AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 2 óra 21 perc
2022. május 25.

ESB-2022.2549 - [SUSE] python-requests: CVSS (Max): 5.9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2549 Security update for python-requests 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: python-requests Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2018-18074 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221819-1 Comment: CVSS (Max): 5.9 CVE-2018-18074 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for python-requests ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1819-1 Rating: moderate References: #1111622 Cross-References: CVE-2018-18074 Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise High Availability 12-SP3 SUSE Linux Enterprise High Availability 12-SP4 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise High Performance Computing 12-SP3 SUSE Linux Enterprise High Performance Computing 12-SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Manager Tools 12 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-requests fixes the following issues: o CVE-2018-18074: Fixed to prevent the package to send an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect. (bsc#1111622) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1819=1 o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-1819=1 o SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1819=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-1819=1 o SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2022-1819=1 o SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1819=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-1819=1 o SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1819=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-1819=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-1819=1 o SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1819=1 o SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2022-1819=1 o SUSE Linux Enterprise High Availability 12-SP4: zypper in -t patch SUSE-SLE-HA-12-SP4-2022-1819=1 o SUSE Linux Enterprise High Availability 12-SP3: zypper in -t patch SUSE-SLE-HA-12-SP3-2022-1819=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2022-1819=1 Package List: o SUSE OpenStack Cloud Crowbar 9 (noarch): python-requests-2.11.1-6.31.1 o SUSE OpenStack Cloud Crowbar 8 (noarch): python-requests-2.11.1-6.31.1 o SUSE OpenStack Cloud 9 (noarch): python-requests-2.11.1-6.31.1 o SUSE OpenStack Cloud 8 (noarch): python-requests-2.11.1-6.31.1 o SUSE Manager Tools 12 (noarch): python-requests-2.11.1-6.31.1 python3-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server 12-SP3-BCL (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Server 12-SP2-BCL (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch): python-requests-2.11.1-6.31.1 python3-requests-2.11.1-6.31.1 o SUSE Linux Enterprise High Availability 12-SP4 (noarch): python-requests-2.11.1-6.31.1 o SUSE Linux Enterprise High Availability 12-SP3 (noarch): python-requests-2.11.1-6.31.1 o HPE Helion Openstack 8 (noarch): python-requests-2.11.1-6.31.1 References: o https://www.suse.com/security/cve/CVE-2018-18074.html o https://bugzilla.suse.com/1111622 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JpMkNZI30y1K9AQg+XA/+P85roi1K+Yi68Vaa5KgLrA7TAmPZ/Vb9 jqkNhmQzufEkgfliojJddhpsKvsVwKcS+9qBlRdW1WCaCyWzb9SUkhcSnp05PYB9 LLNEijui/ZVKzpPX7EuMTUOcOD8EeSFNumQOj+tGYiSO/MCQbGGzxWFm9K4+Whzt Gf+SDVb9nFEPzyZuNju63HJxyNGw3GPjgjMmVXhDVBOZJoCUueU9Py/jWL/MZi8W 07KmkepDIDirdee/PT1m/Tq5kkBTsopshhb+PLeBq3vwNDwvdp4oCXJhUAJAHPJz qQHRwnwvSkj3lhun3aXNj39nEBQ9LSGe7l6/RGDlaqjyKUUFVI5pn028/+4A6M+O gEhlRxgeZ8UQxeiisOP2uuZb5v5mSp7GWft1ewl5K2IwDHTI+yEWbehwBgKvqz/G pyiKgRfhCXP8h50Xm8D0fRXh9h37hV6ttl4iyWdsQLkET2Lofy6lvI8QExkc0zsv NWP624h8fNHrytqSRbkOJHvPmkadioMR7USX6vlO4KMXSshoXXoiui5zN9huScd8 LyrESooNhADTZLUeDOyHUrDcruzAxdWFrOIG1eCo7c9PkwhSM8yDSfjFAiYti2p1 Kx3ZH9VSzelmjD1BqWLW/0cLeQWmnD2t/IuTZwj4Q4MBpynCvDo2UWuvx55B9ujx GPmJ/eLgRXo= =wMrI -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2548 - [Appliance] Mitsubishi Electric Factory Automation Engineering Products (Update G): CVSS (Max): 8.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2548 Advisory (icsa-20-212-04) Mitsubishi Electric Factory Automation Engineering Products (Update G) 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mitsubishi Electric Factory Automation Engineering Products (Update G) Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2020-14521 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-20-212-04 Comment: CVSS (Max): 8.3 CVE-2020-14521 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-20-212-04) Mitsubishi Electric Factory Automation Engineering Products (Update G) Original release date: May 24, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 8.3 o ATTENTION: Exploitable remotely o Vendor: Mitsubishi Electric o Equipment: Mitsubishi Electric, Factory Automation Engineering products o Vulnerability: Unquoted Search Path or Element 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update F) that was published February 8, 2022, to the ICS webpage on cisa.gov/ ics. 3. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, modify information, and cause a denial-of-service condition. 4. TECHNICAL DETAILS 4.1 AFFECTED PRODUCTS The following products and versions are affected: o C Controller Interface Module Utility, all versions - --------- Begin Update G Part 1 of 5 --------- o [S: C Controller Module Setting and Monitoring Tool: All versions :S] - --------- End Update G Part 1 of 5 --------- o C Controller Module Setting and Monitoring Tool, all versions o CC-Link IE Control Network Data Collector, Version 1.00A o CC-Link IE Field Network Data Collector, Version 1.00A o CC-Link IE TSN Data Collector, Version 1.00A o CPU Module Logging Configuration Tool, Versions 1.100E and prior o CW Configurator, Versions 1.010L and prior o Data Transfer, Versions 3.42U and prior o EZSocket, version 5.1 and prior o FR Configurator SW3, all versions - --------- Begin Update G Part 2 of 5 --------- o FR Configurator2: Versions 1.26C and prior - --------- End Update G Part 2 of 5 --------- o GT Designer2 Classic, all versions o GT Designer3 Version1 (GOT1000), Versions 1.241B and prior o GT Designer3 Version1 (GOT2000), Versions 1.241B and prior o GT SoftGOT1000 Version3, Versions 3.200J and prior o GT SoftGOT2000 Version1, Versions 1.241B and prior o GX Developer, Versions 8.504A and prior o GX LogViewer, Versions 1.100E and prior o GX Works2, Versions 1.601B and prior o GX Works3, Versions 1.063R and prior - --------- Begin Update G Part 3 of 5 --------- o M_CommDTM-IO-Link, Versions 1.03D and prior - --------- End Update G Part 3 of 5 --------- o MELFA-Works: Version 4.4 and prior o MELSEC WinCPU Setting Utility, all versions o MELSOFT Complete Clean Up Tool, Versions 1.06G and prior o MELSOFT EM Software Development Kit, all versions o MELSOFT iQ AppPortal, 1.17T and prior o MELSOFT Navigator, Versions 2.74C and prior o MI Configurator, all versions o Motion Control Setting, Versions 1.005F and prior o Motorizer, Versions 1.005F and prior o MR Configurator2, Version 1.125F and prior o MT Works2, Version 1.167Z and prior o MTConnect Data Collector, Version 1.1.4.0 and prior o MX Component, Version 4.20W and prior o MX MESInterface, Versions 1.21X and prior o MX MESInterface-R, Versions 1.12N and prior o MX Sheet, Version 2.15R and prior - --------- Begin Update G Part 4 of 5 --------- o Network Interface Board CC IE Control Utility, Versions 1.29F and prior o Network Interface Board CC IE Field Utility, Versions 1.16S and prior o Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior o Network Interface Board MNETH Utility, Versions 34L and prior - --------- End Update G Part 4 of 5 --------- o Position Board utility 2, all versions o PX Developer, version 1.53F and prior o RT ToolBox2: Version 3.73B and prior o RT ToolBox3: Version 1.82L and prior - --------- Begin Update G Part 5 of 5 --------- o Setting/monitoring tools for the C Controller module (SW3PVC-CCPU), all versions o Setting/monitoring tools for the C Controller module (SW4PVC-CCPU), all versions - --------- End Update G Part 5 of 5 --------- o SLMP Data Collector, Version 1.04E and prior 4.2 VULNERABILITY OVERVIEW 4.2.1 UNQUOTED SEARCH PATH OR ELEMENT CWE-428 Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. CVE-2020-14521 has been assigned to this vulnerability. A CVSS v3 base score of 8.3 has been calculated; the CVSS vector string is ( AV:N/AC:H/PR:N/UI:R/S:C/ C:H/I:H/A:H ). 4.