a+1psj37l 9JHRjKZXKT1eWVruoUndqAdcZoQlxruUb4B81HrAYNylQat530pbHSyjhY4IkOek qLnIEuk76foI/3GcfXj+0c3VkWoX04kYPCy6dLLm9jM6Qda+0Ey500xzr9ulLx9B wMX99U+SbX7G6/8x4AK3jykos0cKeGgRCp38sPUPnkpYP3hdCVsYUBz7g6OlDRx9 RFhe5XYyrQ5vIL7ItMlewQnekpLcexNmYmA+mKm9Epjto5MY6xA+nbIUU5mFwA83 pAhjAQKCpVIVsoZ6aHC/JjF1GceIHKtIJ/3xCdw59cdHmcaqjyWEqmPPVnoOFoBT +7peeXCTjBTpVtI+jF3dKRSeDVNLEXsQiXvmamAMwzGlaFAgjFPrg5fxAB5OHlOp 1ObELsUjLFvvvqn5BF3gnlWOcsZFXkVMpzluEicU5zi7Q68yMA8Kh2hKWR+AugCC yvMzSPQTgNDewD0UUERx0k/TOu7u8EefV/aCKxSSS+stFn6sFESkTLIt5K/b8pxq bQ4Ozc40/TY= =gIC9 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2345 subversion:1.10 security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: subversion:1.10 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-24070 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2237 Comment: CVSS (Max): 7.5 CVE-2022-24070 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: subversion:1.10 security update Advisory ID: RHSA-2022:2237-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2237 Issue date: 2022-05-12 CVE Names: CVE-2022-24070 ===================================================================== 1. Summary: An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: Subversion's mod_dav_svn is vulnerable to memory corruption (CVE-2022-24070) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol. 5. Bugs fixed (https://bugzilla.redhat.com/): 2074772 - CVE-2022-24070 subversion: Subversion's mod_dav_svn is vulnerable to memory corruption 6. Package List: Red Hat Enterprise Linux AppStream E4S (v. 8.1): Source: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.src.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.src.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.src.rpm aarch64: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm noarch: subversion-javahl-1.10.2-3.module+el8.1.0+15169+c14f14c4.noarch.rpm ppc64le: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm s390x: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm x86_64: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-24070 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYn0zB9zjgjWX9erEAQhxeBAApdAY7v0pWKOaHrwL/jyDtl4vOUJIkNqJ eGGAh0Hkqx0C7EyRdcK/Be4sA4hf/p3nCoNM3j4t5x4tp68Em+Pca3xvI8JB1ZaP Xth05R+H4JtF/P0dZAqFFE6bz1NXtSZFDi9dYdDO61+Rvwzh3rjkk7Y6s0wLqv8U rbHmdeMTSv29Xts3p+jaERyOArehFGbu/O5baTpzxPgFB+4PT8kn/cD388kFT4yq /vVYQd1P1F7YIUvpDUJZ3hd0xD+eSdIspj2E993A8ZYmcs+/Vlls9ZqRrh1PECsH ob43yPoQZviiR/Cf8rVOn0z1B8wMHBerIFSirnop3TI3bh13HXC1m1u4p8PuJo3r g15PAwMObhFY2Lng8/rYHIFSVtG3Kq2BpvxE1YlhiKaXN05uuXm6LJwdp1/d/Zyn WZ9e3Qz6P+9FQipa1VJOXywuQd+7z6LGlauVOFSE1ygZD5sz4emChrazDzsulSVa AjqqspxG/vsP2M2Uv24oH1U7X+znKjsgVHipG1vOFx36forA15C4w1zVFDUOyBA3 i9/epfF0UZBf1mXvFivko8VlXHlOMSdb7hvKGxzCh5sMmf0DwPcBCNhoduPV+hTJ YNb659CEKyanABykQVoeSGMyNRkiIN0cY0zqNvuJ+BqcWJlXXChfbqquDtrcEfp9 4b1VTFMy6Kk= =8/Kr - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LlskNZI30y1K9AQh7Og//WgYTeWvjZ+x8YKof0tNrVAEDCzMMVXlQ oOT9zXrzHeIYCmkMcRFbCD3vEAYK9bG2KSC+jiVIvrCa5U7nYreFLKY2n90nKjmw R+wDXPszWxfMxM6btuKzyk76Xt4p3QTjfyD6XGnfA9Y1eIUFYPNdw2UG/XcMF+V8 acUlfbZ5UooXEg7VqVb6BKkBiqPQQ5jgqQ2Cr6xMn9433Wa/YrZ3wTkQLowoJN9Y xUUTW63thYfJZ4KRy6+lYN2mwxjvAkBCb8xXTD9oIFqsdobwr+q03bvp5sE2mkJG EPJebkJj/IU5T8uU2zuDgaEY6wPkFEQtAZeNbFYKHaVG+S6nMDGvitow0pGzOJUg slMh/JnpP2mznYRaiUME0ivhj7bSeEkOwC8POsyvZpYvD8XQqQRAOhlYyeKATpF8 hmyDn9pEIT1m/qhNXjUS0vsGkvL/LlkYw1vUmvC94K5YJSrRh3CLg7WRo2Q0HW44 TgAlVjjKG5ty4DIsOtPXCZgwGVNvIbFw8eu/fKn9K+q6tPjcaRQ9RfP5zRaL4TnK lRipvRY1Fai55/DQIVgRB9vTING7uoRbF9YyODGNfX5BgylmWcHJCeRLv8dkVlE/ WkjqAsXTVr796G0Aj7N+MMYyfTNrvxOwlOl0Wxj0RSAnK+s0rf1gLzhNea3qtYon mE/aFQaA8uc= =026h -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2344 subversion:1.10 security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: subversion:1.10 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-24070 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2234 Comment: CVSS (Max): 7.5 CVE-2022-24070 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: subversion:1.10 security update Advisory ID: RHSA-2022:2234-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2234 Issue date: 2022-05-12 CVE Names: CVE-2022-24070 ===================================================================== 1. Summary: An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: Subversion's mod_dav_svn is vulnerable to memory corruption (CVE-2022-24070) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol. 5. Bugs fixed (https://bugzilla.redhat.com/): 2074772 - CVE-2022-24070 subversion: Subversion's mod_dav_svn is vulnerable to memory corruption 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.src.rpm subversion-1.10.2-5.module+el8.6.0+15157+188c9801.src.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.src.rpm aarch64: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm mod_dav_svn-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-debugsource-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-devel-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-gnome-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-libs-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-perl-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-tools-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.aarch64.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm noarch: subversion-javahl-1.10.2-5.module+el8.6.0+15157+188c9801.noarch.rpm ppc64le: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm mod_dav_svn-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-debugsource-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-devel-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-gnome-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-libs-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-perl-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-tools-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.ppc64le.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm s390x: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm mod_dav_svn-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-debugsource-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-devel-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-gnome-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-libs-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-perl-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-tools-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.s390x.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm x86_64: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm mod_dav_svn-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-debugsource-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-devel-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-gnome-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-libs-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-perl-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-tools-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.6.0+15157+188c9801.x86_64.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-24070 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYn0zDNzjgjWX9erEAQjEhQ//Se1koT2yA4x7TqBXaWnDQevJICFcuSKl 9iUjP2OmYTUGoHq8LgdYs2iwCRLy2g0WZr1HiAhmoBJqDFugPov5HaMjNWJYwlA3 jNVLEmEJCRusb8XzJXH5Qv8+WnRJKUZBoUsf/AywsY3cyIlVhJFfHzf2y3nvQCgj hCvawhB8qR7Ov6U6u/Xp2SuI6G/kSL5f+PRiYFNaF1VYsZq3bEzIFDiLBeApPZpE yfALiV4joB0nLYb7CjaTje4VGSxfcVuIUUuVegsfVUhegTc/HtgOkUNGGo3eMYn1 h6GCp102MdXJs9CM1yzh7AWaNzrIzpOof0v9YKH3nlxNIdSMduVg8Xy48unlt+Qi cwLGn4XQLxdof7CZEbIA/HhRGXgAZNWLhQTtl9N4P+sQKDonXo4BLoSt3cOwAOYi eNx+Gog0BqqY0Mkn9i6E6E+0dhHb8gdgCNSWsrC4KuE4oioB+efFRY+T4ePlM5bU L8oM88E/hJOwRvkrQlRAr1RDZH97Nuf5TddAX+pZQ3mG5viiG+TdzKiiFKaOtwYV qQCb0aTkg/oADmRrBZFhRevuCW/q2ePsESa+j0eQRJCzaF5/ZbNBE/uYNl03wo1v l8Kjaxy/oc6JRO/0Vkb4sHUXs/2yq7aX5s4pKn8E2PXEAIuuv702zzOulxpnWfLH NxV0dytX9yU= =K42+ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2Li8kNZI30y1K9AQh+XA/+NkXHVEIZP6YXyG4RPzcxqm57zAlf6RmB EXNLFBAd0mGiIhC0HXXh2t7JlZmk9QJjgD+eXKRTk1vDkNJjj4U2Y08jf4m5bnNr 2yMBh8camW261tz6qTCobEW1QAtxK4kkQ3234dMR2RTV77o683vuH/pakCx2Mv4b dgeAr8f4K7pLNf4KaJ9eLiKxINdmQedYxJzf01FEpvwpL42clGH9iEtu6d773JFL 9rtjgAjNsAEPli3avRH5a+DA6+HJ9Sg8JVbrHmdgbQ2IDxkloKDPikkq6hCoLSMY TvGqpQKZs6o8J1gxan9GQDXzC7IpLE3/gsFfa9A5GWbdq2zO+Hz+/Eg9qvdA/kon ER0sEzc7YmJHeIuGlXDkT/L7p/e1lwd+iZo+lxafqftruPfvfumt9T5YB5FZfoRr 03Hg/Jb4dvMfBJlK/L9FW4DcbHO4cUXiV7OXJTlvfDSy4dd9W1rwrK6pAqnpGHRx eCL7nyr/11oxoAS4+rHBqA3ZJ4tyhD+TaSx3JOAK8QWX/DlPLwhPS7MJll/fx8rI BOlSFibtG0BR+pvknHes4L6dEXv5MNe4s0uPVC9+Jhw61JorviUmCMpSV9AS9CBn Ey40MDQhloaIbzMY7owTiGBQA4sbGDnAkcP3GtFq82HibWbEyj0QKX54eIiW0ItJ rk6NrxNkXHM= =Udy3 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2343 Red Hat Data Grid 8.3.1 security update 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Data Grid 8.3.1 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-0084 CVE-2021-38153 CVE-2020-36518 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2232 Comment: CVSS (Max): 7.5 CVE-2020-36518 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Data Grid 8.3.1 security update Advisory ID: RHSA-2022:2232-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2022:2232 Issue date: 2022-05-12 CVE Names: CVE-2020-36518 CVE-2021-38153 CVE-2022-0084 ===================================================================== 1. Summary: An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.3.1 replaces Data Grid 8.3.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.3.1 in the Release Notes[3]. Security Fix(es): * jackson-databind: denial of service via a large depth of nested objects [jdg-8] (CVE-2020-36518) * kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients [jdg-8] (CVE-2021-38153) * xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr [jdg-8] (CVE-2022-0084) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: To install this update, do the following: 1. Download the Data Grid 8.3.1 Server patch from the customer portal[²]. 2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on. 3. Install the Data Grid 8.3.1 Server patch. 4. Restart Data Grid to ensure the changes take effect. For more information about Data Grid 8.3.1, refer to the 8.3.1 Release Notes[³] 4. Bugs fixed (https://bugzilla.redhat.com/): 2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 2064226 - CVE-2022-0084 xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr 2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 5. References: https://access.redhat.com/security/cve/CVE-2020-36518 https://access.redhat.com/security/cve/CVE-2021-38153 https://access.redhat.com/security/cve/CVE-2022-0084 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid&downloadType=securityPatches&version=8.3 https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.3/html-single/red_hat_data_grid_8.3_release_notes/index 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYn0zH9zjgjWX9erEAQhZLw/+JPEE+waFwwS+b4v4/LLIwTjtFhXPqZYP WArn7i/vjG6ktOsZU397wdlik4Sv+tmPVX+aElmXLnTALJiOsm7iWjEjuT8qPhqt c2V9xN6vEQC7V1IXdwbUQwlkt3r40XbfhsGc4KKHjA8J5fWECwkByM5ofQ4j59jO lxpIPa5yRjCV8/4p7lKAXFYMeBInZtb8i4c7pYVnA9Eq+o2bRpV9P3/ES9q8xGF8 yVBC1Gt/fDZlmDznxlzUEih4HMxmW1uwQhZFHbw6jp6D0bYCn1wWrC6y7FYUmRJ6 /13BnHV27naz+xBGuSA6EB+AKmzlA85NyIimN2h63AT8VJb2IYv0vM2JMb0JRdK0 8SAE6hYmjodKxVcqANsBRiiea3vR9GTLN71zCXP8Pmk0dsI1GK29s574QuxUpKSQ YY8vXaL0K3j35IsGzmr7AvlYCQr1d3GPFaTnnj3XK+asRDMDrFvw8sCsNjLGRgHI dzZdcjpnIi3DXsp3ic1qRbZHpd9C/3o1r7hU++/nkkNNKXjGmzU+EAutaVHXxgLO XyuIIScDVb5kNrBpH5krzqU2TA31TFz0RGN5Am6vm8zc5rGyW7iMijAAreU8icgn Vt6KDpeDYuTffOBgo9WLR7kmo4xq7w94e1rDFxmGhL2OlsJI7S9gTxMhn/lONxTy IZnZKy4mPpA= =6Kqs - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LfskNZI30y1K9AQg1cw//W+kwedfoM8gLtMJwNu5OFHvRhO+ANooY MePCioI/qjIh5PfmsCCZ9v+E/60UsQF9hJBIoua7TiqLS4+zEuVRJxbV77xAwdR3 bhxGtWo7MGiB84u9Aubq/SU3BJzEAOG9KD/NUTcRxJFACPv+45B+CiDJxzMEz/FR XdMHMQ02Zl6pTh4NiI9SDxBFpzQ6IfOOsUsVDI/Qqw8x+wXaOCUSzGsxcR5i+g0G 1+cPFW89AtM+FZASxAnZ1vltWaFNrx2Tkuo0TJsp+NMzje4UhlHCDNPwWgtjSpx7 Hs2t/z0fFF2zglvbLEzCtsYvCY/SilkPZfzMRwkUcn0b83ms2p3xiG5OZgmHK/qq ykyH8GPwJZITc2Cks9RKYm+N8Ajy3BMqueI+SXXpPgXgDrzsTU++PLX65jV97NRC 0r7t2+rJZXIjQ91cY1n4exrRiHsp8Lb0npeacksiFehLd0JcfDK7BXoXD3+c3VMu t1H+WK3tYr9uwK39rqiIs3HtnzZk2NtWQtuXCtCt7Gx/WAiVYdKSrbjVbJ9TYAAy x7y0J9iTLDIEhM/33fq6ZJ9CiHxQfiRI8KIUgai1JWxvEviNgD3c34iPWgOz2o40 nzD2HMUUA9+x2YkM1kM6zg62WbR0EMn+2ZmBAxpjoAj2QHjqQF87rpN40n01GzgA D+5BSS9c3JI= =p4/F -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2342 USN-5420-1: Vorbis vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Vorbis Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2018-10393 CVE-2018-10392 CVE-2017-14160 Original Bulletin: https://ubuntu.com/security/notices/USN-5420-1 Comment: CVSS (Max): 8.8 CVE-2018-10392 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5420-1: Vorbis vulnerabilities 12 May 2022 Several security issues were fixed in Vorbis. Releases o Ubuntu 16.04 ESM Packages o libvorbis - The Vorbis General Audio Compression Codec Details It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. ( CVE-2017-14160 , CVE-2018-10392 , CVE-2018-10393 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o libvorbis0a - 1.3.5-3ubuntu0.2+esm1 Available with UA Infra or UA Desktop o libvorbisfile3 - 1.3.5-3ubuntu0.2+esm1 Available with UA Infra or UA Desktop o libvorbisenc2 - 1.3.5-3ubuntu0.2+esm1 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2018-10392 o CVE-2017-14160 o CVE-2018-10393 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LbckNZI30y1K9AQhL9xAAkeQ11gmO8MiD8nrtSGdHgD5OLWdDqSTZ SZGQIZvVZv2Dvi/8AlhStfpRTQ+6MsupFwl9QT4zjtiIJNvUVXreR8vS3lF5fFr7 Cjop9UGfVKlIgL68kX1JRb3qQVSAwuILswb246aKh+eHGOabDKjmeXYkMO/n1eCg UwgUuIEezvh8DG7MTirMJzxRjTYoNEDpT44kGvVJg48Ggmfr0qAD1uNiKO5IvxLv gSWKItzRalX1g4PPaYBfV6U8rqcS80ta+R16jf1PfbTmJKW1oe5cM+eIVFyRnfwS U7jlIa4bWGrKXgK172gZtpSIUS/FJJbPVgDhLtcSFCNTGw15WSowASjyzCTyT0kT exbC4/aJdlA6pddSNOru2wufrH4uwJHQKe3BiebpWTbbgYqfp5woyEhuogY92dz5 noG/gFgDLzpBV4b25m9DahaOt0egFhUKUnpU24Tb/aLGDI0TPa7ntA1lF1QCvfhQ EEOQHaHO9AEjgOT5gIPCWtYwTXOYvff+Zn9rGKqDDwZUzGwSrkzLWx2OXF/nSQLP VuzFVYv9BwfrXDJvEqluPbNMmr1yPgzegpLnRiH1jkULfkfT00wI7VXgRtMMAtav djozcUmexceuM6iLcykHBMtO+VHqtr7+3k2ODvAuuotnd847bIOg2elMvt6wWqKe PL7a22mh+1I= =J6nj -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2341 USN-5419-1: Rsyslog vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Rsyslog Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2019-17042 CVE-2019-17041 CVE-2018-16881 Original Bulletin: https://ubuntu.com/security/notices/USN-5419-1 Comment: CVSS (Max): 9.8 CVE-2019-17042 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5419-1: Rsyslog vulnerabilities 12 May 2022 Rsyslog could be made to crash if it received specially crafted input. Releases o Ubuntu 16.04 ESM Packages o rsyslog - Enhanced syslogd Details It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o rsyslog - 8.16.0-1ubuntu3.1+esm1 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2018-16881 o CVE-2019-17042 o CVE-2019-17041 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LYskNZI30y1K9AQhxZQ//ZGS+sOlJy6LABxPUHwj4DDTYcg72X36h WVKuCh3j19KGNwVoHTycXTNK08ySVBNOMfWLnrNGL8chhuukOQWbUdNeYq5k6hms w1wWHrLbEPtRb7MmUwHPdmCG390Z4Qx1FF4J7QVUi+2pkXQKJH5Uu4jPvfTifQfQ DgaPheyHSOLIXpl5qrm8K/B5wMQguIeEd7PDa9hmS1ToSaNUL+jf65wKiygGQMxX cb0eKPTRNgeBX4mE/kj/sloSIfaJaO/V5Z0yK+aww1PNunXD/agPFLL8+FDdQLWR eZyDjI4b1Flmb0r2l8Ftd3S31egMRJ1vhbX1U/KVP5CiCjRrr1VMRaSlXehVi2E/ gak7r0zWvd9DCSmqfhuTkkvqv0/Qu0wsFGikNPIVXFivF+XL06B/9gXgLasfACwr 4aeLObe8Eh4t/mQ1L6TJ0wwjDIztSfTgZVykTkQ5jwuVj6fpvwWyoXvrKOXkvAFv YAzqmmLPhPDatMe6fTWPzrIm6ZkbrY22C27U7MNYbTjopUXp7ggq7LPrEseLuRFP nDgiK8hFReJTb0991Tlgt27DwcjBII1gSs8UB+Ysdlrql/ks0LLQN/fiX1SpMEzZ aALszPjLA/PYxJRP2iZ+lPaZW1kfbiFGicNCehg8FJHBUsa9XBjflCQZvNYQH7LR +zBVmFygVCU= =Mipp -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2340 USN-5418-1: Linux kernel vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-27223 CVE-2022-26966 CVE-2022-26490 CVE-2022-25375 CVE-2022-25258 CVE-2022-24958 CVE-2022-23042 CVE-2022-23041 CVE-2022-23040 CVE-2022-23039 CVE-2022-23038 CVE-2022-23037 CVE-2022-23036 CVE-2021-26401 CVE-2017-5715 Original Bulletin: https://ubuntu.com/security/notices/USN-5418-1 Comment: CVSS (Max): 8.8 CVE-2022-27223 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5418-1: Linux kernel vulnerabilities 12 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 18.04 LTS o Ubuntu 16.04 ESM o Ubuntu 14.04 ESM Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems o linux-azure - Linux kernel for Microsoft Azure Cloud systems o linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems o linux-dell300x - Linux kernel for Dell 300x platforms o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems o linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems o linux-hwe - Linux hardware enablement (HWE) kernel o linux-kvm - Linux kernel for cloud environments o linux-oracle - Linux kernel for Oracle Cloud systems o linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors Details Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. ( CVE-2021-26401 ) Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest. ( CVE-2022-23036 , CVE-2022-23037 , CVE-2022-23038 , CVE-2022-23039 , CVE-2022-23040 , CVE-2022-23042 ) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-24958 ) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-25258 ) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-25375 ) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-26490 ) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-26966 ) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-27223 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 o linux-image-4.15.0-1127-snapdragon - 4.15.0-1127.136 o linux-image-virtual - 4.15.0.177.166 o linux-image-aws-lts-18.04 - 4.15.0.1128.131 o linux-image-generic - 4.15.0.177.166 o linux-image-4.15.0-1138-azure - 4.15.0-1138.151 o linux-image-oracle-lts-18.04 - 4.15.0.1093.103 o linux-image-4.15.0-1114-kvm - 4.15.0-1114.117 o linux-image-4.15.0-1128-aws - 4.15.0-1128.137 o linux-image-snapdragon - 4.15.0.1127.130 o linux-image-azure-lts-18.04 - 4.15.0.1138.111 o linux-image-4.15.0-177-generic-lpae - 4.15.0-177.186 o linux-image-4.15.0-1042-dell300x - 4.15.0-1042.47 o linux-image-dell300x - 4.15.0.1042.44 o linux-image-gcp-lts-18.04 - 4.15.0.1122.141 o linux-image-4.15.0-1122-gcp - 4.15.0-1122.136 o linux-image-4.15.0-1093-oracle - 4.15.0-1093.102 o linux-image-kvm - 4.15.0.1114.110 o linux-image-4.15.0-177-generic - 4.15.0-177.186 o linux-image-generic-lpae - 4.15.0.177.166 o linux-image-4.15.0-177-lowlatency - 4.15.0-177.186 o linux-image-lowlatency - 4.15.0.177.166 Ubuntu 16.04 o linux-image-4.15.0-1138-azure - 4.15.0-1138.151~16.04.1 Available with UA Infra or UA Desktop o linux-image-lowlatency-hwe-16.04 - 4.15.0.177.169 Available with UA Infra or UA Desktop o linux-image-oem - 4.15.0.177.169 Available with UA Infra or UA Desktop o linux-image-azure - 4.15.0.1138.128 Available with UA Infra or UA Desktop o linux-image-gke - 4.15.0.1122.123 Available with UA Infra or UA Desktop o linux-image-gcp - 4.15.0.1122.123 Available with UA Infra or UA Desktop o linux-image-aws-hwe - 4.15.0.1128.118 Available with UA Infra or UA Desktop o linux-image-generic-hwe-16.04 - 4.15.0.177.169 Available with UA Infra or UA Desktop o linux-image-oracle - 4.15.0.1093.81 Available with UA Infra or UA Desktop o linux-image-4.15.0-1122-gcp - 4.15.0-1122.136~16.04.1 Available with UA Infra or UA Desktop o linux-image-virtual-hwe-16.04 - 4.15.0.177.169 Available with UA Infra or UA Desktop o linux-image-4.15.0-1093-oracle - 4.15.0-1093.102~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-177-generic - 4.15.0-177.186~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-1128-aws-hwe - 4.15.0-1128.137~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-177-lowlatency - 4.15.0-177.186~16.04.1 Available with UA Infra or UA Desktop Ubuntu 14.04 o linux-image-4.15.0-1138-azure - 4.15.0-1138.151~14.04.1 Available with UA Infra or UA Desktop o linux-image-azure - 4.15.0.1138.110 Available with UA Infra or UA Desktop After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-27223 o CVE-2022-23038 o CVE-2022-24958 o CVE-2021-26401 o CVE-2022-23042 o CVE-2022-25258 o CVE-2022-26490 o CVE-2022-26966 o CVE-2022-23039 o CVE-2022-23040 o CVE-2022-25375 o CVE-2022-23037 o CVE-2022-23036 Related notices o USN-5381-1 : linux-buildinfo-5.14.0-1033-oem, linux-oem-5.14-tools-5.14.0-1033, linux-headers-oem-20.04d, linux-tools-oem-20.04, linux-modules-5.14.0-1033-oem, linux-oem-20.04d, linux-tools-5.14.0-1033-oem, linux-oem-5.14-tools-host, linux-image-oem-20.04b, linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d, linux-oem-20.04, linux-image-oem-20.04d, linux-oem-20.04b, linux-tools-oem-20.04b, linux-image-5.14.0-1033-oem, linux-headers-oem-20.04b, linux-oem-5.14, linux-image-oem-20.04, linux-oem-5.14-headers-5.14.0-1033, linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c, linux-headers-5.14.0-1033-oem, linux-image-unsigned-5.14.0-1033-oem o USN-5413-1 : linux-signed-generic, linux-tools-virtual-lts-wily, linux-cloud-tools-4.4.0-224-lowlatency, linux-headers-lowlatency-lts-vivid, linux-signed-generic-lts-utopic, linux-headers-virtual-lts-vivid, linux-signed-generic-lts-wily, linux-signed-image-generic, linux-lts-xenial-cloud-tools-4.4.0-224, linux-cloud-tools-lowlatency-lts-vivid, linux-buildinfo-4.4.0-224-generic, linux-cloud-tools-common, linux-image-virtual-lts-wily, linux-lowlatency, linux-aws-cloud-tools-4.4.0-1140, linux-tools-virtual-lts-utopic, linux-crashdump, linux-tools-common, linux-aws-tools-4.4.0-1140, linux-headers-generic-lts-vivid, linux-modules-4.4.0-1140-aws, linux-buildinfo-4.4.0-1140-aws, linux-signed-image-lowlatency, linux-tools-virtual, linux-modules-extra-aws, linux-virtual-lts-vivid, linux-cloud-tools-lowlatency-lts-wily, linux-cloud-tools-generic-lts-vivid, linux-image-lowlatency-lts-wily, linux-signed-image-lowlatency-lts-xenial, linux-cloud-tools-lowlatency, linux-hwe-generic-trusty, linux-lowlatency-lts-xenial, linux-kvm, linux-image-generic-lts-xenial, linux-image-4.4.0-224-lowlatency, linux-headers-virtual-lts-xenial, linux-virtual, linux-generic-lts-xenial, linux-tools-generic-lts-vivid, linux-tools-lowlatency, linux-headers-kvm, linux-signed-image-generic-lts-vivid, linux-tools-virtual-lts-vivid, linux-headers-virtual, linux-modules-4.4.0-1105-kvm, linux-image-kvm, linux-virtual-lts-wily, linux-cloud-tools-virtual-lts-utopic, linux-cloud-tools-virtual, linux-image-extra-virtual-lts-wily, linux-headers-generic-lts-wily, linux-source, linux-modules-4.4.0-224-generic, linux-image-lowlatency-lts-vivid, linux-image-aws, linux-tools-4.4.0-224, linux-cloud-tools-generic-lts-wily, linux-generic, linux-kvm-cloud-tools-4.4.0-1105, linux-modules-4.4.0-224-lowlatency, linux-headers-4.4.0-224-lowlatency, linux-image-generic-lts-utopic, linux-headers-4.4.0-1140-aws, linux-source-4.4.0, linux-generic-lts-vivid, linux-image-virtual-lts-xenial, linux-cloud-tools-virtual-lts-wily, linux-doc, linux-headers-generic-lts-xenial, linux-kvm-tools-4.4.0-1105, linux-tools-generic-lts-xenial, linux-cloud-tools-lowlatency-lts-xenial, linux-image-extra-virtual-lts-xenial, linux-headers-virtual-lts-utopic, linux-tools-kvm, linux-headers-generic-lts-utopic, linux-tools-lts-utopic, linux-image-hwe-generic-trusty, linux-cloud-tools-4.4.0-1140-aws, linux-image-lowlatency-lts-xenial, linux-image-virtual-lts-utopic, linux-image-hwe-virtual-trusty, linux-cloud-tools-generic-lts-xenial, linux-signed-generic-lts-vivid, linux-image-4.4.0-1105-kvm, linux-tools-virtual-lts-xenial, linux-image-extra-virtual, linux-lowlatency-lts-vivid, linux-signed-image-generic-lts-xenial, linux-tools-4.4.0-224-generic, linux-cloud-tools-4.4.0-1105-kvm, linux-image-extra-virtual-lts-utopic, linux-lowlatency-lts-utopic, linux-tools-host, linux-image-4.4.0-224-generic, linux-headers-lowlatency-lts-wily, linux-image-generic-lts-vivid, linux-tools-lowlatency-lts-vivid, linux-cloud-tools-lowlatency-lts-utopic, linux-headers-generic, linux-image-4.4.0-1140-aws, linux-tools-4.4.0-1140-aws, linux-signed-image-generic-lts-utopic, linux-modules-extra-4.4.0-224-generic, linux-tools-generic, linux-modules-extra-4.4.0-1140-aws, linux-headers-4.4.0-224, linux-buildinfo-4.4.0-224-lowlatency, linux-image-unsigned-4.4.0-224-generic, linux-cloud-tools-4.4.0-224-generic, linux-signed-image-generic-lts-wily, linux-image-generic, linux-signed-lowlatency-lts-wily, linux-image-extra-virtual-lts-vivid, linux-tools-4.4.0-224-lowlatency, linux-tools-generic-lts-utopic, linux-virtual-lts-utopic, linux-image-lowlatency, linux-tools-lowlatency-lts-utopic, linux-image-generic-lts-wily, linux-buildinfo-4.4.0-1105-kvm, linux-tools-4.4.0-1105-kvm, linux-headers-lowlatency-lts-utopic, linux-tools-lowlatency-lts-xenial, linux-headers-4.4.0-1105-kvm, linux, linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-xenial, linux-cloud-tools-virtual-lts-vivid, linux-aws-headers-4.4.0-1140, linux-generic-lts-wily, linux-headers-lowlatency, linux-signed-generic-lts-xenial, linux-signed-lowlatency-lts-xenial, linux-cloud-tools-generic-lts-utopic, linux-cloud-tools-generic, linux-tools-generic-lts-wily, linux-signed-lowlatency, linux-cloud-tools-4.4.0-224, linux-hwe-virtual-trusty, linux-libc-dev, linux-lts-xenial, linux-tools-aws, linux-tools-lowlatency-lts-wily, linux-headers-aws, linux-aws, linux-image-virtual-lts-vivid, linux-virtual-lts-xenial, linux-signed-image-lowlatency-lts-wily, linux-headers-4.4.0-224-generic, linux-headers-virtual-lts-wily, linux-image-virtual, linux-image-unsigned-4.4.0-224-lowlatency, linux-lowlatency-lts-wily, linux-cloud-tools-virtual-lts-xenial, linux-generic-lts-utopic, linux-kvm-headers-4.4.0-1105, linux-lts-xenial-tools-4.4.0-224 o USN-5415-1 : linux-modules-extra-azure-lts-20.04, linux-image-unsigned-5.4.0-1073-gcp, linux-tools-generic-hwe-18.04, linux-image-unsigned-5.4.0-110-lowlatency, linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge, linux-modules-extra-oracle, linux-headers-gke, linux-oracle-headers-5.4.0-1071, linux-image-aws-lts-20.04, linux-cloud-tools-common, linux-lowlatency, linux-image-oracle-edge, linux-ibm-tools-5.4.0-1021, linux-tools-common, linux-image-gkeop-5.4, linux-buildinfo-5.4.0-1060-raspi, linux-image-azure-fde, linux-generic-hwe-18.04-edge, linux-headers-azure-edge, linux-cloud-tools-lowlatency, linux-modules-extra-5.4.0-1021-ibm, linux-headers-raspi-hwe-18.04-edge, linux-oem, linux-tools-5.4.0-1021-ibm, linux-tools-oracle-lts-20.04, linux-headers-5.4.0-110-generic, linux-headers-virtual, linux-hwe-5.4-cloud-tools-common, linux-oracle-lts-20.04, linux-ibm-cloud-tools-common, linux-gcp-headers-5.4.0-1073, linux-headers-generic-lpae-hwe-18.04, linux-image-5.4.0-1063-kvm, linux-modules-extra-5.4.0-1073-gcp, linux-snapdragon-hwe-18.04, linux-image-5.4.0-1060-raspi, linux-tools-gcp, linux-generic, linux-raspi-5.4-tools-5.4.0-1060, linux-tools-5.4.0-110, linux-doc, linux-image-azure, linux-azure-5.4-cloud-tools-5.4.0-1078, linux-image-oracle-lts-20.04, linux-cloud-tools-5.4.0-1040-gkeop, linux-tools-ibm-lts-20.04, linux-azure-fde, linux-image-extra-virtual, linux-modules-5.4.0-110-lowlatency, linux-signed-image-oracle-edge, linux-azure-cloud-tools-5.4.0-1078, linux-headers-azure-lts-20.04, linux-gkeop-5.4-tools-5.4.0-1040, linux-image-5.4.0-1071-gke, linux-hwe-5.4-tools-5.4.0-110, linux-headers-5.4.0-110, linux-cloud-tools-azure, linux-headers-oracle-lts-20.04, linux-modules-extra-5.4.0-1071-gke, linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04, linux-ibm, linux-generic-lpae-hwe-18.04-edge, linux-raspi-5.4, linux-image-gkeop, linux-hwe-5.4-source-5.4.0, linux-ibm-lts-20.04, linux-modules-5.4.0-1073-aws, linux-generic-lpae, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-headers-generic-hwe-18.04-edge, linux-headers-gcp, linux-aws-lts-20.04, linux-gke-tools-5.4.0-1071, linux-buildinfo-5.4.0-110-lowlatency, linux-raspi2, linux-headers-raspi2-hwe-18.04-edge, linux-modules-extra-oracle-edge, linux-oracle-5.4-headers-5.4.0-1071, linux-tools-5.4.0-1060-raspi, linux-gcp-5.4, linux-azure-5.4-headers-5.4.0-1078, linux-headers-generic-lpae, linux-cloud-tools-5.4.0-1078-azure, linux-image-oem-osp1, linux-gkeop-tools-5.4.0-1040, linux-lowlatency-hwe-18.04, linux-tools-azure-edge, linux-oem-osp1, linux-libc-dev, linux-image-virtual-hwe-18.04-edge, linux-tools-5.4.0-1040-gkeop, linux-ibm-5.4-cloud-tools-common, linux-gkeop-5.4-source-5.4.0, linux-ibm-tools-common, linux-aws-headers-5.4.0-1073, linux-hwe-5.4-cloud-tools-5.4.0-110, linux-headers-5.4.0-1071-oracle, linux-oracle-edge, linux-cloud-tools-gkeop, linux-raspi-tools-5.4.0-1060, linux-kvm-tools-5.4.0-1063, linux-modules-extra-5.4.0-1071-oracle, linux-tools-lowlatency-hwe-18.04-edge, linux-image-raspi2-hwe-18.04-edge, linux-buildinfo-5.4.0-1078-azure, linux-tools-lowlatency-hwe-18.04, linux-tools-azure-lts-20.04, linux-image-azure-lts-20.04, linux-image-unsigned-5.4.0-1078-azure, linux-ibm-source-5.4.0, linux-tools-virtual, linux-signed-azure-edge, linux-tools-gcp-lts-20.04, linux-modules-5.4.0-1040-gkeop, linux-headers-ibm, linux-headers-5.4.0-1078-azure, linux-image-5.4.0-1071-oracle, linux-azure-tools-5.4.0-1078, linux-image-5.4.0-1078-azure, linux-tools-5.4.0-110-generic-lpae, linux-headers-virtual-hwe-18.04, linux-image-5.4.0-110-generic-lpae, linux-gke, linux-cloud-tools-5.4.0-110-generic, linux-tools-lowlatency, linux-modules-extra-5.4.0-1078-azure, linux-raspi2-hwe-18.04, linux-tools-ibm-edge, linux-image-unsigned-5.4.0-1063-kvm, linux-modules-extra-5.4.0-1073-aws, linux-image-gcp, linux-image-ibm-lts-20.04, linux-headers-oem, linux-modules-extra-gkeop-5.4, linux-tools-generic-hwe-18.04-edge, linux-headers-ibm-edge, linux-source-5.4.0, linux-tools-oracle, linux-image-raspi2-hwe-18.04, linux-image-oracle, linux-tools-azure, linux-headers-5.4.0-1073-gcp, linux-image-raspi-hwe-18.04-edge, linux-ibm-5.4-tools-5.4.0-1021, linux-signed-image-azure, linux-ibm-5.4-tools-common, linux-raspi, linux-headers-raspi2, linux-image-oem, linux-headers-lowlatency-hwe-18.04, linux-gcp-tools-5.4.0-1073, linux-gkeop-headers-5.4.0-1040, linux-modules-5.4.0-1073-gcp, linux-headers-5.4.0-1060-raspi, linux-image-generic-lpae-hwe-18.04, linux-tools-raspi, linux-tools-generic, linux-image-gke-5.4, linux-oem-tools-host, linux-headers-5.4.0-110-generic-lpae, linux-buildinfo-5.4.0-110-generic, linux-cloud-tools-azure-edge, linux-buildinfo-5.4.0-1073-gcp, linux-buildinfo-5.4.0-1021-ibm, linux-modules-5.4.0-1060-raspi, linux-ibm-edge, linux-headers-oracle, linux-image-extra-virtual-hwe-18.04-edge, linux-modules-extra-gke-5.4, linux-tools-gcp-edge, linux-image-5.4.0-1073-gcp, linux-modules-extra-gcp, linux-image-lowlatency-hwe-18.04, linux-modules-extra-ibm, linux-tools-gkeop, linux-modules-extra-ibm-lts-20.04, linux-cloud-tools-5.4.0-110, linux-modules-extra-gke, linux-buildinfo-5.4.0-1063-kvm, linux-image-unsigned-5.4.0-1078-azure-fde, linux-headers-azure-fde, linux-image-5.4.0-1073-aws, linux-tools-snapdragon-hwe-18.04, linux-buildinfo-5.4.0-1073-aws, linux-headers-5.4.0-1063-kvm, linux-buildinfo-5.4.0-110-generic-lpae, linux-gkeop-cloud-tools-5.4.0-1040, linux-gcp-edge, linux-hwe-5.4-headers-5.4.0-110, linux-modules-5.4.0-1078-azure, linux-gcp-5.4-tools-5.4.0-1073, linux-image-5.4.0-1021-ibm, linux-tools-oracle-edge, linux-headers-5.4.0-1021-ibm, linux-cloud-tools-gkeop-5.4, linux-tools-azure-fde, linux-oracle-tools-5.4.0-1071, linux-image-unsigned-5.4.0-1021-ibm, linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4, linux-headers-raspi, linux-image-virtual-hwe-18.04, linux-kvm, linux-gkeop-source-5.4.0, linux-modules-extra-virtual-hwe-18.04, linux-headers-5.4.0-1073-aws, linux-headers-5.4.0-110-lowlatency, linux-headers-gcp-lts-20.04, linux-headers-kvm, linux-image-kvm, linux-image-generic-lpae, linux-tools-5.4.0-1063-kvm, linux-tools-5.4.0-110-lowlatency, linux-aws-cloud-tools-5.4.0-1073, linux-image-5.4.0-1040-gkeop, linux-tools-gke, linux-source, linux-modules-5.4.0-110-generic-lpae, linux-tools-virtual-hwe-18.04-edge, linux-tools-ibm, linux-tools-raspi2-hwe-18.04, linux-signed-oracle, linux-headers-oracle-edge, linux-headers-aws-lts-20.04, linux-tools-5.4.0-1073-gcp, linux-tools-raspi-hwe-18.04, linux-azure, linux-tools-kvm, linux-buildinfo-5.4.0-1040-gkeop, linux-image-raspi-hwe-18.04, linux-tools-gkeop-5.4, linux-raspi-hwe-18.04, linux-image-unsigned-5.4.0-1040-gkeop, linux-tools-host, linux-image-extra-virtual-hwe-18.04, linux-headers-generic, linux-tools-5.4.0-1071-oracle, linux-cloud-tools-5.4.0-110-lowlatency, linux-headers-raspi2-hwe-18.04, linux-oracle-5.4-tools-5.4.0-1071, linux-gcp, linux-headers-gkeop, linux-ibm-headers-5.4.0-1021, linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04, linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge, linux-gcp-5.4-headers-5.4.0-1073, linux-signed-image-azure-edge, linux-cloud-tools-virtual-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04-edge, linux-ibm-5.4-headers-5.4.0-1021, linux-kvm-headers-5.4.0-1063, linux-image-unsigned-5.4.0-1071-gke, linux-headers-lowlatency-hwe-18.04-edge, linux-signed-image-oracle, linux-raspi-headers-5.4.0-1060, linux-cloud-tools-generic-hwe-18.04-edge, linux-gke-5.4, linux-headers-generic-hwe-18.04, linux-gkeop-5.4-cloud-tools-5.4.0-1040, linux-modules-5.4.0-1063-kvm, linux-image-gcp-lts-20.04, linux-cloud-tools-azure-lts-20.04, linux-aws, linux-cloud-tools-azure-fde, linux-modules-extra-gcp-lts-20.04, linux-image-virtual, linux-modules-extra-azure, linux-image-gcp-edge, linux-modules-extra-5.4.0-1040-gkeop, linux-tools-5.4.0-1078-azure, linux-tools-5.4.0-110-generic, linux-tools-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04-edge, linux-image-gke, linux-azure-edge, linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump, linux-virtual-hwe-18.04, linux-image-generic-hwe-18.04, linux-tools-5.4.0-1073-aws, linux-modules-extra-azure-fde, linux-image-raspi, linux-image-ibm-edge, linux-image-5.4.0-110-lowlatency, linux-tools-oem-osp1, linux-cloud-tools-5.4.0-1073-aws, linux-gkeop-5.4, linux-image-raspi2, linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-gcp-lts-20.04, linux-modules-5.4.0-1071-oracle, linux-snapdragon-hwe-18.04-edge, linux-headers-gkeop-5.4, linux-virtual, linux-headers-5.4.0-1071-gke, linux-modules-5.4.0-1071-gke, linux-image-generic-lpae-hwe-18.04-edge, linux-azure-lts-20.04, linux-ibm-5.4, linux-cloud-tools-virtual, linux-modules-extra-azure-edge, linux-modules-5.4.0-110-generic, linux-azure-headers-5.4.0-1078, linux-buildinfo-5.4.0-1071-oracle, linux-modules-5.4.0-1021-ibm, linux-gkeop, linux-headers-ibm-lts-20.04, linux-lowlatency-hwe-18.04-edge, linux-image-5.4.0-1078-azure-fde, linux-headers-generic-lpae-hwe-18.04-edge, linux-tools-raspi-hwe-18.04-edge, linux-tools-aws-lts-20.04, linux-gke-headers-5.4.0-1071, linux-headers-gke-5.4, linux-modules-extra-ibm-edge, linux-raspi-5.4-headers-5.4.0-1060, linux-cloud-tools-virtual-hwe-18.04, linux-raspi2-hwe-18.04-edge, linux-azure-5.4-tools-5.4.0-1078, linux-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04, linux-azure-5.4, linux-image-ibm, linux-headers-5.4.0-1040-gkeop, linux-raspi-hwe-18.04-edge, linux-modules-extra-5.4.0-110-generic, linux-modules-extra-gkeop, linux-signed-oracle-edge, linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge, linux-tools-gke-5.4, linux-headers-azure, linux-signed-azure, linux-headers-gcp-edge, linux-cloud-tools-lowlatency-hwe-18.04, linux-tools-raspi2-hwe-18.04-edge, linux-aws-tools-5.4.0-1073, linux-tools-5.4.0-1071-gke, linux-image-5.4.0-110-generic, linux-oem-osp1-tools-host, linux-buildinfo-5.4.0-1071-gke, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-generic-hwe-18.04, linux-ibm-5.4-source-5.4.0, linux, linux-image-unsigned-5.4.0-1071-oracle, linux-headers-lowlatency, linux-headers-raspi-hwe-18.04, linux-cloud-tools-generic, linux-image-generic-hwe-18.04-edge, linux-tools-oem, linux-hwe-5.4-tools-common, linux-oracle, linux-image-unsigned-5.4.0-110-generic, linux-image-azure-edge, linux-gkeop-5.4-headers-5.4.0-1040, linux-image-unsigned-5.4.0-1073-aws, linux-tools-raspi2 o USN-5417-1 : linux-buildinfo-5.13.0-1025-gcp, linux-tools-5.13.0-1026-raspi-nolpae, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-gke, linux-raspi-headers-5.13.0-1026, linux-headers-gke, linux-image-generic-64k, linux-azure-headers-5.13.0-1023, linux-modules-5.13.0-1028-oracle, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-gcp-edge, linux-image-raspi-nolpae, linux-lowlatency, linux-azure-edge, linux-tools-5.13.0-41-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-crashdump, linux-gcp-5.13, linux-modules-extra-5.13.0-1025-gcp, linux-tools-common, linux-virtual-hwe-20.04, linux-image-unsigned-5.13.0-41-generic, linux-tools-5.13.0-1022-kvm, linux-modules-extra-5.13.0-41-generic, linux-aws-cloud-tools-5.13.0-1023, linux-image-5.13.0-41-generic, linux-generic-64k, linux-image-raspi, linux-tools-virtual, linux-modules-extra-aws, linux-buildinfo-5.13.0-1023-azure, linux-cloud-tools-5.13.0-41, linux-tools-5.13.0-41, linux-modules-extra-raspi, linux-aws-tools-5.13.0-1023, linux-tools-generic-64k-hwe-20.04, linux-tools-5.13.0-1023-azure, linux-headers-azure-edge, linux-modules-extra-raspi-nolpae, linux-modules-extra-5.13.0-1026-raspi, linux-cloud-tools-5.13.0-1023-azure, linux-cloud-tools-lowlatency, linux-tools-aws-edge, linux-tools-lowlatency-hwe-20.04-edge, linux-azure-5.13, linux-tools-5.13.0-41-generic, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-oem-20.04, linux-headers-raspi-nolpae, linux-headers-raspi, linux-kvm, linux-virtual-hwe-20.04-edge, linux-image-generic-64k-hwe-20.04, linux-gke, linux-modules-5.13.0-41-generic-lpae, linux-cloud-tools-5.13.0-1023-aws, linux-kvm-headers-5.13.0-1022, linux-cloud-tools-5.13.0-41-lowlatency, linux-modules-5.13.0-1022-kvm, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-tools-lowlatency, linux-headers-kvm, linux-tools-5.13.0-1028-oracle, linux-headers-virtual, linux-image-generic-hwe-20.04-edge, linux-gcp-5.13-tools-5.13.0-1025, linux-image-gcp, linux-tools-virtual-hwe-20.04-edge, linux-cloud-tools-5.13.0-41-generic, linux-image-kvm, linux-tools-5.13.0-41-generic-lpae, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-lowlatency-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04, linux-modules-extra-azure-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-gke, linux-buildinfo-5.13.0-41-generic-64k, linux-source, linux-headers-lowlatency-hwe-20.04, linux-image-aws, linux-buildinfo-5.13.0-41-generic-lpae, linux-image-5.13.0-1028-oracle, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-hwe-5.13, linux-tools-oracle, linux-headers-5.13.0-1028-oracle, linux-image-oracle, linux-headers-aws-edge, linux-image-5.13.0-41-generic-lpae, linux-image-generic-hwe-20.04, linux-image-generic-lpae-hwe-20.04, linux-doc, linux-tools-azure, linux-tools-generic-hwe-20.04-edge, linux-aws-headers-5.13.0-1023, linux-image-5.13.0-1026-raspi-nolpae, linux-image-5.13.0-1025-gcp, linux-image-extra-virtual-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-generic-hwe-20.04, linux-azure-cloud-tools-5.13.0-1023, linux-azure-5.13-cloud-tools-5.13.0-1023, linux-image-azure, linux-azure, linux-aws-5.13-headers-5.13.0-1023, linux-image-5.13.0-1023-azure, linux-tools-kvm, linux-headers-5.13.0-1023-aws, linux-aws-5.13, linux-headers-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-source-5.13.0, linux-image-virtual-hwe-20.04, linux-buildinfo-5.13.0-1026-raspi-nolpae, linux-kvm-tools-5.13.0-1022, linux-raspi, linux-tools-generic-lpae-hwe-20.04, linux-modules-extra-5.13.0-1028-oracle, linux-modules-5.13.0-41-generic-64k, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-image-extra-virtual-hwe-20.04-edge, linux-oracle-tools-5.13.0-1028, linux-image-5.13.0-1022-kvm, linux-gcp-5.13-headers-5.13.0-1025, linux-headers-5.13.0-41-lowlatency, linux-gcp-tools-5.13.0-1025, linux-tools-host, linux-image-aws-edge, linux-headers-5.13.0-1026-raspi, linux-oem-20.04, linux-gcp-headers-5.13.0-1025, linux-cloud-tools-virtual-hwe-20.04, linux-headers-5.13.0-1022-kvm, linux-hwe-5.13-tools-host, linux-tools-virtual-hwe-20.04, linux-headers-5.13.0-1025-gcp, linux-modules-5.13.0-1026-raspi-nolpae, linux-tools-generic-lpae, linux-buildinfo-5.13.0-41-generic, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-generic, linux-tools-raspi, linux-buildinfo-5.13.0-41-lowlatency, linux-azure-tools-5.13.0-1023, linux-image-5.13.0-1026-raspi, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-azure, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-headers-gcp-edge, linux-aws-edge, linux-hwe-5.13-tools-5.13.0-41, linux-image-virtual-hwe-20.04-edge, linux-modules-5.13.0-41-lowlatency, linux-headers-generic-64k, linux-tools-raspi-nolpae, linux-image-unsigned-5.13.0-41-lowlatency, linux-aws-5.13-tools-5.13.0-1023, linux-raspi-nolpae, linux-tools-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge, linux-modules-5.13.0-41-generic, linux-hwe-5.13-cloud-tools-5.13.0-41, linux-image-unsigned-5.13.0-41-generic-64k, linux-image-generic, linux-generic-lpae-hwe-20.04, linux-azure-5.13-headers-5.13.0-1023, linux-hwe-5.13-tools-common, linux-headers-virtual-hwe-20.04-edge, linux-raspi-tools-5.13.0-1026, linux-generic-lpae, linux-headers-oracle, linux-headers-5.13.0-41-generic, linux-hwe-5.13-headers-5.13.0-41, linux-modules-5.13.0-1026-raspi, linux-headers-5.13.0-1023-azure, linux-tools-5.13.0-41-generic-64k, linux-headers-gcp, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-buildinfo-5.13.0-1028-oracle, linux-modules-extra-aws-edge, linux-image-unsigned-5.13.0-1022-kvm, linux-tools-gcp-edge, linux-oracle-headers-5.13.0-1028, linux-buildinfo-5.13.0-1022-kvm, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-image-5.13.0-41-generic-64k, linux-image-unsigned-5.13.0-1025-gcp, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-azure-5.13-tools-5.13.0-1023, linux, linux-modules-extra-5.13.0-1023-aws, linux-headers-generic-hwe-20.04, linux-headers-lowlatency, linux-cloud-tools-generic, linux-modules-extra-5.13.0-1026-raspi-nolpae, linux-aws-5.13-cloud-tools-5.13.0-1023, linux-image-unsigned-5.13.0-1023-azure, linux-image-unsigned-5.13.0-1028-oracle, linux-tools-5.13.0-1023-aws, linux-headers-generic-lpae, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-tools-azure-edge, linux-image-unsigned-5.13.0-1023-aws, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-5.13.0-1026-raspi-nolpae, linux-headers-5.13.0-41-generic-lpae, linux-image-5.13.0-41-lowlatency, linux-source-5.13.0, linux-tools-5.13.0-1025-gcp, linux-modules-extra-5.13.0-1023-azure, linux-libc-dev, linux-image-5.13.0-1023-aws, linux-oracle, linux-tools-aws, linux-buildinfo-5.13.0-1023-aws, linux-modules-extra-gke, linux-modules-5.13.0-1023-azure, linux-image-azure-edge, linux-headers-aws, linux-image-oem-20.04, linux-buildinfo-5.13.0-1026-raspi, linux-aws, linux-modules-5.13.0-1023-aws, linux-modules-5.13.0-1025-gcp, linux-headers-5.13.0-41-generic-64k, linux-image-virtual, linux-modules-extra-azure, linux-tools-5.13.0-1026-raspi, linux-image-gcp-edge, linux-hwe-5.13-cloud-tools-common, linux-headers-5.13.0-41 o USN-5390-1 : linux-headers-5.15.0-27, linux-kvm-tools-5.15.0-1005, linux-ibm-tools-5.15.0-1003, linux-tools-lowlatency-hwe-22.04, linux-cloud-tools-5.15.0-27-generic, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-headers-5.15.0-1003-oracle, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-generic-hwe-22.04, linux-image-gke, linux-tools-5.15.0-1005-aws, linux-headers-gke, linux-image-generic-64k, linux-tools-virtual-hwe-22.04-edge, linux-image-unsigned-5.15.0-1003-gke, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-modules-5.15.0-27-generic, linux-lowlatency-64k-hwe-22.04, linux-tools-5.15.0-27-lowlatency-64k, linux-headers-5.15.0-27-generic, linux-aws-headers-5.15.0-1005, linux-cloud-tools-5.15.0-1005-azure, linux-generic-hwe-22.04, linux-buildinfo-5.15.0-27-lowlatency-64k, linux-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-tools-5.15.0-27-generic-lpae, linux-image-5.15.0-1005-azure, linux-crashdump, linux-image-5.15.0-1003-oracle, linux-virtual-hwe-20.04, linux-tools-common, linux-buildinfo-5.15.0-27-generic, linux-image-5.15.0-1005-aws, linux-image-generic-lpae-hwe-22.04-edge, linux-tools-lowlatency-64k-hwe-22.04, linux-modules-5.15.0-27-generic-lpae, linux-buildinfo-5.15.0-1003-oracle, linux-generic-64k, linux-tools-virtual, linux-headers-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-22.04, linux-image-unsigned-5.15.0-1003-oracle, linux-tools-5.15.0-1005-kvm, linux-modules-extra-aws, linux-tools-gke-5.15, linux-image-extra-virtual-hwe-22.04-edge, linux-gke-tools-5.15.0-1003, linux-gke-5.15, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-headers-ibm, linux-headers-virtual-hwe-22.04-edge, linux-tools-generic-64k-hwe-20.04, linux-cloud-tools-lowlatency, linux-image-unsigned-5.15.0-1005-aws, linux-lowlatency-64k, linux-tools-5.15.0-1003-gke, linux-tools-lowlatency-hwe-20.04-edge, linux-cloud-tools-generic-hwe-20.04-edge, linux-cloud-tools-generic-hwe-22.04, linux-headers-oem-20.04, linux-image-5.15.0-27-generic-lpae, linux-kvm, linux-headers-generic-64k-hwe-22.04-edge, linux-virtual-hwe-20.04-edge, linux-headers-5.15.0-27-lowlatency-64k, linux-modules-extra-5.15.0-1003-oracle, linux-image-generic-64k-hwe-20.04, linux-modules-5.15.0-1003-ibm, linux-gcp-tools-5.15.0-1004, linux-gke, linux-buildinfo-5.15.0-27-generic-lpae, linux-headers-5.15.0-1003-gke, linux-gcp-headers-5.15.0-1004, linux-image-unsigned-5.15.0-27-generic-64k, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-modules-5.15.0-1003-gke, linux-headers-kvm, linux-tools-lowlatency, linux-headers-virtual, linux-modules-5.15.0-27-generic-64k, linux-modules-extra-5.15.0-1005-aws, linux-image-generic-hwe-20.04-edge, linux-buildinfo-5.15.0-1005-azure, linux-ibm-cloud-tools-common, linux-headers-generic-lpae-hwe-22.04-edge, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-image-gcp, linux-modules-extra-5.15.0-1003-ibm, linux-tools-virtual-hwe-20.04-edge, linux-image-kvm, linux-headers-generic-lpae-hwe-22.04, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-headers-virtual-hwe-22.04, linux-headers-generic-64k-hwe-20.04, linux-image-unsigned-5.15.0-27-generic, linux-headers-5.15.0-27-generic-lpae, linux-lowlatency-hwe-20.04-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-gke, linux-lowlatency-hwe-22.04-edge, linux-tools-5.15.0-27-generic-64k, linux-source, linux-generic-lpae-hwe-22.04-edge, linux-headers-lowlatency-hwe-20.04, linux-image-aws, linux-modules-extra-5.15.0-1004-gcp, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-headers-5.15.0-27-lowlatency, linux-image-5.15.0-27-generic-64k, linux-image-generic-64k-hwe-22.04, linux-image-lowlatency-64k-hwe-22.04-edge, linux-tools-oracle, linux-tools-ibm, linux-image-extra-virtual-hwe-22.04, linux-modules-5.15.0-1003-oracle, linux-lowlatency-cloud-tools-common, linux-image-5.15.0-1003-ibm, linux-image-unsigned-5.15.0-27-lowlatency, linux-image-virtual-hwe-22.04-edge, linux-image-oracle, linux-image-generic-hwe-20.04, linux-tools-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-20.04, linux-ibm-headers-5.15.0-1003, linux-image-lowlatency-64k-hwe-20.04-edge, linux-tools-lowlatency-hwe-22.04-edge, linux-doc, linux-image-unsigned-5.15.0-1005-kvm, linux-lowlatency-hwe-22.04, linux-tools-azure, linux-image-extra-virtual-hwe-20.04, linux-modules-5.15.0-27-lowlatency-64k, linux-tools-generic-hwe-20.04-edge, linux-tools-lowlatency-hwe-20.04, linux-generic-hwe-20.04, linux-oracle-headers-5.15.0-1003, linux-cloud-tools-5.15.0-27, linux-modules-5.15.0-1005-aws, linux-image-lowlatency-64k, linux-headers-lowlatency-hwe-22.04-edge, linux-tools-5.15.0-1005-azure, linux-image-azure, linux-azure, linux-tools-kvm, linux-buildinfo-5.15.0-1003-ibm, linux-headers-generic-lpae-hwe-20.04-edge, linux-modules-extra-5.15.0-27-generic, linux-headers-lowlatency-hwe-22.04, linux-image-virtual-hwe-20.04, linux-headers-generic-hwe-22.04-edge, linux-tools-generic-hwe-22.04, linux-azure-cloud-tools-5.15.0-1005, linux-lowlatency-64k-hwe-20.04, linux-tools-generic-lpae-hwe-20.04, linux-virtual-hwe-22.04, linux-image-ibm, linux-modules-5.15.0-1005-kvm, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-headers-lowlatency-64k-hwe-20.04, linux-image-extra-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-27-lowlatency-64k, linux-tools-generic-hwe-22.04-edge, linux-lowlatency-tools-5.15.0-27, linux-tools-host, linux-buildinfo-5.15.0-1003-gke, linux-buildinfo-5.15.0-1005-kvm, linux-oem-20.04, linux-lowlatency-tools-host, linux-cloud-tools-virtual-hwe-20.04, linux-azure-headers-5.15.0-1005, linux-tools-virtual-hwe-20.04, linux-gke-headers-5.15.0-1003, linux-tools-generic-lpae-hwe-22.04-edge, linux-lowlatency-cloud-tools-5.15.0-27, linux-cloud-tools-5.15.0-27-lowlatency, linux-tools-generic-lpae, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-5.15.0-27-lowlatency, linux-headers-5.15.0-1005-kvm, linux-image-5.15.0-27-lowlatency-64k, linux-lowlatency-64k-hwe-22.04-edge, linux-headers-generic-hwe-22.04, linux-tools-generic, linux-ibm-source-5.15.0, linux-modules-extra-5.15.0-1003-gke, linux-lowlatency-headers-5.15.0-27, linux-tools-lowlatency-64k, linux-tools-generic-lpae-hwe-22.04, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-azure, linux-headers-5.15.0-1005-aws, linux-image-lowlatency-hwe-22.04-edge, linux-cloud-tools-azure, linux-gcp, linux-image-virtual-hwe-20.04-edge, linux-buildinfo-5.15.0-1004-gcp, linux-image-5.15.0-27-generic, linux-image-gke-5.15, linux-cloud-tools-generic-hwe-22.04-edge, linux-headers-generic-64k, linux-ibm, linux-tools-generic-64k-hwe-22.04-edge, linux-buildinfo-5.15.0-1005-aws, linux-tools-generic-64k, linux-tools-generic-64k-hwe-22.04, linux-buildinfo-5.15.0-27-generic-64k, linux-generic-64k-hwe-22.04-edge, linux-tools-generic-lpae-hwe-20.04-edge, linux-image-lowlatency-64k-hwe-22.04, linux-image-generic, linux-modules-extra-5.15.0-1005-azure, linux-generic-lpae-hwe-20.04, linux-generic-lpae-hwe-22.04, linux-headers-virtual-hwe-20.04-edge, linux-image-5.15.0-1003-gke, linux-generic-lpae, linux-headers-oracle, linux-image-generic-hwe-22.04-edge, linux-headers-gcp, linux-image-lowlatency, linux-image-5.15.0-1004-gcp, linux-headers-lowlatency-64k, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-headers-generic-64k-hwe-22.04, linux-aws-cloud-tools-5.15.0-1005, linux-image-virtual-hwe-22.04, linux-kvm-headers-5.15.0-1005, linux, linux-oracle-tools-5.15.0-1003, linux-image-lowlatency-hwe-22.04, linux-headers-generic-hwe-20.04, linux-lowlatency-tools-common, linux-aws-tools-5.15.0-1005, linux-source-5.15.0, linux-headers-lowlatency, linux-tools-5.15.0-1003-ibm, linux-cloud-tools-generic, linux-headers-5.15.0-1005-azure, linux-headers-lowlatency-64k-hwe-22.04, linux-image-lowlatency-64k-hwe-20.04, linux-tools-virtual-hwe-22.04, linux-headers-5.15.0-1003-ibm, linux-headers-5.15.0-27-generic-64k, linux-headers-generic-lpae, linux-image-generic-64k-hwe-22.04-edge, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-generic-64k-hwe-22.04, linux-headers-gke-5.15, linux-modules-5.15.0-1005-azure, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-image-unsigned-5.15.0-1005-azure, linux-virtual-hwe-22.04-edge, linux-modules-5.15.0-1004-gcp, linux-tools-5.15.0-27-generic, linux-libc-dev, linux-image-5.15.0-27-lowlatency, linux-oracle, linux-modules-5.15.0-27-lowlatency, linux-cloud-tools-lowlatency-hwe-22.04, linux-tools-aws, linux-tools-lowlatency-64k-hwe-20.04-edge, linux-cloud-tools-virtual-hwe-22.04, linux-headers-aws, linux-image-5.15.0-1005-kvm, linux-image-oem-20.04, linux-image-unsigned-5.15.0-1004-gcp, linux-aws, linux-tools-5.15.0-27, linux-tools-lowlatency-64k-hwe-20.04, linux-cloud-tools-5.15.0-1005-aws, linux-lowlatency-64k-hwe-20.04-edge, linux-image-unsigned-5.15.0-1003-ibm, linux-tools-5.15.0-1003-oracle, linux-ibm-tools-common, linux-image-virtual, linux-cloud-tools-virtual-hwe-22.04-edge, linux-modules-extra-azure, linux-generic-hwe-22.04-edge, linux-azure-tools-5.15.0-1005, linux-buildinfo-5.15.0-27-lowlatency o USN-5390-2 : linux-headers-5.15.0-1006-raspi, linux-modules-extra-5.15.0-1006-raspi-nolpae, linux-raspi, linux-modules-5.15.0-1006-raspi, linux-buildinfo-5.15.0-1006-raspi-nolpae, linux-raspi-headers-5.15.0-1006, linux-image-raspi-nolpae, linux-tools-5.15.0-1006-raspi-nolpae, linux-image-5.15.0-1006-raspi, linux-raspi-tools-5.15.0-1006, linux-tools-raspi, linux-tools-5.15.0-1006-raspi, linux-image-raspi, linux-modules-extra-raspi, linux-headers-5.15.0-1006-raspi-nolpae, linux-modules-5.15.0-1006-raspi-nolpae, linux-modules-extra-raspi-nolpae, linux-tools-raspi-nolpae, linux-raspi-nolpae, linux-image-5.15.0-1006-raspi-nolpae, linux-headers-raspi-nolpae, linux-headers-raspi, linux-buildinfo-5.15.0-1006-raspi, linux-modules-extra-5.15.0-1006-raspi - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LVckNZI30y1K9AQhKpA//bIBv501XI13j61zuV0dLo4XghtupRL57 e/rciT+YuYtpIhnCq/2wJRKPM9D0U3tGPcJXIMn0ou/pvXLsiSPIopREhxIqzX4X uzW0NmkpPvIvGZ50lVBfSLv+Nn47gUcxAwGTVKQrCoYkseOA5DhfQDh+RH4tAU+j 2h3vsPUBLkpazatUOkBMa4+9C0OTkSHIBMIyAGYd7XFnB3W972by8C7DQ2P6Lv8k TPljsKWFdb3S34EqHNyvNTfhAlEWWm5ufzxNY/IMzTwpXsZPWGPpoxTygvuovDkk EQEwD1glbH+pQV7BblYxbCk0ELJ0P+fAOVIvBfG+Tnx0oo+TWy3YbqxZen+CC+WV 2qj/hRkyihyKNbTsLsdbWLtznoHYm4yZOj1jsECd+MOgVC/gZohtl119dwl1bR2M J8KR9e63ki946jMRDt01BuflqF3vcNeyoh6IVy2jGXdk/PluNVjT8ho+G29PIY/l tB96DmDeGQscDsF5CotBNd4ICjoPzWv48aqTJHrG5D8my8L+Q8Twr7A3aTywWPsP q+zDwZ18INAaBdPY/ug60lHpsMW8tmJNW4javJu2Flb/WA0lhTgheNBLC0NY48lY RJQ2XkrBBPMiGKbr6Kynn2rA5K1Fp6B1yNSUbnECtOb2Hgd1cCIYmNbwhsMZ8+MO 4MNj2FgXswo= =E+sA -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2339 USN-5417-1: Linux kernel vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-29156 CVE-2022-27223 CVE-2022-26966 CVE-2022-26490 CVE-2022-25375 CVE-2022-25258 CVE-2022-20008 CVE-2021-26401 CVE-2017-5715 Original Bulletin: https://ubuntu.com/security/notices/USN-5417-1 Comment: CVSS (Max): 8.8* CVE-2022-27223 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * Not all CVSS available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5417-1: Linux kernel vulnerabilities 12 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 21.10 o Ubuntu 20.04 LTS Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-aws-5.13 - Linux kernel for Amazon Web Services (AWS) systems o linux-azure - Linux kernel for Microsoft Azure Cloud systems o linux-azure-5.13 - Linux kernel for Microsoft Azure cloud systems o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems o linux-gcp-5.13 - Linux kernel for Google Cloud Platform (GCP) systems o linux-hwe-5.13 - Linux hardware enablement (HWE) kernel o linux-kvm - Linux kernel for cloud environments o linux-oracle - Linux kernel for Oracle Cloud systems o linux-raspi - Linux kernel for Raspberry Pi systems Details Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. ( CVE-2021-26401 ) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-20008 ) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-25258 ) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-25375 ) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-26490 ) It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-26966 ) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-27223 ) Miaoqian Lin discovered that the RDMA Transport (RTRS) client implementation in the Linux kernel contained a double-free when handling certain error conditions. An attacker could use this to cause a denial of service (system crash). ( CVE-2022-29156 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10 o linux-image-virtual - 5.13.0.41.50 o linux-image-5.13.0-41-generic - 5.13.0-41.46 o linux-image-generic-64k - 5.13.0.41.50 o linux-image-generic - 5.13.0.41.50 o linux-image-aws - 5.13.0.1023.24 o linux-image-5.13.0-1025-gcp - 5.13.0-1025.30 o linux-image-5.13.0-1026-raspi - 5.13.0-1026.28 o linux-image-5.13.0-1026-raspi-nolpae - 5.13.0-1026.28 o linux-image-5.13.0-41-generic-64k - 5.13.0-41.46 o linux-image-azure - 5.13.0.1023.23 o linux-image-raspi-nolpae - 5.13.0.1026.31 o linux-image-5.13.0-1023-aws - 5.13.0-1023.25 o linux-image-oem-20.04 - 5.13.0.41.50 o linux-image-5.13.0-1023-azure - 5.13.0-1023.27 o linux-image-gke - 5.13.0.1025.23 o linux-image-5.13.0-41-lowlatency - 5.13.0-41.46 o linux-image-5.13.0-41-generic-lpae - 5.13.0-41.46 o linux-image-gcp - 5.13.0.1025.23 o linux-image-oracle - 5.13.0.1028.28 o linux-image-5.13.0-1022-kvm - 5.13.0-1022.23 o linux-image-raspi - 5.13.0.1026.31 o linux-image-kvm - 5.13.0.1022.22 o linux-image-5.13.0-1028-oracle - 5.13.0-1028.33 o linux-image-generic-lpae - 5.13.0.41.50 o linux-image-lowlatency - 5.13.0.41.50 Ubuntu 20.04 o linux-image-5.13.0-41-generic - 5.13.0-41.46~20.04.1 o linux-image-aws - 5.13.0.1023.25~20.04.16 o linux-image-lowlatency-hwe-20.04 - 5.13.0.41.46~20.04.26 o linux-image-generic-hwe-20.04 - 5.13.0.41.46~20.04.26 o linux-image-5.13.0-41-generic-64k - 5.13.0-41.46~20.04.1 o linux-image-5.13.0-1023-azure - 5.13.0-1023.27~20.04.1 o linux-image-azure - 5.13.0.1023.27~20.04.12 o linux-image-5.13.0-1023-aws - 5.13.0-1023.25~20.04.1 o linux-image-5.13.0-41-generic-lpae - 5.13.0-41.46~20.04.1 o linux-image-gcp - 5.13.0.1025.30~20.04.1 o linux-image-virtual-hwe-20.04 - 5.13.0.41.46~20.04.26 o linux-image-generic-lpae-hwe-20.04 - 5.13.0.41.46~20.04.26 o linux-image-5.13.0-1025-gcp - 5.13.0-1025.30~20.04.1 o linux-image-generic-64k-hwe-20.04 - 5.13.0.41.46~20.04.26 o linux-image-5.13.0-41-lowlatency - 5.13.0-41.46~20.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-27223 o CVE-2021-26401 o CVE-2022-25258 o CVE-2022-26490 o CVE-2022-26966 o CVE-2022-20008 o CVE-2022-29156 o CVE-2022-25375 Related notices o USN-5381-1 : linux-headers-oem-20.04d, linux-oem-5.14-tools-5.14.0-1033, linux-headers-5.14.0-1033-oem, linux-tools-oem-20.04, linux-oem-20.04c, linux-oem-20.04d, linux-image-oem-20.04b, linux-oem-20.04, linux-oem-20.04b, linux-tools-oem-20.04d, linux-image-oem-20.04c, linux-image-unsigned-5.14.0-1033-oem, linux-image-oem-20.04, linux-modules-5.14.0-1033-oem, linux-image-oem-20.04d, linux-headers-oem-20.04c, linux-oem-5.14-tools-host, linux-tools-5.14.0-1033-oem, linux-image-5.14.0-1033-oem, linux-tools-oem-20.04b, linux-headers-oem-20.04, linux-oem-5.14-headers-5.14.0-1033, linux-headers-oem-20.04b, linux-tools-oem-20.04c, linux-oem-5.14, linux-buildinfo-5.14.0-1033-oem o USN-5413-1 : linux-modules-4.4.0-1105-kvm, linux-tools-4.4.0-224-lowlatency, linux-tools-lowlatency, linux-headers-4.4.0-224-generic, linux-libc-dev, linux-tools-lowlatency-lts-xenial, linux-cloud-tools-generic-lts-xenial, linux-tools-lowlatency-lts-vivid, linux-headers-lowlatency-lts-utopic, linux-headers-virtual-lts-wily, linux-cloud-tools-virtual-lts-wily, linux-cloud-tools-virtual-lts-xenial, linux-buildinfo-4.4.0-1105-kvm, linux-lts-xenial-tools-4.4.0-224, linux-image-unsigned-4.4.0-224-generic, linux-image-hwe-virtual-trusty, linux-tools-generic-lts-vivid, linux-cloud-tools-lowlatency-lts-vivid, linux-headers-generic-lts-utopic, linux-signed-generic-lts-utopic, linux-image-lowlatency-lts-xenial, linux-image-hwe-generic-trusty, linux-generic-lts-vivid, linux-lowlatency-lts-xenial, linux-signed-lowlatency-lts-xenial, linux-tools-virtual, linux-image-4.4.0-224-lowlatency, linux-modules-4.4.0-224-lowlatency, linux-image-aws, linux-image-generic-lts-utopic, linux-tools-4.4.0-1140-aws, linux-headers-4.4.0-1140-aws, linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-wily, linux-headers-lowlatency, linux-image-unsigned-4.4.0-224-lowlatency, linux-signed-generic-lts-vivid, linux-cloud-tools-generic, linux-modules-extra-4.4.0-224-generic, linux-doc, linux, linux-signed-generic-lts-xenial, linux-signed-image-lowlatency-lts-wily, linux-image-lowlatency-lts-vivid, linux-lowlatency-lts-utopic, linux-signed-image-generic-lts-utopic, linux-cloud-tools-lowlatency-lts-xenial, linux-kvm, linux-cloud-tools-lowlatency-lts-utopic, linux-cloud-tools-lowlatency-lts-wily, linux-lts-xenial, linux-modules-extra-aws, linux-signed-lowlatency, linux-aws, linux-lowlatency, linux-tools-host, linux-headers-generic-lts-xenial, linux-cloud-tools-generic-lts-wily, linux-image-4.4.0-1105-kvm, linux-tools-4.4.0-1105-kvm, linux-generic-lts-wily, linux-signed-image-lowlatency, linux-kvm-headers-4.4.0-1105, linux-cloud-tools-4.4.0-224-generic, linux-tools-virtual-lts-wily, linux-tools-4.4.0-224-generic, linux-hwe-virtual-trusty, linux-hwe-generic-trusty, linux-cloud-tools-generic-lts-utopic, linux-tools-generic-lts-utopic, linux-aws-headers-4.4.0-1140, linux-cloud-tools-4.4.0-1140-aws, linux-virtual-lts-wily, linux-tools-4.4.0-224, linux-image-virtual-lts-utopic, linux-headers-4.4.0-224, linux-kvm-cloud-tools-4.4.0-1105, linux-signed-image-generic, linux-virtual-lts-vivid, linux-cloud-tools-generic-lts-vivid, linux-cloud-tools-common, linux-source-4.4.0, linux-headers-virtual-lts-vivid, linux-signed-generic, linux-aws-tools-4.4.0-1140, linux-generic, linux-headers-generic-lts-wily, linux-headers-4.4.0-1105-kvm, linux-signed-image-generic-lts-wily, linux-signed-lowlatency-lts-wily, linux-image-generic, linux-generic-lts-utopic, linux-aws-cloud-tools-4.4.0-1140, linux-image-virtual-lts-xenial, linux-generic-lts-xenial, linux-image-virtual-lts-vivid, linux-modules-4.4.0-1140-aws, linux-tools-common, linux-image-extra-virtual, linux-lowlatency-lts-vivid, linux-tools-generic-lts-xenial, linux-cloud-tools-virtual, linux-image-generic-lts-xenial, linux-image-4.4.0-1140-aws, linux-image-4.4.0-224-generic, linux-tools-lts-utopic, linux-cloud-tools-4.4.0-1105-kvm, linux-source, linux-image-generic-lts-vivid, linux-tools-aws, linux-image-extra-virtual-lts-wily, linux-tools-kvm, linux-tools-generic-lts-wily, linux-cloud-tools-lowlatency, linux-signed-image-lowlatency-lts-xenial, linux-image-extra-virtual-lts-xenial, linux-image-generic-lts-wily, linux-virtual-lts-utopic, linux-lts-xenial-cloud-tools-4.4.0-224, linux-image-extra-virtual-lts-vivid, linux-cloud-tools-4.4.0-224, linux-headers-lowlatency-lts-vivid, linux-headers-4.4.0-224-lowlatency, linux-headers-aws, linux-signed-image-generic-lts-xenial, linux-cloud-tools-virtual-lts-vivid, linux-buildinfo-4.4.0-1140-aws, linux-image-lowlatency-lts-wily, linux-tools-lowlatency-lts-wily, linux-modules-4.4.0-224-generic, linux-lowlatency-lts-wily, linux-headers-generic, linux-image-virtual-lts-wily, linux-tools-generic, linux-tools-virtual-lts-xenial, linux-headers-virtual-lts-utopic, linux-cloud-tools-4.4.0-224-lowlatency, linux-image-kvm, linux-virtual, linux-buildinfo-4.4.0-224-lowlatency, linux-tools-virtual-lts-vivid, linux-cloud-tools-virtual-lts-utopic, linux-image-extra-virtual-lts-utopic, linux-virtual-lts-xenial, linux-signed-image-generic-lts-vivid, linux-modules-extra-4.4.0-1140-aws, linux-headers-generic-lts-vivid, linux-kvm-tools-4.4.0-1105, linux-buildinfo-4.4.0-224-generic, linux-headers-lowlatency-lts-xenial, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-headers-virtual-lts-xenial, linux-headers-kvm, linux-tools-lowlatency-lts-utopic, linux-tools-virtual-lts-utopic, linux-image-virtual, linux-signed-generic-lts-wily