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Japan 4.4 RESEARCHER Mashav Sapir of Claroty reported this vulnerability to CISA. 5. MITIGATIONS Mitsubishi Electric recommends the following mitigations: Please refer to the Mitsubishi Electric website for details on available patches. Download the latest version of each software product and update it. Refer to the manual for help to update affected products. For users of a product that has not released a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends taking the following mitigation measures to minimize risk: o If a "File Name Warning" message is displayed when starting Windows, take appropriate measures according to the instructions in the message (such as changing a file name) and then install or operate the products. o Operate the products under an account that does not have administrator privileges. o Install an antivirus software in computers using the products. o Restrict network exposure for all control system devices or systems to the minimum necessary and ensure they are not accessible from untrusted networks and hosts. o Locate control system networks and remote devices behind firewalls and isolate them from the network. o Use virtual private network (VPN) when remote access is required. Additional information about the vulnerabilities or Mitsubishi Electric's compensating control is available by contacting a Mitsubishi Electric representative . CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov . Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. CISA also recommends users take the following measures to protect themselves from social engineering attacks: o Do not click web links or open unsolicited attachments in email messages. o Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. o Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploits specifically target this vulnerability. This vulnerability has a high attack complexity. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JnMkNZI30y1K9AQhvGA/9F2iH1oPr8f5OxWrZNZe9lb5XExMGaAJ+ 5BHYCF+LIvWs4llQns0q2hcC3VeJ8HhTSB8sa+Ofitpa8NJf83flzfCza3uG0iDC PxVc2l/p5LFtHGBTUtO1BkTyI7DHpIPTfpiYD7DBm/c05N/vdeRl/R2JTvhKT3vE NRYbkZbud/l/LlLy2l3a4iEj8KXoNgg4OKW75W7ayOyyraS74dAM1vaaLeSrGs8F C4hsW5G73SWCgPycYJ+fjvbNYNzy/s7m0gmSw/cA+2YhDmdMN1o87P6JSZrBLqSK mSElvivtkxsc54JBK+NVqiZQ2nnb/UQL//sCvlbZYHxKdZrwmIRhMyHI2/9zAF8p kvyiwsLzgXTiNGUmddOxZ/+GyXWz9O4+Ak3kmUns+dpRrzarmapeHai+peVk7YEA LDqXfFVlxeCcNFCUJjUS7Fs+2m8DwSy0G1g755r9vD0pxVXAXbx3FlZepZS5lMfG ka6nnTHpoQAloj7whKwqin5aWB7EH4Agt28LnuZaWJfK1HLIizK8l2a6mXYNg6XY mnMrNJdZ49XVLkeBpLjEY/h0FvHFv3e7gsx/oosEjdfESLI+MLl59HLlbXPDRJv2 WIQsvlbqk8Um6rmpvv2/PZW0aI2IkTbLjqzyZ6C5j2EOQ0l0r9M0RGMb0TOE8KCL vOXI1gK7UmU= =e/Gi -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2547 - [Appliance] Mitsubishi Electric FA Engineering Software Products (Update E): CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2547 Advisory (icsa-21-049-02) Mitsubishi Electric FA Engineering Software Products (Update E) 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mitsubishi Electric FA Engineering Software Products (Update E) Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2021-20588 CVE-2021-20587 Original Bulletin: https://www.cisa.gov/uscert/ics/advisories/icsa-21-049-02 Comment: CVSS (Max): 7.5 CVE-2021-20588 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-21-049-02) Mitsubishi Electric FA Engineering Software Products (Update E) Original release date: May 24, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 7.5 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Mitsubishi Electric o Equipment: FA Engineering Software Products o Vulnerabilities: Heap-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update D) that was published February 8, 2022, to the ICS webpage on cisa.gov/ics. 3. RISK EVALUATION Successful exploitation of these vulnerabilities may cause a denial-of-service condition. 4. TECHNICAL DETAILS 4.1 AFFECTED PRODUCTS Mitsubishi Electric reports these vulnerabilities affect the following FA Engineering Software Products that communicate with MELSEC, FREQROL, or GOT products: - --------- Begin Update E Part 1 of 6 --------- o [S: C Controller module setting and monitoring tool, All versions :S] - --------- End Update E Part 1 of 6 --------- o CPU Module Logging Configuration Tool, Versions 1.112R and prior o CW Configurator, Versions 1.011M and prior o Data Transfer, Versions 3.44W and prior o EZSocket, All versions o FR Configurator, All versions o FR Configurator SW3, All versions o FR Configurator2, Versions 1.24A and prior o GT Designer3 Version1(GOT1000), Versions 1.250L and prior o GT Designer3 Version1(GOT2000), Versions 1.250L and prior o GT SoftGOT1000 Version3, Versions 3.245F and prior o GT SoftGOT2000 Version1, Versions 1.250L and prior o GX Configurator-DP, Versions 7.14Q and prior o GX Configurator-QP, All versions o GX Developer, Versions 8.506C and prior o GX Explorer, All versions o GX IEC Developer, All versions o GX LogViewer, Versions 1.115U and prior o GX RemoteService-I, All versions o GX Works2, Versions 1.597X and prior o GX Works3, Versions 1.070Y and prior o iQ Monozukuri ANDON (Data Transfer), All versions o iQ Monozukuri Process Remote Monitoring (Data Transfer), All versions o M_CommDTM-HART, All versions - --------- Begin Update E Part 2 of 6 --------- o M_CommDTM-IO-Link, Versions 1.03D and prior - --------- End Update E Part 2 of 6 --------- o MELFA-Works, Versions 4.4 and prior o MELSEC WinCPU Setting Utility, All versions o MELSOFT EM Software Development Kit (EM Configurator), All versions o MELSOFT Navigator, Versions 2.74C and prior o MH11 SettingTool Version2, Versions 2.004E and prior o MI Configurator, All versions o MT Works2, Versions 1.167Z and prior o MX Component, Versions 5.001B and prior - --------- Begin Update E Part 3 of 6 --------- o Network Interface Board CC IE Control utility, Versions 1.29F and prior o Network Interface Board CC IE Field Utility, Versions 1.16S and prior o Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior o Network Interface Board MNETH utility, Versions 34L and prior - --------- End Update E Part 3 of 6 --------- o PX Developer, Versions 1.53F and prior o RT ToolBox2, versions 3.73B and prior o RT ToolBox3, versions 1.82L and prior - --------- Begin Update E Part 4 of 6 --------- o Setting/monitoring tools for the C Controller module (SW3PVC-CCPU), all versions o Setting/monitoring tools for the C Controller module (SW4PVC-CCPU), all versions - --------- End Update E Part 4 of 6 --------- o SLMP Data Collector, Versions 1.04E and prior 4.2 VULNERABILITY OVERVIEW 4.2.1 HEAP-BASED BUFFER OVERFLOW CWE-122 A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets. CVE-2021-20587 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:N/I:N/A:H ). 4.2.2 IMPROPER HANDLING OF LENGTH PARAMETER INCONSISTENCY CWE-130 A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets. CVE-2021-20588 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/ C:N/I:N/A:H ). 4.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Japan 4.4 RESEARCHER dliangfun reported these vulnerabilities to Mitsubishi Electric. 5. MITIGATIONS Mitsubishi Electric recommends that users download and update the latest version of each software product: o CPU Module Logging Configuration Tool, Version 1.118X or later o CW Configurator, Version 1.012N or later o Data Transfer, Version 3.45X or later. For updating the iQ Monozukuri ANDON and iQ Monozukuri Process Remote Monitoring, download the fixed version of Data Transfer in advance o FR Configurator2, Version 1.25B or later o GT Designer3 Version1(GOT1000), Version 1.255R or later o GT Designer3 Version1(GOT2000), Version 1.255R or later o GT SoftGOT1000 Version3, Version 3.255R or later o GT SoftGOT2000 Version1, Version 1.255R or later o GX Configurator-DP, Version 7.15R or later. Contact a Mitsubishi Electric representative about GX Configurator-DP o GX Developer, Version 8.507D or later o GX LogViewer, Version 1.118X or later o GX Works2, Version 1.600A or later o GX Works3, Version 1.072A or later - --------- Begin Update E Part 5 of 6 --------- o M_CommDTM-IO-Link, Version 1.04E or later - --------- End Update E Part 5 of 6 --------- o MELFA-Works, Version 4.5 or later o MELSOFT Navigator, Version 2.78G or later o MH11 SettingTool Version2, Version 2.005F or later o MT Works2, Version 1.170C or later o MX Component, Version 5.002C or later - --------- Begin Update E Part 6 of 6 --------- o Network Interface Board CC IE Control utility, Version 1.30G or later o Network Interface Board CC IE Field Utility, Version 1.17T or later o Network Interface Board CC-Link Ver.2 Utility, Version 1.24A or later o Network Interface Board MNETH utility, Version 35M or later - --------- End Update E Part 6 of 6 --------- o PX Developer, Version 1.54G or later o RT ToolBox2, Versions 3.74C or later o RT ToolBox3, Version 1.90U or later o SLMP Data Collector, Version 1.05F or later Mitsubishi Electric recommends users who are using a product that has not released a fixed version or who cannot immediately update the product, take the following mitigations to minimize risk: o Install the fixed version of FR Configurator2 running the products on workstations when communicating with FREQROL. FR Configurator2 provides comprehensive countermeasures that give the same countermeasure effect to other products. o Install the fixed version of GT Designer3 on workstations running the products when communicating with GOT. GT Designer3 provides comprehensive countermeasures that give the same countermeasure effect to other products. o Install the fixed version of GX Works3 on the computer running the products when communicating with MELSEC. Fixed software products that communicate with GOT and FREQROL are currently under development. GX Works3 provides comprehensive countermeasures that deliver the same countermeasures to other products. o Operate the products under an account that does not have administrator's privileges. o Install antivirus software in the computer running the products. o Restrict network exposure for all control system devices or systems to the minimum necessary, and ensure they are not accessible from untrusted networks and hosts. o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o Use virtual private network (VPN) when remote access is required. Please refer to the Mitsubishi Electric advisory for details on how to check firmware version. CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov . Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target these vulnerabilities. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JkMkNZI30y1K9AQhsoRAAr9U3fHj13kK8kdB8QKvyN3L2SGle0b2j 3aLfBDjNEs+AUfEFgHLeDPmBsr370B5TDF778EDndasJ5agWNJ8HWKrk+McplAzK LLi9zZVJwUoAs9Eq+ZJFcc4kFtK0I6uWrlxaNMl5bXbqOLRnEFufRBYt5qrzeR9g x0dCASVwR4NjEBPPhr6Uj1idXVcds+TG+nQe1Kb85N/CSqYYxhbKpcJXEs4TiSVa OwcNXL7JQucDMU76uLuNUMlGaqaaPvXcih3fS+7+dwdIUgsbKpWDh0SPyxLAeJmk i8Al/J3bCdhr/lzt8fvwpT5Rr0ebE+bmu3SzRDnk1WnPaOuenSAyKuMkRlkpXMOK xjxNueev7RsB+eSol+ePZTJy4WwtPOQID7ICucDNQm9QdwRWSVpyCsych9+LLGxc fOGQr3tWj64JelYvKbq981Eq3QjAriHHdaiu+QpEgT2CNZqwC/7CkT82Lnl06ZZo m7qvg8wimp+/UpbSTFDX/eRsh4Z5B6eoToGoxWR2aOELM4r6a+WhG/2iQaYvJK3D qJktnQO0OSVLlrRgBEZTpZf9CD/IAIrdQyf/xhhu92lxHGVNUtTcUyKsCzGaIjLP PcnxxKyowBzWkpW0/CE+u5iXZSuORszT3pbERd4XjOyvYbuEsQt3Fxr2/oRBvLnM W2tH2XWKEmU= =LztZ -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2546 - [Appliance] Matrikon OPC Server: CVSS (Max): 5.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2546 Advisory (icsa-22-144-02) Matrikon OPC Server 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Matrikon OPC Server Publisher: ICS-CERT Operating System: Network Appliance Resolution: Mitigation CVE Names: CVE-2022-1261 Original Bulletin: https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-02 Comment: CVSS (Max): 5.8 CVE-2022-1261 (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-144-02) Matrikon OPC Server Original release date: May 24, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 5.8 o ATTENTION: Exploitable remotely o Vendor: Matrikon, a subsidiary of Honeywell o Equipment: Matrikon OPC Server o Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote command execution with system-level privileges through the support of the IPersistFile COM interface. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Makitron OPC software are affected: o Matrikon OPC Server: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER ACCESS CONTROL CWE-284 The affected product is vulnerable to a condition where a low-privileged user allowed to connect to the OPC server to use the functions of the IPersisFile can execute operating system processes with system-level privileges. CVE-2022-1261 has been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:L/UI:R/S:C/C:N/ I:H/A:N ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Canada 3.4 RESEARCHER William Knowles of Applied Risk reported this vulnerability to CISA. 4. MITIGATIONS Matrikon advises affected users to apply mitigations from its security best practices document (login required). CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target this vulnerability. This vulnerability has a high attack complexity. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JhskNZI30y1K9AQgl/BAAqoN9eG2G49uFyxzfV+di2YNV0O9bvWz7 a/FVTcMJi8RmFgocAYXpBYOWC5IrODQbhJp11yPD62QnyVediRcgU6ydgSWrJ6MZ 8xvloApPYX7CaxDT7ALX9LSzu9cS6dTyWwCNoCFnFfMqngdDoE1FVtSls8GVb3UR zj0a9/T0pm9M0i5HsZq30O7cGX3YOlGtdxGcLrDh3SA/Z7sQruB8C+MTydDFX+5T wTG93SqT6zhRIV6yJFKpsZNEFRDZi1elrm1KhmPmWEgPK6CFfzBmHCZ4YpUD+iV6 UHFplLYyWGQNUVX8nulhy3es8gXf2yIdGxI6n/AoC+GMPFDu680pAJlQO3FUFbR7 d40knLJmWyQ5A06h+HXmgnXkrn+cEFZe8lbxI5FJZRA41zsB/C477psmr3g2m4Pr GgskreriYvQdr6E7ofhW4W8veD7mTzeElX+QTmr10VEN6d6qTAP6JCHtBXjxqYWY COu3duTbgtMYmptdRx1dxBDbZtngPq/sa8id2Zf/3HmtOzs+hA6YTZyQNSAeeS7p TLDog4jlM+cOXT2a0m/e2Oir6LG81Tfk+oPkD/LAX1US/MI0IYS3htVenrlQYNFT WEOK2c5195pi7fvFZe7reAdF5cdfwj2JCzYIeeTv+otzxMY0oaZuOI/gXZ7eDEfQ N8lDYLEumPw= =5ftZ -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2545 - [Appliance] Rockwell Automation Logix Controllers: CVSS (Max): 6.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2545 Advisory (icsa-22-144-01) Rockwell Automation Logix Controllers 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Rockwell Automation Logix Controllers Publisher: ICS-CERT Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-1797 Original Bulletin: https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01 Comment: CVSS (Max): 6.8 CVE-2022-1797 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-144-01) Rockwell Automation Logix Controllers Original release date: May 24, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 6.8 o ATTENTION: Exploitable remotely o Vendor: Rockwell Automation o Equipment: Logix Controllers o Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized user to send malicious messages to the targeted device, which could lead to a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports this vulnerability affects the following Logix Controllers: o CompactLogix 5380 controllers: firmware Versions 32.013 and earlier o Compact GuardLogix 5380 controllers: firmware Versions 32.013 and earlier o CompactLogix 5480 controllers: firmware Versions 32.013 and earlier o ControlLogix 5580 controllers: firmware Versions 32.013 and earlier o GuardLogix 5580 controllers: firmware Versions 32.013 and earlier o CompactLogix 5370 controllers: firmware Versions 33.013 and earlier o Compact GuardLogix 5370 controllers: firmware Versions 33.013 and earlier o ControlLogix 5570 controllers: firmware Versions 33.013 and earlier o GuardLogix 5570 controllers: firmware Versions 33.013 and earlier 3.2 VULNERABILITY OVERVIEW 3.2.1 UNCONTROLLED RESOURCE CONSUMPTION CWE-400 A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online. CVE-2022-1797 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ( AV:N/AC:H/PR:N/UI:N/S:C/ C:N/I:N/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Multiple Sectors o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: United States 3.4 RESEARCHER Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA. 4. MITIGATIONS Rockwell Automation recommends users update to the latest firmware version to mitigate this vulnerability. Users are directed towards the risk mitigation provided below and are encouraged (where possible) to combine these with the general security guidelines below to employ multiple strategies simultaneously. Users should go to Rockwell Automation's Product Compatibility & Download Center to download the latest firmware. o CompactLogix 5380, Compact GuardLogix 5380, CompactLogix 5480, ControlLogix 5580, GuardLogix 5580: Upgrade to v33.011 firmware o CompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Upgrade to v34.011 firmware If upgrading is not possible, Rockwell Automation recommends the following mitigations: o Use of Microsoft AppLocker or other similar allow list applications can help mitigate risk. Information on using AppLocker with products from Rockwell Automation is available in Knowledgebase article QA17329 . o Confirm the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed. Rockwell Automation general security guidelines: o Use trusted software, software patches, antivirus/antimalware programs and interact only with trusted websites and attachments. o Minimize network exposure for all control system devices and/or systems and confirm they are not accessible from the Internet. For further information about the risks of unprotected Internet accessible control systems, see Knowledgebase article PN715 . o Locate control system networks and devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize a VPN is only as secure as connected devices. o Please see Rockwell Automation's security advisory PN1596 for more information. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target this vulnerability. This vulnerability has a high attack complexity. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JcckNZI30y1K9AQirIxAAvQD8XPPFJa7nLtuuQJbtOtVzD2P9SJOK 2BrkCBtzaqMFYZ2ayp+aQhIG2noEvrldffEfVpMDex5LDIyDn1wkwjPv5RsZKFOZ hNU0a+SFMZxt817742U00UW8ma8VUl09naRHy6MLafI+BgVJHp3/AjYhcDoC3vKa qN6xkC9wt53Lz9pMs1uFTZgefnoXfBpNEemuHsXYHu65q8sQyPhJByuI7APd9p2P JVBsgF+OEoXzbcuE0lzc75q9lHzAnKixditwvNWJF8O/HR2IrPF59RRj3488WYO2 Ab4dLpdGXCI5I8DA8JQfzSFppgxkUJ4BhLyVQhP8A4DWyfxa88AhmRq/Sa1I9HiD BIDJfq91tveUwk29vF/SH+ovKJYiiu430Z3Ml/6Wpl4WLUJ98yRB15A9w603LBPc PxgspPoRW82N9xOwqLyP8zyqrtOvw98wU4454nYTEYqmuYjAStwS5t+RogHLk71u doARehdG0tZCd0aqzDkbiUOt2KF5R2pzU1ARM5w7SD5gCO7FdmZ66lVNCNZDZfQb MuoWgWnHObSLHWZhKDraMIhmnzP/3lyBdpvtVyF6nCp5f2i0cNnK48b48/b1Ty0B GJYbQoXyOjBUeZj6owmWtcG2Stvq2ufLq/yTID0zKXkoO2eXkC/G3BM4QZuoeWX8 ow5rygOrrrI= =6gwB -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2544 - [Debian] openldap: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2544 openldap security update 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openldap Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-29155 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html Comment: CVSS (Max): 9.8 CVE-2022-29155 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3017-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Dominik George May 20, 2022 https://wiki.debian.org/LTS - - ------------------------------------------------------------------------- Package : openldap Version : 2.4.44+dfsg-5+deb9u9 CVE ID : CVE-2022-29155 Debian Bug : Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operations when a specially crafted search filter is processed. For Debian 9 stretch, this problem has been fixed in version 2.4.44+dfsg-5+deb9u9. We recommend that you upgrade your openldap packages. For the detailed security status of openldap please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openldap Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iKcEARYKAE8WIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCYozK2TEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjAAoJEArlVOVG DhvdefIBAMje6ckyOEQDicbrtp3nuDAykW2HZYRjiYc4wxf6Sx0TAQCJ04/3YuuQ UyUKfMmm0cmGuq8FFm2LmHQmGLNUDiZWBA== =Ekyh - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JackNZI30y1K9AQgdZg/+LQy+qio9plYPD8uEXetTKTrkPh5jalyG w7o2vIGWSaBqY52/7zbcivL9hkxiueVAlYr6X4Uww0j8u6Ugsd7L0uK9reRlyos1 8Lv4dC9Pb0lSABCZpq4H2SSpMFInmlzWZgJXgOaJdYjqnG7qqg4wYjABJmCCbJoa PikAg8s1MZpooLtiexw3k8QaDq/iF33kADELrF97k2Uq0LQ1KxLjvpA3vuGMYPIU kReNo8CqevVLAe7QoGmfphFSi5Jiq5vsQoSCUt4GsF2zNXEJxbVkqzc3izppNeuS 9qbHUqigbAKsx+p8fhQAefqgJX5qpVFMDOKdFZao2scHkLiYkxRVBi/IsFtvghZW ShrpQ+uDi2BPuhWnbJ5hV7JRo8oREMrrMvP1krGH1pPbMdFr175YX5EvHjgSIjb8 18sRJnlbCbiZU16VyTDuIXD2vb9ElD2fppNUELS6/n0LpDPsqElAuwuyW1sI4L1w BB8TWjGaOhiEboNOTjubSlmJ1Gr8XxH0xqIkDFMcJEpSVmS7OyVZrOl5+cpNKcuI 4uawOAgVAUn1QpieEg9Iy50J3kjzNtyVixdsgpXNsa/NAJYicCRn8QfmQ2FB8hr3 3Txg99bnqcsoxg5AZ/hUVHc1FEUnEZ9pZ65RPWlSR9uJZBuOJ+sfFPPkORCihqfA O7uZftsg1xA= =FwBn -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2543 - [Debian] firefox-esr: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2543 firefox-esr security update 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firefox-esr Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-1802 CVE-2022-1529 Original Bulletin: https://lists.debian.org/debian-lts-announce/2022/05/msg00031.html Comment: CVSS (Max): 8.8 CVE-2022-1802 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3021-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 24, 2022 https://wiki.debian.org/LTS - - ------------------------------------------------------------------------- Package : firefox-esr Version : 91.9.1esr-1~deb9u1 CVE ID : CVE-2022-1529 CVE-2022-1802 Manfred Paul discovered two security issues in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in version 91.9.1esr-1~deb9u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmKMkgsACgkQnUbEiOQ2 gwILvxAAyAp6JbrQXB0Ic5AE/RZqfE5JVlEuv+bhCi+gATJNkJeuDo4p2vT0JwT7 YzO/QDB5i7lH6E2xH6DGwoOd8v8dQZ0ho/W6IAdGZKhM/h3hDkETBztJ4QUwjI2+ K3ahaErz5XIhvIXvxiIwBT7zAVFgK4+r0lA+JqA0n6oKEzfbxPYYoDjwZj6Qpsny KIl2ka0K8ltXqtUXW2dBpUEOh5nn/qgLvCRjUuunp6hiDnC4DdObl2jN8YJwDoVv jTveacl0cjb5jwPFz0OHHjajCEJfjMyEC5RqX4Zqxb/T6eghzTEKYAJseTEbvjZD ePVGeJBXRpzZJeVP0xkkW+87bEvK+H61lOyGt/BvhLpE8ln0eisK81xAhxb1Q9g+ ScHjTx15YxgcCOoF8ekTINf98S4ZVacIK3EVzT1K16Tjqtq1BPLb3tczGsXnUQ7i S57TmFht41vgDp1tlH9xncwwzEZWuy+nPwMUfwmDG36x90l7KBFn/am55do8hBSH IdKtYZ1pVdqnFpq5bcSEpOAo4fWlgEmMTqHEGsUYUyzbuWoDJygerDphkdTtmDgN KUQUFJpKLuoyXXXYWrSh4loRMIOBNhw8ra4S95n3VL8U6+Fes4NeK7veuAe6uZOc ySvibKN7+aUK4M2O7HULdGXx7Z3DtTiNRVJzLvmzvTN17iHC3jI= =AM1e - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JY8kNZI30y1K9AQjlNg/+N3nZPkrtVcyuR5bG0tQdfJHm9NXMyjwr FzGYHIHuis0sSVfgHZK1FOcDY+WDiVEcZ4YksOmdjEi4nFTtWHKyc4Hns/4K7RjS X+UFKcw98BpN4JAeF7t6ifbeFX0q1hOnevyAZQzJJX8SqKGKlIE4wO0qCD5cmeH7 EDB0XveTT7WzPXIQsCK0vBuS016bwRXSYtX6fn4uRoks8XOnDdXCXyJvWHNNaE1x oc4NPxHM8ZKTX30KAPldsXWoHTwfmfgsuFmeDelbQYi4nw/jd0GbxZSMcgEna8vS FKaK6Ydw+5f2IkaDtjuRWenURGjqpFkl6mxTcJAjMkD5KvH9Pe6h10LY9ABHoRLR cXponrpG3+yy+uhEHWT/mTxgfygp8JbSs620SlEtcLvr2g26WpeQztiJ86Y+kkAr VamKmqTY6D6C8NKSL3ULPYwEmP78sj1M/bS5tgtZFVW4ljgqkOjCImD7gtrHpI82 emtx2MAyA6NoM+PRySr5TcQye+0sKcDaCeY5ATfR73nbZtp1PSNwP9YbHB4+HYo0 hISAL/R7/xraCTI1CYb1wWI3VcDm+TlfNdmbhz2s1KFKjyK11dUJOhlC58QSPO73 0vvR4n28lqveffluDVt+IjZ+Ra5jmG7JQvYEso1eZalssrXufn1DiAvn8PtCPt7Z shHGx+mSZJo= =8XO1 -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2542 - [Ubuntu] kernel: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2542 USN-5443-1: Linux kernel vulnerabilities 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-30594 CVE-2022-29581 Original Bulletin: https://ubuntu.com/security/notices/USN-5443-1 Comment: CVSS (Max): 7.8 CVE-2022-30594 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5443-1: Linux kernel vulnerabilities 24 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 22.04 LTS o Ubuntu 21.10 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS o Ubuntu 16.04 ESM Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-aws-5.13 - Linux kernel for Amazon Web Services (AWS) systems o linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems o linux-azure - Linux kernel for Microsoft Azure Cloud systems o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems o linux-gke - Linux kernel for Google Container Engine (GKE) systems o linux-hwe - Linux hardware enablement (HWE) kernel o linux-hwe-5.13 - Linux hardware enablement (HWE) kernel o linux-ibm - Linux kernel for IBM cloud systems o linux-kvm - Linux kernel for cloud environments o linux-lowlatency - Linux low latency kernel o linux-oracle - Linux kernel for Oracle Cloud systems o linux-raspi - Linux kernel for Raspberry Pi systems Details Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. ( CVE-2022-29581 ) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. ( CVE-2022-30594 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o linux-image-5.15.0-33-generic-lpae - 5.15.0-33.34 o linux-image-5.15.0-1007-azure - 5.15.0-1007.8 o linux-image-5.15.0-33-generic-64k - 5.15.0-33.34 o linux-image-virtual - 5.15.0.33.36 o linux-image-5.15.0-1006-oracle - 5.15.0-1006.8 o linux-image-generic-64k - 5.15.0.33.36 o linux-image-generic - 5.15.0.33.36 o linux-image-gke-5.15 - 5.15.0.1005.10 o linux-image-5.15.0-1007-kvm - 5.15.0-1007.7 o linux-image-lowlatency-hwe-22.04 - 5.15.0.33.35 o linux-image-ibm - 5.15.0.1004.5 o linux-image-lowlatency-64k - 5.15.0.33.35 o linux-image-generic-hwe-22.04 - 5.15.0.33.36 o linux-image-virtual-hwe-22.04 - 5.15.0.33.36 o linux-image-lowlatency-64k-hwe-22.04 - 5.15.0.33.35 o linux-image-azure - 5.15.0.1007.8 o linux-image-gke - 5.15.0.1005.10 o linux-image-gcp - 5.15.0.1005.6 o linux-image-oracle - 5.15.0.1006.6 o linux-image-5.15.0-1005-gcp - 5.15.0-1005.8 o linux-image-5.15.0-33-lowlatency-64k - 5.15.0-33.34 o linux-image-5.15.0-33-lowlatency - 5.15.0-33.34 o linux-image-5.15.0-1004-ibm - 5.15.0-1004.4 o linux-image-5.15.0-33-generic - 5.15.0-33.34 o linux-image-generic-lpae-hwe-22.04 - 5.15.0.33.36 o linux-image-kvm - 5.15.0.1007.7 o linux-image-generic-lpae - 5.15.0.33.36 o linux-image-lowlatency - 5.15.0.33.35 o linux-image-5.15.0-1005-gke - 5.15.0-1005.6 Ubuntu 21.10 o linux-image-5.13.0-1025-aws - 5.13.0-1025.27 o linux-image-generic-64k - 5.13.0.44.53 o linux-image-generic - 5.13.0.44.53 o linux-image-aws - 5.13.0.1025.26 o linux-image-5.13.0-1025-azure - 5.13.0-1025.29 o linux-image-5.13.0-44-generic - 5.13.0-44.49 o linux-image-5.13.0-1028-raspi - 5.13.0-1028.30 o linux-image-5.13.0-44-generic-lpae - 5.13.0-44.49 o linux-image-5.13.0-44-lowlatency - 5.13.0-44.49 o linux-image-virtual - 5.13.0.44.53 o linux-image-azure - 5.13.0.1025.25 o linux-image-raspi-nolpae - 5.13.0.1028.33 o linux-image-oem-20.04 - 5.13.0.44.53 o linux-image-5.13.0-1028-raspi-nolpae - 5.13.0-1028.30 o linux-image-5.13.0-44-generic-64k - 5.13.0-44.49 o linux-image-5.13.0-1024-kvm - 5.13.0-1024.25 o linux-image-raspi - 5.13.0.1028.33 o linux-image-kvm - 5.13.0.1024.24 o linux-image-generic-lpae - 5.13.0.44.53 o linux-image-lowlatency - 5.13.0.44.53 Ubuntu 20.04 o linux-image-5.13.0-44-generic-64k - 5.13.0-44.49~20.04.1 o linux-image-generic-hwe-20.04 - 5.13.0.44.49~20.04.28 o linux-image-5.13.0-44-generic - 5.13.0-44.49~20.04.1 o linux-image-5.13.0-1025-aws - 5.13.0-1025.27~20.04.1 o linux-image-generic-lpae-hwe-20.04 - 5.13.0.44.49~20.04.28 o linux-image-5.13.0-44-generic-lpae - 5.13.0-44.49~20.04.1 o linux-image-5.13.0-44-lowlatency - 5.13.0-44.49~20.04.1 o linux-image-virtual-hwe-20.04 - 5.13.0.44.49~20.04.28 o linux-image-generic-64k-hwe-20.04 - 5.13.0.44.49~20.04.28 o linux-image-aws - 5.13.0.1025.27~20.04.20 o linux-image-lowlatency-hwe-20.04 - 5.13.0.44.49~20.04.28 Ubuntu 18.04 o linux-image-virtual - 4.15.0.180.169 o linux-image-4.15.0-180-lowlatency - 4.15.0-180.189 o linux-image-aws-lts-18.04 - 4.15.0.1130.133 o linux-image-generic - 4.15.0.180.169 o linux-image-oracle-lts-18.04 - 4.15.0.1095.105 o linux-image-4.15.0-1095-oracle - 4.15.0-1095.104 o linux-image-4.15.0-1130-aws - 4.15.0-1130.139 o linux-image-4.15.0-180-generic - 4.15.0-180.189 o linux-image-4.15.0-1116-kvm - 4.15.0-1116.119 o linux-image-4.15.0-180-generic-lpae - 4.15.0-180.189 o linux-image-kvm - 4.15.0.1116.112 o linux-image-generic-lpae - 4.15.0.180.169 o linux-image-lowlatency - 4.15.0.180.169 Ubuntu 16.04 o linux-image-lowlatency-hwe-16.04 - 4.15.0.180.171 Available with UA Infra or UA Desktop o linux-image-oem - 4.15.0.180.171 Available with UA Infra or UA Desktop o linux-image-4.15.0-1095-oracle - 4.15.0-1095.104~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-180-lowlatency - 4.15.0-180.189~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-180-generic - 4.15.0-180.189~16.04.1 Available with UA Infra or UA Desktop o linux-image-4.15.0-1130-aws-hwe - 4.15.0-1130.139~16.04.1 Available with UA Infra or UA Desktop o linux-image-aws-hwe - 4.15.0.1130.120 Available with UA Infra or UA Desktop o linux-image-generic-hwe-16.04 - 4.15.0.180.171 Available with UA Infra or UA Desktop o linux-image-oracle - 4.15.0.1095.83 Available with UA Infra or UA Desktop o linux-image-virtual-hwe-16.04 - 4.15.0.180.171 Available with UA Infra or UA Desktop After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-29581 o CVE-2022-30594 Related notices o USN-5442-1 : linux-headers-snapdragon-hwe-18.04-edge, linux-cloud-tools-virtual-hwe-18.04-edge, linux-image-extra-virtual-hwe-18.04-edge, linux-tools-5.4.0-1065-kvm, linux-headers-generic-lpae-hwe-18.04, linux-cloud-tools-generic-hwe-18.04-edge, linux-modules-extra-5.4.0-113-generic, linux-image-5.4.0-1075-aws, linux-image-virtual-hwe-18.04, linux-cloud-tools-5.4.0-113-generic, linux-image-lowlatency, linux-tools-generic-lpae-hwe-18.04-edge, linux-image-aws-lts-20.04, linux-cloud-tools-5.4.0-1075-aws, linux-oem-osp1, linux-tools-lowlatency-hwe-18.04, linux-virtual-hwe-18.04, linux-tools-snapdragon-hwe-18.04-edge, linux-image-5.4.0-113-lowlatency, linux-tools-5.4.0-113-generic-lpae, linux-cloud-tools-5.4.0-113-lowlatency, linux-image-oem, linux-cloud-tools-lowlatency-hwe-18.04, linux-kvm, linux-generic-lpae-hwe-18.04-edge, linux-image-unsigned-5.4.0-1065-kvm, linux-headers-5.4.0-113-generic-lpae, linux-headers-5.4.0-113-lowlatency, linux-headers-lowlatency-hwe-18.04-edge, linux-cloud-tools-lowlatency, linux-lowlatency, linux-modules-extra-aws-lts-20.04, linux-hwe-5.4-cloud-tools-5.4.0-113, linux-tools-aws-lts-20.04, linux-modules-5.4.0-1065-kvm, linux-headers-5.4.0-1075-aws, linux-image-generic-hwe-18.04-edge, linux-image-generic-lpae-hwe-18.04-edge, linux-source-5.4.0, linux-headers-kvm, linux-modules-5.4.0-113-lowlatency, linux-modules-extra-virtual-hwe-18.04, linux-buildinfo-5.4.0-113-generic, linux-modules-5.4.0-1075-aws, linux, linux-image-generic, linux-image-extra-virtual, linux-headers-oem-osp1, linux-hwe-5.4-tools-common, linux-tools-virtual-hwe-18.04, linux-headers-5.4.0-113, linux-image-lowlatency-hwe-18.04, linux-image-unsigned-5.4.0-113-generic, linux-oem-osp1-tools-host, linux-cloud-tools-generic-hwe-18.04, linux-tools-common, linux-tools-oem, linux-crashdump, linux-image-5.4.0-113-generic-lpae, linux-modules-5.4.0-113-generic, linux-headers-aws-lts-20.04, linux-headers-5.4.0-113-generic, linux-tools-generic-lpae, linux-tools-lowlatency, linux-hwe-5.4-tools-5.4.0-113, linux-image-generic-hwe-18.04, linux-generic-lpae, linux-aws-headers-5.4.0-1075, linux-tools-kvm, linux-aws-tools-5.4.0-1075, linux-lowlatency-hwe-18.04-edge, linux-tools-virtual, linux-tools-5.4.0-1075-aws, linux-headers-generic-hwe-18.04-edge, linux-oem, linux-aws, linux-libc-dev, linux-hwe-5.4-cloud-tools-common, linux-hwe-5.4-source-5.4.0, linux-modules-extra-5.4.0-1075-aws, linux-tools-generic-hwe-18.04-edge, linux-tools-generic, linux-image-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04-edge, linux-tools-5.4.0-113, linux-tools-host, linux-buildinfo-5.4.0-1065-kvm, linux-headers-generic-hwe-18.04, linux-image-5.4.0-113-generic, linux-modules-extra-virtual-hwe-18.04-edge, linux-tools-5.4.0-113-lowlatency, linux-snapdragon-hwe-18.04, linux-cloud-tools-virtual-hwe-18.04, linux-headers-generic-lpae, linux-buildinfo-5.4.0-113-generic-lpae, linux-headers-snapdragon-hwe-18.04, linux-buildinfo-5.4.0-1075-aws, linux-headers-5.4.0-1065-kvm, linux-tools-5.4.0-113-generic, linux-headers-virtual, linux-image-lowlatency-hwe-18.04-edge, linux-headers-virtual-hwe-18.04, linux-image-unsigned-5.4.0-1075-aws, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-generic, linux-image-generic-lpae-hwe-18.04, linux-image-snapdragon-hwe-18.04, linux-doc, linux-generic-hwe-18.04-edge, linux-image-unsigned-5.4.0-113-lowlatency, linux-tools-snapdragon-hwe-18.04, linux-tools-oem-osp1, linux-headers-virtual-hwe-18.04-edge, linux-tools-generic-lpae-hwe-18.04, linux-cloud-tools-generic, linux-headers-lowlatency-hwe-18.04, linux-tools-lowlatency-hwe-18.04-edge, linux-buildinfo-5.4.0-113-lowlatency, linux-aws-cloud-tools-5.4.0-1075, linux-hwe-5.4-headers-5.4.0-113, linux-image-5.4.0-1065-kvm, linux-virtual-hwe-18.04-edge, linux-hwe-5.4, linux-image-virtual, linux-image-oem-osp1, linux-aws-lts-20.04, linux-oem-tools-host, linux-generic-lpae-hwe-18.04, linux-headers-lowlatency, linux-headers-generic, linux-kvm-headers-5.4.0-1065, linux-virtual, linux-kvm-tools-5.4.0-1065, linux-snapdragon-hwe-18.04-edge, linux-lowlatency-hwe-18.04, linux-modules-5.4.0-113-generic-lpae, linux-cloud-tools-common, linux-cloud-tools-virtual, linux-source, linux-image-generic-lpae, linux-headers-generic-lpae-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04-edge, linux-headers-oem, linux-tools-generic-hwe-18.04, linux-generic-hwe-18.04, linux-image-kvm, linux-cloud-tools-5.4.0-113, linux-image-extra-virtual-hwe-18.04 o USN-5444-1 : linux-tools-oem-20.04b, linux-oem-5.17-headers-5.17.0-1004, linux-tools-oem-20.04d, linux-modules-iwlwifi-oem-20.04d, linux-image-oem-20.04c, linux-headers-oem-20.04c, linux-headers-oem-20.04, linux-image-5.14.0-1038-oem, linux-headers-oem-22.04a, linux-oem-20.04b, linux-oem-5.17, linux-image-oem-20.04, linux-modules-5.17.0-1004-oem, linux-oem-5.17-tools-host, linux-tools-5.17.0-1004-oem, linux-headers-oem-20.04d, linux-image-unsigned-5.14.0-1038-oem, linux-tools-5.14.0-1038-oem, linux-image-5.17.0-1004-oem, linux-oem-20.04d, linux-buildinfo-5.14.0-1038-oem, linux-image-oem-20.04b, linux-image-unsigned-5.17.0-1004-oem, linux-oem-22.04a, linux-tools-oem-20.04c, linux-oem-5.14-tools-5.14.0-1038, linux-modules-iwlwifi-5.14.0-1038-oem, linux-oem-20.04, linux-oem-5.14, linux-headers-oem-20.04b, linux-oem-5.14-headers-5.14.0-1038, linux-headers-5.17.0-1004-oem, linux-image-oem-20.04d, linux-oem-5.14-tools-host, linux-buildinfo-5.17.0-1004-oem, linux-tools-oem-20.04, linux-tools-oem-22.04, linux-headers-oem-22.04, linux-modules-5.14.0-1038-oem, linux-headers-5.14.0-1038-oem, linux-image-oem-22.04, linux-image-oem-22.04a, linux-modules-iwlwifi-oem-20.04, linux-oem-22.04, linux-oem-5.17-tools-5.17.0-1004, linux-oem-20.04c, linux-tools-oem-22.04a - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JWskNZI30y1K9AQjB1g//RdM7KYh3uNseLPFd+cTF0LUk1RJkxs0C hEy6nutDs0DPEZkeTy7JSjk2LF1Ssp3jTub6LrcmCWibHrR+Iv+lf49+HznOtOs2 FHUtXtl6MXMZb0mrzH3A+BnP+64BN4V7i4hliq+va9RXk7ddRBWi9eSsmPHMjoza bTpyJpLTDdt8eRRozMiPIqEHrrXT5+MgvYCEfEHtAe3t2WcNOwKe/wRVg/ZAi/zg 6ACDVOjPLuPEKtpXJ5bsk8g4k7pjW9Wd6BwZk4mIo8F310rez6IXMYD+eJZ1bl5h /cbk64WrCFRryzmFc+n0JvlsKlFWqDsoW1/8lIY23hwqzbeucGmgJfe+GgHw6B1c CWmhVoQkOxQ+XUsxeWB3ufAlbeghWDQkQDdBwoBvwY05x1+72X5kGYhiFqoxWuzm 0aCHfozv2+mP5njC5K4nShqfw9mjAXPH5d0G5KK6ASwG4FSVSxxSISFpK0QeeXar MzngZjbe+4S6nCeys4Llr/kSeKFb04q9lALXCSb0G/2GDzo8EQbsEGmSWEhg3soc 4NAl8wMd7OLLX5dURqiEdT9Qy/TcBCADH9k90eFvYy+s9yUI1uLbflQS9y1bFNNv Kl3Ci/X1a6zfguqDdaUysav/fyV+fMx07sLX0kjPxEblVla86qGR5RdBZhay+orD i4Y92Ky/tG0= =WHO7 -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2541 - [Ubuntu] kernel: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2541 USN-5442-1: Linux kernel vulnerabilities 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-30594 CVE-2022-29581 CVE-2022-1116 Original Bulletin: https://ubuntu.com/security/notices/USN-5442-1 Comment: CVSS (Max): 7.8 CVE-2022-30594 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5442-1: Linux kernel vulnerabilities 24 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-hwe-5.4 - Linux hardware enablement (HWE) kernel o linux-kvm - Linux kernel for cloud environments Details Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. ( CVE-2022-29581 ) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. ( CVE-2022-1116 ) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. ( CVE-2022-30594 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 o linux-image-5.4.0-113-generic-lpae - 5.4.0-113.127 o linux-image-generic - 5.4.0.113.117 o linux-image-oem - 5.4.0.113.117 o linux-image-5.4.0-113-generic - 5.4.0-113.127 o linux-image-5.4.0-1075-aws - 5.4.0-1075.80 o linux-image-5.4.0-1065-kvm - 5.4.0-1065.68 o linux-image-virtual - 5.4.0.113.117 o linux-image-aws-lts-20.04 - 5.4.0.1075.77 o linux-image-oem-osp1 - 5.4.0.113.117 o linux-image-5.4.0-113-lowlatency - 5.4.0-113.127 o linux-image-kvm - 5.4.0.1065.64 o linux-image-generic-lpae - 5.4.0.113.117 o linux-image-lowlatency - 5.4.0.113.117 Ubuntu 18.04 o linux-image-snapdragon-hwe-18.04 - 5.4.0.113.127~18.04.97 o linux-image-generic-hwe-18.04 - 5.4.0.113.127~18.04.97 o linux-image-5.4.0-113-generic-lpae - 5.4.0-113.127~18.04.1 o linux-image-oem - 5.4.0.113.127~18.04.97 o linux-image-generic-lpae-hwe-18.04 - 5.4.0.113.127~18.04.97 o linux-image-lowlatency-hwe-18.04 - 5.4.0.113.127~18.04.97 o linux-image-virtual-hwe-18.04 - 5.4.0.113.127~18.04.97 o linux-image-5.4.0-113-lowlatency - 5.4.0-113.127~18.04.1 o linux-image-5.4.0-113-generic - 5.4.0-113.127~18.04.1 o linux-image-oem-osp1 - 5.4.0.113.127~18.04.97 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-29581 o CVE-2022-1116 o CVE-2022-30594 Related notices o USN-5443-1 : linux-image-generic-lpae-hwe-22.04, linux-azure-cloud-tools-5.15.0-1007, linux-tools-gke, linux-azure-headers-5.15.0-1007, linux-image-unsigned-5.13.0-1024-kvm, linux-raspi-nolpae, linux-buildinfo-4.15.0-1095-oracle, linux-headers-generic-hwe-16.04-edge, linux-image-unsigned-5.15.0-33-lowlatency-64k, linux-tools-azure, linux-image-5.15.0-1007-azure, linux-azure-tools-5.15.0-1007, linux-headers-generic-64k-hwe-20.04, linux-lowlatency-headers-5.15.0-33, linux-headers-5.15.0-33-generic-lpae, linux-headers-5.13.0-44-generic-64k, linux-headers-lowlatency-hwe-16.04, linux-source, linux-tools-aws-hwe, linux-tools-4.15.0-180-generic, linux-buildinfo-5.13.0-1028-raspi-nolpae, linux-image-virtual-hwe-16.04, linux-tools-kvm, linux-tools-generic-lpae-hwe-16.04, linux-headers-aws-hwe, linux-aws-edge, linux-headers-lowlatency-hwe-22.04, linux-image-5.15.0-33-lowlatency-64k, linux-lowlatency-hwe-16.04-edge, linux-modules-5.15.0-33-generic, linux-image-oracle, linux-image-4.15.0-180-lowlatency, linux-gke-tools-5.15.0-1005, linux-lowlatency-hwe-20.04, linux-modules-5.13.0-44-generic, linux-image-5.13.0-44-generic, linux-ibm-source-5.15.0, linux-modules-extra-azure, linux-headers-generic-hwe-22.04, linux-generic-hwe-20.04-edge, linux-tools-4.15.0-180, linux-signed-generic-hwe-16.04-edge, linux-hwe-cloud-tools-4.15.0-180, linux-generic, linux-buildinfo-5.13.0-1024-kvm, linux-headers-5.15.0-1007-kvm, linux-headers-generic-64k, linux-cloud-tools-generic-hwe-22.04, linux-tools-virtual-hwe-20.04, linux-virtual-hwe-22.04-edge, linux-tools-5.13.0-1025-azure, linux-headers-generic-hwe-20.04-edge, linux-headers-lowlatency-hwe-16.04-edge, linux-tools-host, linux-modules-5.15.0-33-lowlatency-64k, linux-headers-4.15.0-1130-aws, linux-headers-4.15.0-180-generic, linux-headers-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-16.04-edge, linux-image-extra-virtual, linux-headers-4.15.0-180-lowlatency, linux-kvm-headers-5.15.0-1007, linux-tools-5.15.0-1006-oracle, linux-buildinfo-4.15.0-1116-kvm, linux-lowlatency-64k-hwe-20.04-edge, linux-image-unsigned-5.15.0-1005-gcp, linux-aws-headers-4.15.0-1130, linux-modules-5.13.0-44-lowlatency, linux-tools-raspi-nolpae, linux-tools-lowlatency-hwe-20.04, linux-tools-oracle-lts-18.04, linux-gcp-headers-5.15.0-1005, linux-image-5.15.0-1006-oracle, linux-modules-5.15.0-33-generic-lpae, linux-hwe-5.13-headers-5.13.0-44, linux-lowlatency-hwe-20.04-edge, linux-signed-image-oracle, linux-image-4.15.0-180-generic, linux-tools-5.15.0-33-lowlatency-64k, linux-modules-extra-aws-hwe, linux-virtual-hwe-16.04, linux-aws-headers-5.13.0-1025, linux-headers-4.15.0-1095-oracle, linux-aws-5.13, linux-tools-generic-hwe-22.04-edge, linux-cloud-tools-5.15.0-33-lowlatency, linux-image-generic-lpae, linux-headers-raspi-nolpae, linux-tools-virtual-hwe-22.04, linux-lowlatency-tools-common, linux-modules-extra-5.13.0-1028-raspi-nolpae, linux-signed-generic, linux-tools-4.15.0-1095-oracle, linux-headers-oracle, linux-image-generic-hwe-20.04, linux-modules-extra-raspi-nolpae, linux-aws-tools-4.15.0-1130, linux-headers-5.13.0-44-lowlatency, linux-aws-hwe-cloud-tools-4.15.0-1130, linux-image-extra-virtual-hwe-20.04-edge, linux-image-lowlatency-64k, linux-tools-lowlatency, linux-headers-kvm, linux-headers-virtual-hwe-22.04, linux-lowlatency-cloud-tools-5.15.0-33, linux-tools-lowlatency-hwe-16.04, linux-aws-5.13-headers-5.13.0-1025, linux-headers-generic-hwe-20.04, linux-headers-generic-64k-hwe-22.04, linux-ibm, linux-headers-5.15.0-1005-gcp, linux-lowlatency-64k, linux-azure, linux-oem-20.04, linux-image-unsigned-5.13.0-44-lowlatency, linux-image-generic-lpae-hwe-20.04-edge, linux-virtual-hwe-22.04, linux-tools-5.15.0-1005-gke, linux-modules-extra-4.15.0-1130-aws, linux-cloud-tools-lowlatency-hwe-22.04, linux-buildinfo-4.15.0-180-generic-lpae, linux-generic-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-tools-ibm, linux-headers-oracle-lts-18.04, linux-aws-cloud-tools-5.13.0-1025, linux-cloud-tools-virtual-hwe-20.04, linux-buildinfo-5.13.0-44-lowlatency, linux-image-5.15.0-33-generic-64k, linux-aws-cloud-tools-4.15.0-1130, linux-generic-lpae-hwe-22.04-edge, linux-image-generic-64k-hwe-22.04, linux-hwe-5.13-tools-5.13.0-44, linux-image-5.13.0-1028-raspi, linux-image-unsigned-5.15.0-33-generic, linux-headers-oem, linux-oracle-headers-4.15.0-1095, linux-cloud-tools-virtual-hwe-22.04, linux-image-generic-hwe-22.04-edge, linux-headers-5.15.0-33-generic-64k, linux-image-virtual-hwe-20.04, linux-image-lowlatency, linux-modules-extra-5.13.0-1025-aws, linux-tools-generic-lpae, linux-cloud-tools-5.15.0-33-generic, linux-generic-64k, linux-ibm-tools-5.15.0-1004, linux-aws-tools-5.13.0-1025, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-modules-4.15.0-180-lowlatency, linux-tools-5.13.0-44-generic, linux-tools-gcp, linux-image-4.15.0-1095-oracle, linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-4.15.0-1116-kvm, linux-headers-generic-lpae-hwe-22.04-edge, linux-modules-extra-5.13.0-44-generic, linux-tools-generic-lpae-hwe-20.04, linux-image-generic-hwe-22.04, linux-image-generic, linux-oracle-lts-18.04, linux-virtual, linux-headers-5.13.0-1024-kvm, linux-headers-virtual, linux-signed-image-oracle-lts-18.04, linux-image-aws-lts-18.04, linux-buildinfo-5.13.0-1025-aws, linux-image-generic-hwe-16.04, linux-image-gke, linux-aws-5.13-cloud-tools-5.13.0-1025, linux-headers-5.15.0-1006-oracle, linux-image-5.15.0-33-generic, linux-headers-aws-lts-18.04, linux-lowlatency-tools-5.15.0-33, linux-signed-image-lowlatency-hwe-16.04-edge, linux-image-4.15.0-1130-aws, linux-azure-cloud-tools-5.13.0-1025, linux-image-5.15.0-1007-kvm, linux-image-ibm, linux-tools-5.13.0-1028-raspi, linux-gke-5.15, linux-crashdump, linux-cloud-tools-4.15.0-180-lowlatency, linux-tools-5.15.0-33, linux-image-raspi-nolpae, linux-generic-hwe-22.04, linux-buildinfo-5.15.0-33-generic-lpae, linux-image-gcp, linux-tools-raspi, linux-headers-generic, linux-headers-lowlatency-hwe-20.04-edge, linux-modules-4.15.0-180-generic-lpae, linux-tools-generic-lpae-hwe-22.04-edge, linux-headers-5.13.0-1028-raspi, linux-tools-5.13.0-44-generic-lpae, linux-lowlatency-hwe-16.04, linux-image-raspi, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-headers-virtual-hwe-16.04-edge, linux-generic-lpae-hwe-16.04, linux-tools-5.13.0-1024-kvm, linux-tools-generic, linux-modules-5.15.0-1007-kvm, linux-image-extra-virtual-hwe-16.04-edge, linux-image-unsigned-5.15.0-1007-kvm, linux-image-unsigned-4.15.0-180-generic, linux-headers-5.13.0-1028-raspi-nolpae, linux-image-5.13.0-44-lowlatency, linux-headers-5.15.0-33-lowlatency-64k, linux-tools-generic-64k-hwe-20.04-edge, linux-headers-5.15.0-33, linux-modules-extra-aws-lts-18.04, linux-lowlatency-64k-hwe-22.04, linux-cloud-tools-virtual-hwe-22.04-edge, linux-modules-5.13.0-44-generic-lpae, linux-tools-lowlatency-64k-hwe-20.04-edge, linux-buildinfo-5.15.0-33-lowlatency, linux-image-gke-5.15, linux-image-lowlatency-hwe-16.04-edge, linux-headers-generic-lpae-hwe-22.04, linux-tools-generic-hwe-20.04, linux-image-4.15.0-180-generic-lpae, linux-headers-5.13.0-1025-aws, linux-doc, linux-tools-5.15.0-1005-gcp, linux-kvm-tools-4.15.0-1116, linux-raspi, linux-image-unsigned-5.15.0-1007-azure, linux-source-4.15.0, linux-image-unsigned-4.15.0-1095-oracle, linux-modules-extra-4.15.0-1095-oracle, linux-buildinfo-5.15.0-1007-azure, linux-ibm-headers-5.15.0-1004, linux-buildinfo-5.13.0-1028-raspi, linux-cloud-tools-virtual, linux-gcp, linux-headers-5.15.0-33-lowlatency, linux-tools-generic-hwe-20.04-edge, linux-signed-image-oem, linux-tools-5.15.0-1004-ibm, linux-image-5.15.0-33-generic-lpae, linux-cloud-tools-5.13.0-44-lowlatency, linux-lowlatency-tools-host, linux-hwe-5.13-cloud-tools-common, linux-image-4.15.0-1116-kvm, linux-image-virtual-hwe-20.04-edge, linux-cloud-tools-generic-hwe-22.04-edge, linux-tools-generic-lpae-hwe-20.04-edge, linux-image-lowlatency-64k-hwe-20.04, linux-aws-5.13-tools-5.13.0-1025, linux-oracle, linux-oracle-headers-5.15.0-1006, linux-image-aws, linux-virtual-hwe-20.04-edge, linux-cloud-tools-5.13.0-1025-azure, linux-buildinfo-5.15