o USN-5415-1 : linux-tools-ibm-lts-20.04, linux-headers-5.4.0-1073-aws, linux-cloud-tools-5.4.0-1073-aws, linux-image-gke-5.4, linux-image-unsigned-5.4.0-1078-azure, linux-tools-raspi2-hwe-18.04-edge, linux-image-gcp-lts-20.04, linux-gcp, linux-headers-snapdragon-hwe-18.04, linux-headers-gke, linux-buildinfo-5.4.0-110-generic-lpae, linux-headers-raspi2, linux-image-aws-lts-20.04, linux-tools-raspi2-hwe-18.04, linux-cloud-tools-generic-hwe-18.04, linux-image-gcp, linux-modules-extra-gcp-lts-20.04, linux-virtual-hwe-18.04, linux-headers-oracle-edge, linux-headers-raspi2-hwe-18.04, linux-buildinfo-5.4.0-1021-ibm, linux-generic-lpae-hwe-18.04, linux-image-generic-lpae-hwe-18.04, linux-azure-5.4-cloud-tools-5.4.0-1078, linux-gkeop-5.4-cloud-tools-5.4.0-1040, linux-hwe-5.4, linux-image-snapdragon-hwe-18.04-edge, linux-image-generic-lpae-hwe-18.04-edge, linux-tools-generic-hwe-18.04, linux-headers-azure, linux-raspi2-hwe-18.04-edge, linux-image-unsigned-5.4.0-1021-ibm, linux-gcp-5.4-tools-5.4.0-1073, linux-signed-azure-edge, linux-headers-oracle-lts-20.04, linux-tools-oracle-lts-20.04, linux-azure-5.4, linux-tools-5.4.0-1073-aws, linux-modules-5.4.0-110-generic-lpae, linux-image-5.4.0-1021-ibm, linux-image-unsigned-5.4.0-1073-aws, linux-gcp-lts-20.04, linux-image-5.4.0-110-generic, linux-oracle, linux-signed-oracle, linux-headers-virtual-hwe-18.04, linux-buildinfo-5.4.0-1071-gke, linux-image-unsigned-5.4.0-110-generic, linux-lowlatency-hwe-18.04-edge, linux-gcp-edge, linux-oracle-5.4-tools-5.4.0-1071, linux-ibm-lts-20.04, linux-image-5.4.0-1040-gkeop, linux-tools-gcp-edge, linux-raspi-hwe-18.04-edge, linux-headers-5.4.0-110-lowlatency, linux-lowlatency-hwe-18.04, linux-tools-azure, linux-tools-ibm, linux-azure-cloud-tools-5.4.0-1078, linux-azure-5.4-tools-5.4.0-1078, linux-image-lowlatency-hwe-18.04-edge, linux-tools-5.4.0-1040-gkeop, linux-headers-ibm-edge, linux-tools-kvm, linux-oracle-5.4, linux-cloud-tools-gkeop, linux-image-raspi2-hwe-18.04-edge, linux-buildinfo-5.4.0-1073-gcp, linux-headers-raspi2-hwe-18.04-edge, linux-modules-extra-oracle, linux-tools-gke-5.4, linux-headers-5.4.0-1040-gkeop, linux-image-5.4.0-1078-azure-fde, linux-modules-extra-virtual-hwe-18.04, linux-azure-fde, linux-gkeop-5.4-tools-5.4.0-1040, linux-ibm-5.4, linux-ibm-tools-common, linux-modules-extra-5.4.0-1040-gkeop, linux-headers-5.4.0-110-generic-lpae, linux-headers-ibm, linux-tools-gcp-lts-20.04, linux-tools-gkeop-5.4, linux-image-raspi-hwe-18.04, linux-modules-extra-gke, linux-tools-5.4.0-110-generic-lpae, linux-image-unsigned-5.4.0-1040-gkeop, linux-headers-virtual-hwe-18.04-edge, linux-kvm-tools-5.4.0-1063, linux-modules-extra-azure-lts-20.04, linux-headers-virtual, linux-gcp-5.4, linux-image-unsigned-5.4.0-1071-oracle, linux-kvm-headers-5.4.0-1063, linux-raspi-5.4, linux-generic-hwe-18.04, linux-gcp-5.4-headers-5.4.0-1073, linux-oem-tools-host, linux-tools-aws-lts-20.04, linux-tools-virtual, linux-generic-lpae, linux-cloud-tools-5.4.0-110-generic, linux-headers-aws-lts-20.04, linux-headers-gke-5.4, linux-image-azure-edge, linux-headers-5.4.0-1060-raspi, linux-image-5.4.0-1078-azure, linux-tools-raspi2, linux-cloud-tools-generic, linux-tools-5.4.0-110-lowlatency, linux-aws-cloud-tools-5.4.0-1073, linux-buildinfo-5.4.0-1040-gkeop, linux-oracle-tools-5.4.0-1071, linux-tools-snapdragon-hwe-18.04, linux-image-azure, linux-oracle-headers-5.4.0-1071, linux-headers-generic-hwe-18.04, linux-aws, linux-tools-azure-fde, linux-tools-raspi, linux-headers-azure-lts-20.04, linux-modules-5.4.0-1021-ibm, linux-oracle-5.4-headers-5.4.0-1071, linux-raspi, linux-headers-raspi-hwe-18.04, linux-hwe-5.4-cloud-tools-5.4.0-110, linux-modules-5.4.0-1073-gcp, linux-headers-generic-lpae-hwe-18.04-edge, linux-modules-5.4.0-1060-raspi, linux-azure-tools-5.4.0-1078, linux-image-5.4.0-1073-aws, linux-headers-snapdragon-hwe-18.04-edge, linux-tools-raspi-hwe-18.04-edge, linux-headers-azure-edge, linux-image-generic, linux-headers-5.4.0-1071-gke, linux-modules-extra-5.4.0-1073-aws, linux-cloud-tools-azure-edge, linux-image-azure-lts-20.04, linux-raspi2, linux-headers-5.4.0-1063-kvm, linux-image-oracle, linux-headers-generic-hwe-18.04-edge, linux-azure, linux-headers-gkeop, linux-ibm-5.4-tools-common, linux-image-5.4.0-1073-gcp, linux-hwe-5.4-source-5.4.0, linux-tools-oem-osp1, linux-gkeop-5.4, linux-headers-generic, linux-aws-headers-5.4.0-1073, linux-snapdragon-hwe-18.04-edge, linux-headers-oem, linux-image-unsigned-5.4.0-1063-kvm, linux-image-oracle-lts-20.04, linux-headers-gcp, linux-gcp-tools-5.4.0-1073, linux-gkeop, linux-signed-azure, linux-tools-raspi-hwe-18.04, linux-image-virtual, linux-libc-dev, linux-headers-raspi, linux-modules-5.4.0-1071-oracle, linux-gkeop-5.4-headers-5.4.0-1040, linux-headers-generic-lpae-hwe-18.04, linux-generic-hwe-18.04-edge, linux-image-azure-fde, linux-modules-extra-gcp, linux-tools-5.4.0-1071-oracle, linux-image-generic-lpae, linux-image-unsigned-5.4.0-1071-gke, linux-tools-generic-lpae-hwe-18.04-edge, linux-tools-5.4.0-1078-azure, linux-image-oem, linux-tools-5.4.0-1073-gcp, linux-tools-5.4.0-110, linux-azure-5.4-headers-5.4.0-1078, linux-cloud-tools-5.4.0-1040-gkeop, linux-image-oem-osp1, linux-headers-lowlatency, linux-image-raspi, linux-tools-azure-edge, linux-oracle-lts-20.04, linux-gke, linux, linux-cloud-tools-5.4.0-110-lowlatency, linux-aws-lts-20.04, linux-hwe-5.4-headers-5.4.0-110, linux-raspi-5.4-tools-5.4.0-1060, linux-tools-generic-hwe-18.04-edge, linux-modules-5.4.0-110-lowlatency, linux-tools-5.4.0-1071-gke, linux-tools-oracle, linux-modules-extra-azure-edge, linux-kvm, linux-headers-5.4.0-110-generic, linux-cloud-tools-azure-lts-20.04, linux-lowlatency, linux-buildinfo-5.4.0-110-generic, linux-modules-extra-5.4.0-1073-gcp, linux-modules-extra-5.4.0-110-generic, linux-modules-extra-5.4.0-1071-gke, linux-cloud-tools-azure, linux-raspi2-hwe-18.04, linux-cloud-tools-virtual-hwe-18.04, linux-headers-lowlatency-hwe-18.04-edge, linux-tools-gcp, linux-modules-extra-gkeop, linux-image-raspi2-hwe-18.04, linux-gkeop-cloud-tools-5.4.0-1040, linux-cloud-tools-lowlatency-hwe-18.04, linux-image-unsigned-5.4.0-110-lowlatency, linux-modules-extra-virtual-hwe-18.04-edge, linux-modules-5.4.0-1040-gkeop, linux-modules-extra-gke-5.4, linux-image-extra-virtual-hwe-18.04-edge, linux-modules-5.4.0-1063-kvm, linux-tools-5.4.0-1060-raspi, linux-gke-5.4, linux-tools-common, linux-modules-extra-gcp-edge, linux-ibm-5.4-headers-5.4.0-1021, linux-image-5.4.0-1071-oracle, linux-ibm-cloud-tools-common, linux-tools-oem, linux-tools-5.4.0-110-generic, linux-gke-tools-5.4.0-1071, linux-aws-tools-5.4.0-1073, linux-modules-5.4.0-1071-gke, linux-tools-oracle-edge, linux-azure-lts-20.04, linux-gke-headers-5.4.0-1071, linux-source, linux-tools-gke, linux-modules-extra-ibm-edge, linux-cloud-tools-lowlatency, linux-modules-5.4.0-1078-azure, linux-cloud-tools-5.4.0-1078-azure, linux-image-5.4.0-1063-kvm, linux-image-gkeop-5.4, linux-ibm-tools-5.4.0-1021, linux-image-extra-virtual-hwe-18.04, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-ibm-5.4-cloud-tools-common, linux-raspi-headers-5.4.0-1060, linux-tools-snapdragon-hwe-18.04-edge, linux-oracle-edge, linux-source-5.4.0, linux-tools-generic-lpae, linux-image-5.4.0-110-generic-lpae, linux-cloud-tools-virtual-hwe-18.04-edge, linux-image-5.4.0-1060-raspi, linux-cloud-tools-gkeop-5.4, linux-signed-image-oracle, linux-tools-generic-lpae-hwe-18.04, linux-signed-oracle-edge, linux-modules-extra-azure-fde, linux-crashdump, linux-image-lowlatency, linux-headers-lowlatency-hwe-18.04, linux-image-generic-hwe-18.04, linux-headers-kvm, linux-oem-osp1, linux-cloud-tools-5.4.0-110, linux-gkeop-tools-5.4.0-1040, linux-buildinfo-5.4.0-1063-kvm, linux-image-ibm-edge, linux-raspi-tools-5.4.0-1060, linux-azure-edge, linux-tools-lowlatency, linux-headers-generic-lpae, linux-buildinfo-5.4.0-110-lowlatency, linux-modules-extra-ibm-lts-20.04, linux-raspi-5.4-headers-5.4.0-1060, linux-raspi-hwe-18.04, linux-signed-image-azure, linux-tools-5.4.0-1021-ibm, linux-buildinfo-5.4.0-1073-aws, linux-image-5.4.0-1071-gke, linux-modules-extra-5.4.0-1071-oracle, linux-buildinfo-5.4.0-1071-oracle, linux-oem-osp1-tools-host, linux-image-gkeop, linux-signed-image-oracle-edge, linux-doc, linux-modules-extra-oracle-edge, linux-image-generic-hwe-18.04-edge, linux-gkeop-5.4-source-5.4.0, linux-modules-5.4.0-1073-aws, linux-virtual-hwe-18.04-edge, linux-modules-extra-5.4.0-1078-azure, linux-oem, linux-tools-lowlatency-hwe-18.04, linux-tools-azure-lts-20.04, linux-tools-host, linux-headers-gcp-lts-20.04, linux-tools-virtual-hwe-18.04, linux-tools-gkeop, linux-image-virtual-hwe-18.04-edge, linux-headers-oracle, linux-headers-raspi-hwe-18.04-edge, linux-headers-5.4.0-110, linux-image-oracle-edge, linux-cloud-tools-generic-hwe-18.04-edge, linux-hwe-5.4-tools-common, linux-headers-5.4.0-1071-oracle, linux-tools-5.4.0-1063-kvm, linux-generic-lpae-hwe-18.04-edge, linux-cloud-tools-common, linux-image-snapdragon-hwe-18.04, linux-generic, linux-headers-5.4.0-1078-azure, linux-azure-headers-5.4.0-1078, linux-modules-extra-5.4.0-1021-ibm, linux-headers-5.4.0-1021-ibm, linux-ibm-headers-5.4.0-1021, linux-ibm-5.4-source-5.4.0, linux-image-extra-virtual, linux-image-unsigned-5.4.0-1073-gcp, linux-tools-lowlatency-hwe-18.04-edge, linux-image-virtual-hwe-18.04, linux-gkeop-headers-5.4.0-1040, linux-gcp-headers-5.4.0-1073, linux-cloud-tools-virtual, linux-hwe-5.4-tools-5.4.0-110, linux-cloud-tools-azure-fde, linux-headers-5.4.0-1073-gcp, linux-hwe-5.4-cloud-tools-common, linux-modules-extra-azure, linux-modules-extra-ibm, linux-image-gcp-edge, linux-buildinfo-5.4.0-1078-azure, linux-tools-ibm-edge, linux-signed-image-azure-edge, linux-headers-ibm-lts-20.04, linux-modules-5.4.0-110-generic, linux-headers-gkeop-5.4, linux-image-gke, linux-ibm-edge, linux-modules-extra-gkeop-5.4, linux-image-ibm-lts-20.04, linux-tools-virtual-hwe-18.04-edge, linux-gkeop-source-5.4.0, linux-image-5.4.0-110-lowlatency, linux-image-raspi-hwe-18.04-edge, linux-tools-generic, linux-image-ibm, linux-image-kvm, linux-headers-azure-fde, linux-virtual, linux-image-raspi2, linux-ibm, linux-headers-oem-osp1, linux-ibm-5.4-tools-5.4.0-1021, linux-modules-extra-aws-lts-20.04, linux-snapdragon-hwe-18.04, linux-image-unsigned-5.4.0-1078-azure-fde, linux-image-lowlatency-hwe-18.04, linux-headers-gcp-edge, linux-buildinfo-5.4.0-1060-raspi, linux-ibm-source-5.4.0 o USN-5418-1 : linux-image-aws-hwe, linux-snapdragon-headers-4.15.0-1127, linux-modules-4.15.0-177-generic-lpae, linux-modules-extra-4.15.0-177-generic, linux-signed-lowlatency-hwe-16.04, linux-tools-4.15.0-1127-snapdragon, linux-headers-aws-lts-18.04, linux-tools-lowlatency, linux-libc-dev, linux-signed-image-lowlatency-hwe-16.04, linux-headers-generic-lpae, linux-signed-lowlatency-hwe-16.04-edge, linux-signed-oracle-lts-18.04, linux-tools-4.15.0-177-generic-lpae, linux-headers-dell300x, linux-image-4.15.0-1128-aws-hwe, linux-modules-extra-4.15.0-1128-aws, linux-buildinfo-4.15.0-1128-aws, linux-modules-4.15.0-1122-gcp, linux-tools-lowlatency-hwe-16.04, linux-signed-image-azure, linux-tools-generic-hwe-16.04-edge, linux-buildinfo-4.15.0-1127-snapdragon, linux-buildinfo-4.15.0-177-generic-lpae, linux-image-generic-lpae-hwe-16.04, linux-gcp, linux-generic-hwe-16.04-edge, linux-kvm-tools-4.15.0-1114, linux-headers-gke, linux-image-4.15.0-177-generic, linux-modules-extra-gcp, linux-generic-hwe-16.04, linux-gcp-tools-4.15.0-1122, linux-image-generic-lpae, linux-signed-image-generic-hwe-16.04, linux-cloud-tools-azure-lts-18.04, linux-tools-virtual, linux-image-extra-virtual-hwe-16.04-edge, linux-image-gcp, linux-generic-lpae, linux-headers-virtual-hwe-16.04, linux-image-oem, linux-cloud-tools-4.15.0-177, linux-gcp-4.15, linux-image-4.15.0-1122-gcp, linux-image-virtual-hwe-16.04-edge, linux-tools-4.15.0-1138-azure, linux-tools-gcp-lts-18.04, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-headers-oracle-lts-18.04, linux-image-azure-edge, linux-gcp-4.15-tools-4.15.0-1122, linux-buildinfo-4.15.0-1093-oracle, linux-buildinfo-4.15.0-1114-kvm, linux-headers-lowlatency, linux-image-4.15.0-177-generic-lpae, linux-headers-4.15.0-1093-oracle, linux-tools-4.15.0-1122-gcp, linux-cloud-tools-generic, linux-tools-azure-edge, linux-image-extra-virtual-hwe-16.04, linux-doc, linux-image-oracle-lts-18.04, linux-image-unsigned-4.15.0-1138-azure, linux-headers-4.15.0-1114-kvm, linux-gke, linux-hwe-tools-4.15.0-177, linux, linux-headers-gcp-lts-18.04, linux-aws-lts-18.04, linux-cloud-tools-4.15.0-1128-aws, linux-gcp-4.15-headers-4.15.0-1122, linux-aws-hwe-tools-4.15.0-1128, linux-image-unsigned-4.15.0-1093-oracle, linux-azure-headers-4.15.0-1138, linux-image-4.15.0-1093-oracle, linux-modules-4.15.0-1114-kvm, linux-image-aws-lts-18.04, linux-signed-azure-lts-18.04, linux-signed-generic-hwe-16.04, linux-headers-4.15.0-1127-snapdragon, linux-headers-azure, linux-tools-oracle, linux-headers-virtual-hwe-16.04-edge, linux-tools-virtual-hwe-16.04-edge, linux-virtual-hwe-16.04-edge, linux-oem, linux-image-azure, linux-modules-4.15.0-1138-azure, linux-modules-extra-azure-edge, linux-kvm, linux-buildinfo-4.15.0-177-generic, linux-signed-azure-edge, linux-aws-headers-4.15.0-1128, linux-signed-lowlatency, linux-aws, linux-lowlatency, linux-cloud-tools-generic-hwe-16.04-edge, linux-signed-image-oem, linux-tools-host, linux-tools-generic-lpae-hwe-16.04-edge, linux-buildinfo-4.15.0-1122-gcp, linux-headers-lowlatency-hwe-16.04-edge, linux-azure-lts-18.04, linux-dell300x, linux-aws-edge, linux-cloud-tools-virtual-hwe-16.04-edge, linux-image-4.15.0-1138-azure, linux-snapdragon, linux-aws-cloud-tools-4.15.0-1128, linux-headers-oracle, linux-tools-dell300x, linux-signed-image-lowlatency, linux-cloud-tools-azure, linux-headers-4.15.0-177-generic-lpae, linux-headers-4.15.0-1128-aws, linux-tools-4.15.0-1093-oracle, linux-modules-4.15.0-1128-aws, linux-image-generic-hwe-16.04-edge, linux-modules-4.15.0-177-generic, linux-modules-extra-azure-lts-18.04, linux-dell300x-tools-4.15.0-1042, linux-headers-4.15.0-177, linux-tools-gcp, linux-headers-generic-hwe-16.04-edge, linux-buildinfo-4.15.0-1138-azure, linux-oracle, linux-signed-oracle, linux-tools-lowlatency-hwe-16.04-edge, linux-generic-lpae-hwe-16.04, linux-cloud-tools-lowlatency-hwe-16.04, linux-signed-image-generic, linux-azure-4.15-headers-4.15.0-1138, linux-image-unsigned-4.15.0-177-lowlatency, linux-modules-extra-aws-lts-18.04, linux-cloud-tools-common, linux-signed-generic, linux-azure-cloud-tools-4.15.0-1138, linux-tools-4.15.0-1042-dell300x, linux-gcp-lts-18.04, linux-generic, linux-tools-azure-lts-18.04, linux-azure-tools-4.15.0-1138, linux-source-4.15.0, linux-oracle-tools-4.15.0-1093, linux-cloud-tools-generic-hwe-16.04, linux-tools-virtual-hwe-16.04, linux-headers-generic-hwe-16.04, linux-lowlatency-hwe-16.04, linux-headers-azure-edge, linux-image-generic, linux-headers-lowlatency-hwe-16.04, linux-tools-common, linux-image-4.15.0-1114-kvm, linux-tools-azure, linux-image-extra-virtual, linux-oracle-headers-4.15.0-1093, linux-headers-generic-lpae-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04-edge, linux-tools-oem, linux-image-generic-lpae-hwe-16.04-edge, linux-cloud-tools-azure-edge, linux-cloud-tools-virtual, linux-azure-4.15-cloud-tools-4.15.0-1138, linux-modules-extra-azure, linux-source, linux-image-azure-lts-18.04, linux-image-generic-hwe-16.04, linux-image-oracle, linux-signed-generic-hwe-16.04-edge, linux-signed-image-lowlatency-hwe-16.04-edge, linux-cloud-tools-lowlatency, linux-azure-4.15-tools-4.15.0-1138, linux-tools-gke, linux-image-dell300x, linux-tools-4.15.0-1114-kvm, linux-tools-kvm, linux-image-snapdragon, linux-azure, linux-aws-hwe, linux-signed-image-azure-edge, linux-headers-snapdragon, linux-dell300x-headers-4.15.0-1042, linux-lowlatency-hwe-16.04-edge, linux-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1042-dell300x, linux-tools-aws-hwe, linux-image-4.15.0-1127-snapdragon, linux-cloud-tools-virtual-hwe-16.04, linux-image-gke, linux-image-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1122-gcp, linux-modules-4.15.0-1093-oracle, linux-signed-image-oracle-lts-18.04, linux-kvm-headers-4.15.0-1114, linux-azure-4.15, linux-buildinfo-4.15.0-1042-dell300x, linux-cloud-tools-4.15.0-177-generic, linux-generic-lpae-hwe-16.04-edge, linux-headers-aws-hwe, linux-headers-generic, linux-image-gcp-lts-18.04, linux-tools-4.15.0-177-lowlatency, linux-tools-generic, linux-tools-snapdragon, linux-headers-4.15.0-1138-azure, linux-modules-4.15.0-1127-snapdragon, linux-image-unsigned-4.15.0-177-generic, linux-buildinfo-4.15.0-177-lowlatency, linux-tools-aws-lts-18.04, linux-headers-generic-lpae-hwe-16.04, linux-headers-oem, linux-snapdragon-tools-4.15.0-1127, linux-headers-4.15.0-177-generic, linux-headers-azure-lts-18.04, linux-image-kvm, linux-modules-extra-4.15.0-1093-oracle, linux-oracle-lts-18.04, linux-tools-generic-hwe-16.04, linux-virtual, linux-modules-extra-gke, linux-tools-oracle-lts-18.04, linux-headers-gcp, linux-tools-generic-lpae, linux-signed-image-generic-hwe-16.04-edge, linux-hwe, linux-hwe-cloud-tools-4.15.0-177, linux-modules-4.15.0-1042-dell300x, linux-headers-4.15.0-1122-gcp, linux-modules-4.15.0-177-lowlatency, linux-gcp-headers-4.15.0-1122, linux-signed-image-azure-lts-18.04, linux-headers-4.15.0-1042-dell300x, linux-modules-extra-4.15.0-1138-azure, linux-signed-image-oracle, linux-tools-4.15.0-1128-aws, linux-image-4.15.0-1042-dell300x, linux-image-4.15.0-177-lowlatency, linux-headers-4.15.0-177-lowlatency, linux-cloud-tools-4.15.0-1138-azure, linux-image-lowlatency-hwe-16.04, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-signed-oem, linux-image-4.15.0-1128-aws, linux-aws-tools-4.15.0-1128, linux-cloud-tools-4.15.0-177-lowlatency, linux-tools-4.15.0-177, linux-tools-4.15.0-177-generic, linux-tools-generic-lpae-hwe-16.04, linux-image-unsigned-4.15.0-1128-aws, linux-headers-kvm, linux-aws-hwe-cloud-tools-4.15.0-1128, linux-signed-azure, linux-modules-extra-aws-hwe, linux-modules-extra-gcp-lts-18.04, linux-image-virtual, linux-modules-extra-4.15.0-1122-gcp, linux-azure-edge o USN-5390-1 : linux-modules-extra-5.15.0-27-generic, linux-ibm-headers-5.15.0-1003, linux-headers-5.15.0-1003-gke, linux-image-lowlatency-64k-hwe-22.04, linux-tools-lowlatency, linux-cloud-tools-lowlatency-hwe-22.04, linux-kvm-headers-5.15.0-1005, linux-buildinfo-5.15.0-1003-oracle, linux-libc-dev, linux-image-generic-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1005-aws, linux-headers-generic-lpae-hwe-22.04, linux-tools-lowlatency-hwe-22.04, linux-headers-5.15.0-27-lowlatency-64k, linux-headers-generic-lpae, linux-tools-oem-20.04, linux-modules-5.15.0-27-generic-64k, linux-oem-20.04, linux-tools-generic-hwe-20.04, linux-headers-generic-64k-hwe-20.04-edge, linux-tools-lowlatency-64k-hwe-22.04, linux-azure-cloud-tools-5.15.0-1005, linux-tools-lowlatency-64k, linux-tools-generic-lpae-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04, linux-buildinfo-5.15.0-27-generic, linux-image-5.15.0-27-lowlatency-64k, linux-cloud-tools-virtual-hwe-22.04, linux-gcp, linux-image-extra-virtual-hwe-22.04-edge, linux-lowlatency-hwe-20.04, linux-cloud-tools-5.15.0-27-generic, linux-headers-gke, linux-tools-virtual-hwe-22.04, linux-modules-extra-gcp, linux-headers-5.15.0-27-generic-64k, linux-generic-lpae-hwe-20.04-edge, linux-azure-tools-5.15.0-1005, linux-headers-5.15.0-27-generic, linux-virtual-hwe-22.04, linux-headers-5.15.0-27, linux-modules-5.15.0-27-generic, linux-tools-lowlatency-64k-hwe-20.04, linux-image-generic-lpae, linux-tools-virtual, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-headers-generic-64k-hwe-22.04, linux-image-5.15.0-1005-kvm, linux-image-gcp, linux-image-aws, linux-generic-lpae, linux-tools-virtual-hwe-22.04-edge, linux-aws-tools-5.15.0-1005, linux-generic-64k-hwe-20.04-edge, linux-kvm-tools-5.15.0-1005, linux-image-lowlatency-64k, linux-cloud-tools-lowlatency-hwe-20.04, linux-headers-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-27-lowlatency, linux-image-generic-lpae-hwe-22.04, linux-lowlatency-64k-hwe-22.04, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-20.04-edge, linux-buildinfo-5.15.0-1003-gke, linux-cloud-tools-5.15.0-1005-aws, linux-gke-tools-5.15.0-1003, linux-image-lowlatency-64k-hwe-22.04-edge, linux-headers-5.15.0-1004-gcp, linux-tools-5.15.0-27, linux-headers-lowlatency, linux-ibm-source-5.15.0, linux-image-lowlatency-hwe-20.04-edge, linux-tools-virtual-hwe-20.04, linux-tools-5.15.0-27-generic-lpae, linux-image-virtual-hwe-22.04, linux-cloud-tools-generic, linux-modules-5.15.0-1005-kvm, linux-tools-5.15.0-1004-gcp, linux-generic-64k-hwe-20.04, linux-gke-headers-5.15.0-1003, linux-doc, linux-image-unsigned-5.15.0-1003-ibm, linux-tools-generic-64k, linux-gke, linux-image-unsigned-5.15.0-1005-kvm, linux, linux-image-virtual-hwe-20.04, linux-image-5.15.0-27-generic-64k, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1004-gcp, linux-oracle-headers-5.15.0-1003, linux-image-generic-lpae-hwe-20.04-edge, linux-tools-5.15.0-1005-aws, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-buildinfo-5.15.0-1005-azure, linux-headers-azure, linux-tools-oracle, linux-image-generic-hwe-20.04, linux-image-azure, linux-kvm, linux-image-unsigned-5.15.0-1005-azure, linux-tools-5.15.0-27-lowlatency-64k, linux-modules-extra-aws, linux-aws, linux-cloud-tools-virtual-hwe-20.04, linux-lowlatency, linux-tools-host, linux-cloud-tools-5.15.0-1005-azure, linux-generic-hwe-20.04, linux-generic-hwe-22.04-edge, linux-image-lowlatency-64k-hwe-20.04-edge, linux-image-unsigned-5.15.0-1003-gke, linux-tools-gke-5.15, linux-image-extra-virtual-hwe-22.04, linux-headers-oracle, linux-modules-extra-5.15.0-1003-gke, linux-cloud-tools-azure, linux-image-lowlatency-64k-hwe-20.04, linux-virtual-hwe-20.04, linux-cloud-tools-generic-hwe-22.04-edge, linux-generic-64k-hwe-22.04-edge, linux-headers-gke-5.15, linux-headers-generic-64k-hwe-20.04, linux-azure-headers-5.15.0-1005, linux-headers-virtual-hwe-22.04, linux-lowlatency-tools-common, linux-modules-5.15.0-1003-gke, linux-tools-generic-64k-hwe-22.04, linux-tools-generic-lpae-hwe-22.04-edge, linux-buildinfo-5.15.0-27-generic-64k, linux-image-lowlatency-hwe-22.04-edge, linux-cloud-tools-virtual-hwe-22.04-edge, linux-modules-5.15.0-1005-azure, linux-lowlatency-headers-5.15.0-27, linux-modules-5.15.0-1003-oracle, linux-tools-gcp, linux-buildinfo-5.15.0-27-lowlatency-64k, linux-generic-hwe-22.04, linux-gcp-headers-5.15.0-1004, linux-oracle-tools-5.15.0-1003, linux-oracle, linux-headers-generic-64k-hwe-22.04-edge, linux-tools-generic-hwe-22.04-edge, linux-image-5.15.0-1005-aws, linux-tools-generic-hwe-22.04, linux-gke-5.15, linux-image-unsigned-5.15.0-1004-gcp, linux-headers-lowlatency-64k, linux-lowlatency-tools-5.15.0-27, linux-modules-5.15.0-1003-ibm, linux-headers-generic-64k, linux-image-generic-64k, linux-image-unsigned-5.15.0-1005-aws, linux-image-generic-64k-hwe-20.04-edge, linux-gcp-tools-5.15.0-1004, linux-cloud-tools-common, linux-image-5.15.0-27-generic-lpae, linux-modules-extra-5.15.0-1003-ibm, linux-source-5.15.0, linux-lowlatency-64k, linux-generic, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1005-azure, linux-cloud-tools-generic-hwe-22.04, linux-tools-5.15.0-1003-gke, linux-buildinfo-5.15.0-27-generic-lpae, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-5.15.0-1005-kvm, linux-headers-5.15.0-1003-oracle, linux-headers-lowlatency-hwe-22.04, linux-tools-5.15.0-1003-ibm, linux-image-5.15.0-1004-gcp, linux-generic-lpae-hwe-22.04, linux-headers-generic-hwe-22.04, linux-image-generic, linux-image-generic-hwe-22.04-edge, linux-lowlatency-cloud-tools-5.15.0-27, linux-tools-common, linux-lowlatency-hwe-22.04-edge, linux-aws-headers-5.15.0-1005, linux-tools-azure, linux-headers-lowlatency-hwe-20.04-edge, linux-image-extra-virtual, linux-tools-ibm, linux-modules-5.15.0-1004-gcp, linux-headers-5.15.0-1005-aws, linux-ibm-cloud-tools-common, linux-tools-5.15.0-27-lowlatency, linux-headers-lowlatency-64k-hwe-22.04, linux-virtual-hwe-22.04-edge, linux-virtual-hwe-20.04-edge, linux-cloud-tools-virtual, linux-image-5.15.0-1003-ibm, linux-buildinfo-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-20.04, linux-cloud-tools-5.15.0-27-lowlatency, linux-image-5.15.0-27-lowlatency, linux-lowlatency-64k-hwe-20.04-edge, linux-modules-5.15.0-27-lowlatency, linux-modules-extra-azure, linux-tools-lowlatency-64k-hwe-20.04-edge, linux-generic-lpae-hwe-22.04-edge, linux-headers-virtual-hwe-22.04-edge, linux-lowlatency-cloud-tools-common, linux-source, linux-tools-5.15.0-1003-oracle, linux-cloud-tools-generic-hwe-20.04, linux-image-5.15.0-1003-gke, linux-image-generic-hwe-20.04-edge, linux-image-oracle, linux-modules-5.15.0-27-generic-lpae, linux-tools-aws, linux-cloud-tools-lowlatency, linux-tools-gke, linux-tools-kvm, linux-tools-generic-lpae-hwe-22.04, linux-image-virtual-hwe-20.04-edge, linux-azure, linux-headers-generic-hwe-20.04, linux-tools-generic-64k-hwe-22.04-edge, linux-image-unsigned-5.15.0-27-lowlatency-64k, linux-generic-hwe-20.04-edge, linux-image-extra-virtual-hwe-20.04, linux-lowlatency-64k-hwe-20.04, linux-headers-aws, linux-buildinfo-5.15.0-1003-ibm, linux-image-gke, linux-image-gke-5.15, linux-image-lowlatency-hwe-22.04, linux-buildinfo-5.15.0-27-lowlatency, linux-tools-virtual-hwe-20.04-edge, linux-headers-5.15.0-27-lowlatency, linux-image-virtual-hwe-22.04-edge, linux-cloud-tools-5.15.0-27, linux-headers-generic, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-tools-generic, linux-image-5.15.0-27-generic, linux-ibm-tools-common, linux-image-generic-hwe-22.04, linux-image-extra-virtual-hwe-20.04-edge, linux-image-ibm, linux-tools-5.15.0-1005-kvm, linux-tools-lowlatency-hwe-20.04-edge, linux-modules-5.15.0-1005-aws, linux-modules-extra-5.15.0-1003-oracle, linux-image-generic-lpae-hwe-22.04-edge, linux-modules-5.15.0-27-lowlatency-64k, linux-headers-ibm, linux-headers-generic-lpae-hwe-22.04-edge, linux-image-oem-20.04, linux-image-kvm, linux-lowlatency-hwe-20.04-edge, linux-lowlatency-tools-host, linux-tools-5.15.0-27-generic-64k, linux-virtual, linux-buildinfo-5.15.0-1005-kvm, linux-image-unsigned-5.15.0-27-generic, linux-tools-5.15.0-27-generic, linux-headers-gcp, linux-ibm, linux-tools-generic-lpae, linux-headers-lowlatency-64k-hwe-20.04, linux-image-generic-64k-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-tools-generic-64k-hwe-20.04, linux-headers-5.15.0-1003-ibm, linux-tools-5.15.0-1005-azure, linux-image-lowlatency-hwe-20.04, linux-buildinfo-5.15.0-1005-aws, linux-generic-64k-hwe-22.04, linux-generic-lpae-hwe-20.04, linux-image-generic-64k-hwe-22.04, linux-headers-generic-hwe-22.04-edge, linux-image-5.15.0-1005-azure, linux-headers-oem-20.04, linux-lowlatency-64k-hwe-22.04-edge, linux-image-unsigned-5.15.0-27-generic-64k, linux-lowlatency-hwe-22.04, linux-headers-lowlatency-hwe-22.04-edge, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-tools-generic-lpae-hwe-20.04-edge, linux-cloud-tools-generic-hwe-20.04-edge, linux-aws-cloud-tools-5.15.0-1005, linux-tools-lowlatency-hwe-22.04-edge, linux-image-5.15.0-1003-oracle, linux-generic-64k, linux-headers-kvm, linux-image-unsigned-5.15.0-1003-oracle, linux-headers-lowlatency-hwe-20.04, linux-headers-5.15.0-27-generic-lpae, linux-image-virtual, linux-ibm-tools-5.15.0-1003, linux-headers-5.15.0-1005-azure, linux-headers-virtual-hwe-20.04 o USN-5390-2 : linux-image-5.15.0-1006-raspi-nolpae, linux-modules-extra-5.15.0-1006-raspi, linux-tools-5.15.0-1006-raspi, linux-headers-raspi, linux-headers-5.15.0-1006-raspi, linux-buildinfo-5.15.0-1006-raspi-nolpae, linux-tools-raspi, linux-image-raspi-nolpae, linux-buildinfo-5.15.0-1006-raspi, linux-modules-5.15.0-1006-raspi-nolpae, linux-modules-extra-5.15.0-1006-raspi-nolpae, linux-headers-5.15.0-1006-raspi-nolpae, linux-image-5.15.0-1006-raspi, linux-tools-5.15.0-1006-raspi-nolpae, linux-raspi-headers-5.15.0-1006, linux-raspi, linux-modules-extra-raspi, linux-tools-raspi-nolpae, linux-modules-extra-raspi-nolpae, linux-image-raspi, linux-raspi-tools-5.15.0-1006, linux-raspi-nolpae, linux-headers-raspi-nolpae, linux-modules-5.15.0-1006-raspi - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIUAwUBYn2LTMkNZI30y1K9AQh4gA/2IC4OGfl+WR3JPgKKUdNEjL3hD48Ccqdo HjAPxdvegk9G7+Jvi4Iv7t3RGJPSw30ZmMzHXa9Gb6y01wVVfcZppB4pfpyhrv2x VX2gNhMDKRLtG63clzJWHDWlq3k9YXe6Cfly6ObGw0VyDyjZbK8EZ7vSm2XuYRGn bkB2kprOrxEmynPwNb43HUm4G3iK8S0QoD14vIQvJz8lVmwjKc/kYvWRl5OWv+6/ HeN++ygcPa7C+n1QrMGTXfTvJADrdUUALpvcLuRP4UiwTfD4opK0RRm97L4ARzPX xyWNZwYDltE0nJ0gQrHjYTATU5V3Yw5yVbJ3knSBRcUUzdPTXXaqEVZ6VzmjXzqe sikTTHWaw7JYw2b2H0VsSB2MseXZbO0Wq/WkY5KubL4K4BSUkJAgU5G/HyVDT2mJ SqFZwoxyFwdC8On2VpV0J864FspzD4l4C1TKDJjhkGVLip0e21zZ2P/CiV2BZl5a b6oojMnko1ebvwGusfutLLildIDOlJseMXMSPoQAGiKA5PZ98C5SfeD3bHKL4O6Z nYJVU8a60B2TlyMvW25fwEs0qev/SgbCL9K+ajtdZ5INL09qSZ30MJy9qo10Bnw7 u6/jlHz75nhDkHo3U/fkg1qUGzHxi6zFIJ8XH9SC46843Up45VBN3wFdxDB5wIJ+ csoSqALdHA== =Xivw -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2338 USN-5416-1: Linux kernel (OEM) vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel (OEM) Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-28390 CVE-2022-28389 CVE-2022-28388 CVE-2022-1516 CVE-2022-1158 Original Bulletin: https://ubuntu.com/security/notices/USN-5416-1 Comment: CVSS (Max): 7.4 CVE-2022-1158 (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5416-1: Linux kernel (OEM) vulnerabilities 12 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 20.04 LTS Packages o linux-oem-5.14 - Linux kernel for OEM systems Details Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. ( CVE-2022-1158 ) It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-1516 ) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-28388 ) It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-28389 ) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). ( CVE-2022-28390 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 o linux-image-5.14.0-1036-oem - 5.14.0-1036.40 o linux-image-oem-20.04c - 5.14.0.1036.33 o linux-image-oem-20.04b - 5.14.0.1036.33 o linux-image-oem-20.04d - 5.14.0.1036.33 o linux-image-oem-20.04 - 5.14.0.1036.33 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-1158 o CVE-2022-28388 o CVE-2022-28389 o CVE-2022-28390 o CVE-2022-1516 Related notices o USN-5413-1 : linux-headers-lowlatency-lts-wily, linux-image-extra-virtual-lts-vivid, linux-image-lowlatency, linux-image-virtual-lts-vivid, linux-headers-virtual-lts-vivid, linux-buildinfo-4.4.0-1105-kvm, linux-image-4.4.0-224-lowlatency, linux-headers-4.4.0-1140-aws, linux-aws-headers-4.4.0-1140, linux-buildinfo-4.4.0-224-lowlatency, linux-kvm-tools-4.4.0-1105, linux-modules-extra-4.4.0-224-generic, linux-headers-generic-lts-xenial, linux-image-lowlatency-lts-wily, linux-image-generic-lts-vivid, linux-signed-generic-lts-wily, linux-signed-lowlatency, linux-headers-aws, linux-tools-virtual-lts-vivid, linux-cloud-tools-4.4.0-224-generic, linux-headers-virtual-lts-xenial, linux-image-generic-lts-utopic, linux-source, linux-modules-4.4.0-224-lowlatency, linux-generic-lts-vivid, linux-image-virtual-lts-utopic, linux-tools-kvm, linux-image-generic, linux-signed-image-lowlatency, linux-source-4.4.0, linux-virtual, linux-headers-virtual, linux-image-extra-virtual-lts-wily, linux-aws-cloud-tools-4.4.0-1140, linux-image-hwe-generic-trusty, linux-cloud-tools-4.4.0-1140-aws, linux-signed-image-generic-lts-xenial, linux-hwe-generic-trusty, linux-signed-image-lowlatency-lts-xenial, linux-headers-virtual-lts-utopic, linux-cloud-tools-virtual-lts-utopic, linux-generic, linux-cloud-tools-lowlatency-lts-utopic, linux-signed-image-generic-lts-utopic, linux-cloud-tools-generic-lts-vivid, linux-headers-lowlatency-lts-vivid, linux-cloud-tools-virtual-lts-xenial, linux-signed-image-generic-lts-vivid, linux-tools-lowlatency-lts-xenial, linux-image-generic-lts-xenial, linux-tools-4.4.0-1140-aws, linux-image-generic-lts-wily, linux-aws-tools-4.4.0-1140, linux-image-extra-virtual-lts-xenial, linux-cloud-tools-lowlatency, linux-lowlatency-lts-wily, linux-lts-xenial-cloud-tools-4.4.0-224, linux-crashdump, linux-tools-4.4.0-224-lowlatency, linux-modules-extra-4.4.0-1140-aws, linux-headers-lowlatency, linux-buildinfo-4.4.0-224-generic, linux-signed-image-generic, linux-tools-virtual-lts-xenial, linux-tools-host, linux-headers-generic, linux-image-extra-virtual, linux-headers-4.4.0-1105-kvm, linux-modules-4.4.0-224-generic, linux-cloud-tools-4.4.0-224, linux-hwe-virtual-trusty, linux-cloud-tools-4.4.0-1105-kvm, linux-virtual-lts-xenial, linux-headers-virtual-lts-wily, linux-headers-generic-lts-vivid, linux-signed-lowlatency-lts-wily, linux-virtual-lts-vivid, linux-headers-generic-lts-wily, linux-virtual-lts-wily, linux-tools-generic-lts-utopic, linux-image-lowlatency-lts-xenial, linux-cloud-tools-generic-lts-utopic, linux-cloud-tools-virtual-lts-vivid, linux-aws, linux-signed-lowlatency-lts-xenial, linux-tools-generic, linux-signed-generic-lts-vivid, linux-image-extra-virtual-lts-utopic, linux-tools-4.4.0-224, linux-tools-4.4.0-224-generic, linux-signed-image-generic-lts-wily, linux-tools-common, linux-image-virtual-lts-xenial, linux-tools-lowlatency-lts-utopic, linux-headers-4.4.0-224, linux-tools-lts-utopic, linux-libc-dev, linux-modules-extra-aws, linux-tools-lowlatency-lts-vivid, linux-image-4.4.0-1105-kvm, linux-image-lowlatency-lts-utopic, linux-tools-aws, linux-tools-virtual, linux-headers-lowlatency-lts-utopic, linux-cloud-tools-virtual-lts-wily, linux-signed-generic-lts-xenial, linux-tools-generic-lts-vivid, linux-virtual-lts-utopic, linux-image-4.4.0-1140-aws, linux-image-lowlatency-lts-vivid, linux-image-hwe-virtual-trusty, linux-buildinfo-4.4.0-1140-aws, linux-lowlatency, linux-lowlatency-lts-xenial, linux-doc, linux-cloud-tools-common, linux-kvm-cloud-tools-4.4.0-1105, linux-signed-generic, linux-headers-4.4.0-224-lowlatency, linux-image-unsigned-4.4.0-224-generic, linux-tools-virtual-lts-utopic, linux-signed-image-lowlatency-lts-wily, linux-cloud-tools-lowlatency-lts-wily, linux-tools-lowlatency, linux-headers-kvm, linux-cloud-tools-lowlatency-lts-xenial, linux-lts-xenial, linux-image-virtual-lts-wily, linux-cloud-tools-virtual, linux-tools-generic-lts-xenial, linux-cloud-tools-lowlatency-lts-vivid, linux-image-4.4.0-224-generic, linux-headers-generic-lts-utopic, linux-generic-lts-wily, linux-kvm-headers-4.4.0-1105, linux-modules-4.4.0-1105-kvm, linux, linux-tools-generic-lts-wily, linux-tools-4.4.0-1105-kvm, linux-headers-lowlatency-lts-xenial, linux-tools-virtual-lts-wily, linux-modules-4.4.0-1140-aws, linux-headers-4.4.0-224-generic, linux-lowlatency-lts-utopic, linux-signed-generic-lts-utopic, linux-image-aws, linux-cloud-tools-generic, linux-generic-lts-xenial, linux-cloud-tools-4.4.0-224-lowlatency, linux-lts-xenial-tools-4.4.0-224, linux-tools-lowlatency-lts-wily, linux-image-virtual, linux-cloud-tools-generic-lts-wily, linux-lowlatency-lts-vivid, linux-image-unsigned-4.4.0-224-lowlatency, linux-kvm, linux-generic-lts-utopic, linux-cloud-tools-generic-lts-xenial, linux-image-kvm - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LO8kNZI30y1K9AQg0SRAAtqKfBAuiGYVvruI/mQhyihjOfNK+mwsT bNJ1OqkYQ4u+nBzIYAklbEdph6t4aMYLJ9t3DM0zXpR4bo1UJqFzaOERUuquwzWA K0hQSA9dOVC71LptuJ43S4nypmBOwruKCunSkcGY7RskPh+ZqRU+hKeR6UwXD6Ed /AYXQ0ehM2FtzVWWw8f1OFGQnXOA9RU8heAbd4RIuP0L2/UitjGbe4yWtaOdVFHX eyvNBLvE3KYVfm2JR2WSIIksNoY2IrsAzJg4FSu9HMPCQQd9lFY836dcQQiw0+ZX jYZ5GfBrqg6QyJUGvpctljtZKbVGPkazU6SxqES+5Mk+J9OwcvMkPhEg57YCF9zr mMm/TzTbdG8y51AatPR9Hllm2mnWvx/kG2I7QzT8u+TEmjD6i1y7L0a/ThlELNq3 ndChoXGZ2GfwvZH66ijgwCGy10S+u0k1+ilpUw98RuylSiQU8KP8y79Cf8hPAnMh 6F7Zg5elVmtIODffjOVGK6ZrBciG0Ub2xagzbsoWVD5XCmBCgBTp/Te1ysQLRHqf Py5p/PWpX/90PlR2BpvzJAgUUxpf5K1gmXpQ19z7/ex+qKNN7h7TACmWN/YuDGuU 15kbKtbEYxK/n0oRUot5NcR1p987d7uaft7J7kkoxYoATrEO2bf50VjaLgS6H7Os xV5igCf6yks= =9RsT -----END PGP SIGNATURE-----