.0-33-generic, linux-cloud-tools-virtual-hwe-16.04, linux-headers-5.13.0-44, linux-tools-generic-64k-hwe-22.04, linux-modules-extra-5.13.0-1025-azure, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-tools-4.15.0-1130-aws, linux-tools-5.13.0-1028-raspi-nolpae, linux-image-extra-virtual-hwe-22.04, linux-tools-gke-5.15, linux-tools-lowlatency-64k-hwe-20.04, linux-tools-generic-lpae-hwe-16.04-edge, linux-tools-5.15.0-33-generic-64k, linux-headers-raspi, linux-image-kvm, linux-tools-generic-hwe-22.04, linux-headers-gke-5.15, linux-source-5.15.0, linux-headers-virtual-hwe-16.04, linux-generic-64k-hwe-20.04, linux-raspi-headers-5.13.0-1028, linux-kvm-headers-4.15.0-1116, linux-lowlatency-hwe-22.04, linux-cloud-tools-5.13.0-1025-aws, linux-aws-hwe, linux-cloud-tools-azure, linux-modules-5.13.0-1025-aws, linux-signed-lowlatency-hwe-16.04-edge, linux-virtual-hwe-16.04-edge, linux-image-oem-20.04, linux-tools-5.15.0-33-generic-lpae, linux-modules-5.15.0-1004-ibm, linux-modules-extra-5.15.0-33-generic, linux-hwe-5.13, linux-buildinfo-5.15.0-1004-ibm, linux-buildinfo-5.15.0-33-lowlatency-64k, linux-headers-5.13.0-44-generic-lpae, linux-image-generic-64k-hwe-20.04-edge, linux-cloud-tools-4.15.0-1130-aws, linux-tools-generic-hwe-16.04, linux-image-extra-virtual-hwe-22.04-edge, linux-modules-5.15.0-33-generic-64k, linux-tools-lowlatency-hwe-22.04-edge, linux-oracle-tools-4.15.0-1095, linux-headers-generic-lpae-hwe-20.04, linux-image-unsigned-5.15.0-1006-oracle, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-headers-4.15.0-180, linux-tools-4.15.0-180-lowlatency, linux-cloud-tools-5.13.0-44-generic, linux-modules-5.15.0-1007-azure, linux-buildinfo-4.15.0-180-lowlatency, linux-modules-5.15.0-1006-oracle, linux-headers-5.13.0-1025-azure, linux-generic-hwe-20.04, linux-modules-extra-5.15.0-1005-gcp, linux-hwe-5.13-cloud-tools-5.13.0-44, linux-headers-5.15.0-33-generic, linux-modules-4.15.0-1116-kvm, linux-signed-generic-hwe-16.04, linux-image-5.13.0-44-generic-64k, linux-signed-image-generic, linux-buildinfo-5.13.0-44-generic-64k, linux-oracle-tools-5.15.0-1006, linux-modules-5.15.0-1005-gke, linux-tools-virtual-hwe-16.04, linux-signed-oracle-lts-18.04, linux-generic-lpae, linux-tools-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-33-generic-64k, linux-image-generic-64k, linux-cloud-tools-generic-hwe-16.04-edge, linux-image-5.13.0-44-generic-lpae, linux-buildinfo-5.15.0-1007-kvm, linux-image-oracle-lts-18.04, linux-ibm-tools-common, linux-virtual-hwe-20.04, linux-cloud-tools-5.15.0-33, linux-image-unsigned-5.13.0-44-generic, linux-cloud-tools-generic-hwe-20.04, linux-aws, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-kvm-tools-5.13.0-1024, linux-image-lowlatency-hwe-20.04-edge, linux-tools-virtual-hwe-16.04-edge, linux-buildinfo-4.15.0-180-generic, linux-tools-generic-64k-hwe-20.04, linux-libc-dev, linux-tools-generic-lpae-hwe-22.04, linux-headers-generic-lpae, linux-lowlatency-hwe-22.04-edge, linux-signed-oem, linux-headers-lowlatency-64k-hwe-20.04, linux-image-unsigned-5.13.0-1025-azure, linux-headers-virtual-hwe-20.04, linux-image-virtual-hwe-22.04, linux-modules-extra-aws, linux-modules-extra-5.15.0-1005-gke, linux-image-lowlatency-hwe-22.04-edge, linux-image-5.13.0-1025-aws, linux-signed-oracle, linux-tools-aws, linux-tools-virtual, linux-tools-5.15.0-1007-kvm, linux-modules-extra-5.15.0-1007-azure, linux-headers-5.15.0-1004-ibm, linux-raspi-tools-5.13.0-1028, linux-modules-4.15.0-1130-aws, linux-tools-aws-lts-18.04, linux-headers-5.15.0-1007-azure, linux-generic-64k-hwe-22.04, linux-azure-headers-5.13.0-1025, linux-image-5.15.0-1005-gcp, linux-tools-5.15.0-33-generic, linux-tools-5.13.0-44-generic-64k, linux-headers-gke, linux-modules-5.15.0-1005-gcp, linux-signed-image-lowlatency-hwe-16.04, linux-headers-generic-lpae-hwe-16.04, linux-image-lowlatency-64k-hwe-20.04-edge, linux-image-5.13.0-1024-kvm, linux-buildinfo-5.15.0-33-generic-64k, linux-modules-4.15.0-1095-oracle, linux-tools-4.15.0-1116-kvm, linux-image-generic-lpae-hwe-16.04-edge, linux-headers-4.15.0-180-generic-lpae, linux, linux-modules-extra-gcp, linux-image-generic-hwe-16.04-edge, linux-kvm-tools-5.15.0-1007, linux-image-5.15.0-1004-ibm, linux-headers-oem-20.04, linux-tools-oracle, linux-cloud-tools-5.15.0-1007-azure, linux-buildinfo-5.15.0-1006-oracle, linux-headers-lowlatency-hwe-22.04-edge, linux-image-unsigned-4.15.0-180-lowlatency, linux-buildinfo-5.13.0-44-generic-lpae, linux-tools-lowlatency-hwe-16.04-edge, linux-image-generic-lpae-hwe-20.04, linux-tools-oem-20.04, linux-tools-5.13.0-44-lowlatency, linux-image-unsigned-5.15.0-1004-ibm, linux-modules-5.13.0-44-generic-64k, linux-headers-5.13.0-44-generic, linux-generic-hwe-22.04-edge, linux-lowlatency-64k-hwe-20.04, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-headers-generic-hwe-22.04-edge, linux-generic-hwe-16.04, linux-tools-5.15.0-1007-azure, linux-hwe, linux-aws-hwe-tools-4.15.0-1130, linux-image-virtual-hwe-16.04-edge, linux-headers-azure, linux-image-5.13.0-1028-raspi-nolpae, linux-modules-5.13.0-1025-azure, linux-headers-virtual-hwe-22.04-edge, linux-image-oem, linux-image-unsigned-5.15.0-33-lowlatency, linux-tools-5.13.0-1025-aws, linux-headers-gcp, linux-headers-aws, linux-signed-lowlatency, linux-image-5.15.0-33-lowlatency, linux-image-generic-hwe-20.04-edge, linux-azure-tools-5.13.0-1025, linux-gke-headers-5.15.0-1005, linux-ibm-cloud-tools-common, linux-signed-image-lowlatency, linux-hwe-tools-4.15.0-180, linux-modules-5.13.0-1024-kvm, linux-tools-lowlatency-64k, linux-tools-4.15.0-180-generic-lpae, linux-tools-5.13.0-44, linux-modules-extra-5.15.0-1006-oracle, linux-image-generic-64k-hwe-20.04, linux-generic-lpae-hwe-22.04, linux-gcp-tools-5.15.0-1005, linux-image-generic-64k-hwe-22.04-edge, linux-cloud-tools-4.15.0-180, linux-image-virtual-hwe-22.04-edge, linux-generic-lpae-hwe-20.04, linux-image-generic-lpae-hwe-22.04-edge, linux-generic-lpae-hwe-16.04-edge, linux-headers-5.15.0-1005-gke, linux-headers-lowlatency-64k-hwe-22.04, linux-modules-5.13.0-1028-raspi-nolpae, linux-tools-lowlatency-hwe-20.04-edge, linux-tools-5.15.0-33-lowlatency, linux-hwe-5.13-tools-common, linux-image-aws-hwe, linux-oem, linux-cloud-tools-lowlatency, linux-headers-virtual-hwe-20.04-edge, linux-gke, linux-generic-64k-hwe-22.04-edge, linux-headers-lowlatency, linux-image-5.13.0-1025-azure, linux-image-4.15.0-1130-aws-hwe, linux-lowlatency-64k-hwe-22.04-edge, linux-hwe-5.13-tools-host, linux-image-unsigned-5.13.0-1025-aws, linux-signed-image-generic-hwe-16.04, linux-buildinfo-5.15.0-1005-gcp, linux-image-azure, linux-image-lowlatency-64k-hwe-22.04, linux-image-5.15.0-1005-gke, linux-lowlatency-cloud-tools-common, linux-buildinfo-5.13.0-44-generic, linux-image-lowlatency-64k-hwe-22.04-edge, linux-kvm-headers-5.13.0-1024, linux-image-unsigned-5.13.0-44-generic-64k, linux-modules-5.13.0-1028-raspi, linux-buildinfo-5.13.0-1025-azure, linux-tools-generic-64k-hwe-22.04-edge, linux-image-lowlatency-hwe-22.04, linux-tools-common, linux-image-lowlatency-hwe-20.04, linux-cloud-tools-5.13.0-44, linux-image-unsigned-5.15.0-1005-gke, linux-modules-extra-5.13.0-1028-raspi, linux-generic-lpae-hwe-20.04-edge, linux-headers-lowlatency-hwe-20.04, linux-image-extra-virtual-hwe-16.04, linux-tools-lowlatency-hwe-22.04, linux-headers-lowlatency-64k, linux-cloud-tools-lowlatency-hwe-16.04, linux-signed-lowlatency-hwe-16.04, linux-headers-generic-lpae-hwe-20.04-edge, linux-image-generic-lpae-hwe-16.04, linux-lowlatency, linux-cloud-tools-generic-hwe-20.04-edge, linux-cloud-tools-common, linux-tools-lowlatency-64k-hwe-22.04, linux-modules-extra-5.15.0-1004-ibm, linux-buildinfo-4.15.0-1130-aws, linux-cloud-tools-generic-hwe-16.04, linux-image-extra-virtual-hwe-20.04, linux-modules-extra-raspi, linux-tools-oem, linux-hwe-5.13-source-5.13.0, linux-buildinfo-5.15.0-1005-gke, linux-headers-generic-hwe-16.04, linux-image-lowlatency-hwe-16.04, linux-modules-4.15.0-180-generic, linux-aws-lts-18.04, linux-modules-5.15.0-33-lowlatency, linux-headers-generic-lpae-hwe-16.04-edge, linux-tools-virtual-hwe-22.04-edge, linux-headers-generic-64k-hwe-22.04-edge, linux-generic-64k-hwe-20.04-edge, linux-headers-ibm, linux-image-unsigned-4.15.0-1130-aws, linux-cloud-tools-generic, linux-tools-generic-64k, linux-image-virtual, linux-cloud-tools-4.15.0-180-generic, linux-cloud-tools-lowlatency-hwe-20.04, linux-kvm, linux-source-5.13.0, linux-cloud-tools-virtual-hwe-20.04-edge, linux-modules-extra-4.15.0-180-generic o USN-5444-1 : linux-image-oem-22.04, linux-tools-5.17.0-1004-oem, linux-headers-oem-20.04b, linux-modules-iwlwifi-5.14.0-1038-oem, linux-tools-oem-22.04a, linux-oem-5.14-tools-5.14.0-1038, linux-oem-20.04d, linux-tools-oem-20.04b, linux-headers-oem-20.04d, linux-headers-oem-22.04, linux-oem-5.14, linux-headers-oem-22.04a, linux-oem-5.17-tools-host, linux-oem-20.04, linux-oem-22.04a, linux-buildinfo-5.17.0-1004-oem, linux-image-oem-20.04b, linux-image-unsigned-5.14.0-1038-oem, linux-modules-iwlwifi-oem-20.04d, linux-tools-oem-20.04d, linux-oem-22.04, linux-headers-5.14.0-1038-oem, linux-image-oem-22.04a, linux-oem-5.17-headers-5.17.0-1004, linux-headers-oem-20.04, linux-headers-oem-20.04c, linux-image-5.14.0-1038-oem, linux-oem-20.04b, linux-image-oem-20.04, linux-image-5.17.0-1004-oem, linux-image-unsigned-5.17.0-1004-oem, linux-tools-oem-20.04c, linux-oem-5.14-tools-host, linux-headers-5.17.0-1004-oem, linux-buildinfo-5.14.0-1038-oem, linux-tools-oem-22.04, linux-oem-5.14-headers-5.14.0-1038, linux-tools-oem-20.04, linux-image-oem-20.04d, linux-oem-5.17-tools-5.17.0-1004, linux-modules-5.14.0-1038-oem, linux-modules-5.17.0-1004-oem, linux-oem-20.04c, linux-image-oem-20.04c, linux-modules-iwlwifi-oem-20.04, linux-oem-5.17, linux-tools-5.14.0-1038-oem - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2JUMkNZI30y1K9AQhWTxAAvDhvFg6LULjbcjF5zwvV1iZz+kA1hysU duiUgxLbAgBY+xY+l4Xezx7EW1OKpVi7zPE9Am/Jhfz0aNh1l4fdB7EfthZkBRtD OR43KWWaOUttdIr8Tx8J+beWsCYKJtfY5tibKEoD/M5EAous79qswXHZYBa/kEbd GK9EoI8E2IqChsKxqMjQswUTT7b1DOqYChAAL+gtziIaEav3kTxe/hRO3JXOf+r5 8F9FlO5VPx0f10EJCJPOdDWey/FbfX3Esi1SVA+2cbsAfF+VYzLqQ8KVPO8SGdEh 9m+Rle9W3q0YI1Vm35TOeK5IrTw9Kzlm2z3117REaEAqAx536RjhgzPC96FIHOXI V6Fti3v+eieJ0wjeXjnVjByRE5JV5bADItb5DyVxRMbRvlgOI9Cdne45OGjEqM/2 X5PQ7nAqm9/0ukQvkmGUKagopP6DpJm92wUxqqsk0ZyJMlpvjOr9Pm6ZVviDMhqz AHTJshIhmibmIBIybGTG0+8ngiTSgr/CiWCxEKtGudRRai3L1pGdI7Y43JNj0wTu wjzER8Tl1BegeVC7ctG/qi9Mpl/Iv/IFzPSj+BMR47Jg2xVaujdarJE3l4Bsgom8 psqSP/Jo61NSyVFgBZ7kR6KUx4OMbcuP++3d4uvOLMAjyujwp5Fj+zhJMhZTL8V/ V/Js7HBFBgI= =DWlc -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2540 - [Ubuntu] Linux kernel: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2540 USN-5444-1: Linux kernel vulnerability 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-29581 Original Bulletin: https://ubuntu.com/security/notices/USN-5444-1 Comment: CVSS (Max): 7.8 CVE-2022-29581 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5444-1: Linux kernel vulnerability 24 May 2022 The system could be made to crash or run programs as an administrator. Releases o Ubuntu 22.04 LTS o Ubuntu 20.04 LTS Packages o linux-oem-5.14 - Linux kernel for OEM systems o linux-oem-5.17 - Linux kernel for OEM systems Details Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o linux-image-oem-22.04 - 5.17.0.1004.4 o linux-image-oem-22.04a - 5.17.0.1004.4 o linux-image-5.17.0-1004-oem - 5.17.0-1004.4 Ubuntu 20.04 o linux-image-oem-20.04c - 5.14.0.1038.35 o linux-image-oem-20.04b - 5.14.0.1038.35 o linux-image-oem-20.04d - 5.14.0.1038.35 o linux-image-oem-20.04 - 5.14.0.1038.35 o linux-image-5.14.0-1038-oem - 5.14.0-1038.42 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-29581 Related notices o USN-5442-1 : linux-headers-5.4.0-113-generic, linux-image-unsigned-5.4.0-1075-aws, linux-tools-generic-lpae-hwe-18.04, linux-tools-generic-hwe-18.04, linux-headers-virtual-hwe-18.04-edge, linux-modules-extra-5.4.0-1075-aws, linux-tools-lowlatency-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge, linux-image-aws-lts-20.04, linux-cloud-tools-common, linux-tools-lowlatency-hwe-18.04, linux-lowlatency, linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump, linux-virtual-hwe-18.04, linux-tools-common, linux-image-generic-hwe-18.04, linux-modules-5.4.0-1065-kvm, linux-buildinfo-5.4.0-113-lowlatency, linux-tools-virtual, linux-tools-5.4.0-113, linux-generic-hwe-18.04-edge, linux-tools-oem-osp1, linux-cloud-tools-lowlatency, linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04, linux-hwe-5.4, linux-hwe-5.4-headers-5.4.0-113, linux-image-lowlatency-hwe-18.04-edge, linux-image-virtual-hwe-18.04, linux-kvm, linux-kvm-headers-5.4.0-1065, linux-oem, linux-modules-extra-virtual-hwe-18.04, linux-snapdragon-hwe-18.04-edge, linux-virtual, linux-tools-lowlatency, linux-headers-kvm, linux-modules-5.4.0-1075-aws, linux-headers-virtual, linux-hwe-5.4-cloud-tools-common, linux-headers-generic-lpae-hwe-18.04, linux-tools-5.4.0-1075-aws, linux-headers-oem, linux-image-generic-lpae-hwe-18.04-edge, linux-image-unsigned-5.4.0-113-lowlatency, linux-tools-5.4.0-113-generic, linux-image-kvm, linux-kvm-tools-5.4.0-1065, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-snapdragon-hwe-18.04, linux-tools-generic-hwe-18.04-edge, linux-image-5.4.0-113-generic, linux-source, linux-generic, linux-source-5.4.0, linux-image-5.4.0-1075-aws, linux-tools-virtual-hwe-18.04-edge, linux-lowlatency-hwe-18.04-edge, linux-headers-generic-lpae-hwe-18.04-edge, linux-headers-aws-lts-20.04, linux-cloud-tools-5.4.0-1075-aws, linux-doc, linux-tools-aws-lts-20.04, linux-image-unsigned-5.4.0-1065-kvm, linux-tools-5.4.0-1065-kvm, linux-modules-5.4.0-113-generic, linux-tools-kvm, linux-cloud-tools-virtual-hwe-18.04, linux-headers-5.4.0-1075-aws, linux-virtual-hwe-18.04-edge, linux-hwe-5.4-tools-5.4.0-113, linux-tools-virtual-hwe-18.04, linux-image-extra-virtual, linux-image-oem, linux-aws-cloud-tools-5.4.0-1075, linux-headers-lowlatency-hwe-18.04, linux-buildinfo-5.4.0-1075-aws, linux-modules-5.4.0-113-generic-lpae, linux-tools-host, linux-buildinfo-5.4.0-113-generic, linux-image-extra-virtual-hwe-18.04, linux-image-generic-lpae-hwe-18.04, linux-tools-5.4.0-113-generic-lpae, linux-headers-5.4.0-113-generic-lpae, linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge, linux-headers-generic, linux-tools-5.4.0-113-lowlatency, linux-tools-generic, linux-cloud-tools-5.4.0-113-lowlatency, linux-image-5.4.0-113-generic-lpae, linux-oem-tools-host, linux-cloud-tools-lowlatency-hwe-18.04, linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04, linux-aws-headers-5.4.0-1075, linux-generic-lpae-hwe-18.04-edge, linux-cloud-tools-generic-hwe-18.04, linux-modules-5.4.0-113-lowlatency, linux-aws-tools-5.4.0-1075, linux-headers-5.4.0-113-lowlatency, linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge, linux-hwe-5.4-source-5.4.0, linux-oem-osp1-tools-host, linux-generic-lpae, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-hwe-5.4-cloud-tools-5.4.0-113, linux-headers-generic-hwe-18.04-edge, linux-modules-extra-5.4.0-113-generic, linux-image-lowlatency, linux-aws-lts-20.04, linux-cloud-tools-virtual-hwe-18.04-edge, linux-generic-hwe-18.04, linux-image-extra-virtual-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04-edge, linux-cloud-tools-5.4.0-113-generic, linux, linux-image-5.4.0-1065-kvm, linux-headers-lowlatency-hwe-18.04-edge, linux-headers-5.4.0-1065-kvm, linux-headers-lowlatency, linux-cloud-tools-generic, linux-cloud-tools-generic-hwe-18.04-edge, linux-image-unsigned-5.4.0-113-generic, linux-image-generic-hwe-18.04-edge, linux-buildinfo-5.4.0-113-generic-lpae, linux-tools-oem, linux-headers-generic-lpae, linux-image-lowlatency-hwe-18.04, linux-image-oem-osp1, linux-lowlatency-hwe-18.04, linux-oem-osp1, linux-headers-generic-hwe-18.04, linux-hwe-5.4-tools-common, linux-libc-dev, linux-image-virtual-hwe-18.04-edge, linux-image-5.4.0-113-lowlatency, linux-buildinfo-5.4.0-1065-kvm, linux-aws, linux-headers-5.4.0-113, linux-tools-snapdragon-hwe-18.04, linux-image-virtual, linux-cloud-tools-5.4.0-113 o USN-5443-1 : linux-image-5.15.0-33-generic, linux-tools-lowlatency-hwe-22.04, linux-image-unsigned-5.13.0-44-generic-64k, linux-image-generic-hwe-22.04, linux-signed-image-generic, linux-headers-5.15.0-33-lowlatency-64k, linux-headers-gke, linux-image-4.15.0-180-generic, linux-aws-headers-4.15.0-1130, linux-buildinfo-5.15.0-1006-oracle, linux-image-5.13.0-1028-raspi-nolpae, linux-cloud-tools-common, linux-virtual-hwe-16.04, linux-generic-hwe-22.04, linux-cloud-tools-virtual-hwe-16.04, linux-image-4.15.0-180-generic-lpae, linux-lowlatency, linux-tools-4.15.0-1130-aws, linux-tools-common, linux-hwe-cloud-tools-4.15.0-180, linux-tools-4.15.0-180, linux-generic-64k, linux-headers-5.13.0-1024-kvm, linux-image-unsigned-5.13.0-44-generic, linux-modules-5.13.0-44-generic, linux-image-extra-virtual-hwe-22.04-edge, linux-image-aws-hwe, linux-cloud-tools-lowlatency, linux-tools-5.15.0-33-lowlatency-64k, linux-modules-extra-5.13.0-1028-raspi, linux-tools-virtual-hwe-16.04, linux-headers-oem-20.04, linux-cloud-tools-5.15.0-33-lowlatency, linux-image-generic-64k-hwe-20.04, linux-headers-4.15.0-1130-aws, linux-oem, linux-buildinfo-5.13.0-44-generic-lpae, linux-headers-4.15.0-180-lowlatency, linux-cloud-tools-5.15.0-33, linux-headers-virtual, linux-image-generic-hwe-20.04-edge, linux-ibm-cloud-tools-common, linux-headers-generic-lpae-hwe-22.04, linux-image-5.13.0-44-generic-lpae, linux-lowlatency-hwe-22.04-edge, linux-tools-4.15.0-1095-oracle, linux-image-aws, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-modules-extra-4.15.0-1095-oracle, linux-buildinfo-5.15.0-1007-azure, linux-hwe-5.13, linux-lowlatency-cloud-tools-common, linux-tools-5.13.0-1028-raspi, linux-modules-5.13.0-1028-raspi, linux-tools-lowlatency-hwe-16.04-edge, linux-image-lowlatency-64k-hwe-20.04-edge, linux-cloud-tools-generic-hwe-16.04, linux-doc, linux-tools-generic-hwe-20.04-edge, linux-headers-virtual-hwe-16.04-edge, linux-image-extra-virtual-hwe-20.04, linux-image-unsigned-5.13.0-44-lowlatency, linux-raspi-headers-5.13.0-1028, linux-aws-hwe-tools-4.15.0-1130, linux-image-unsigned-4.15.0-1130-aws, linux-modules-4.15.0-1130-aws, linux-image-azure, linux-headers-5.15.0-1007-azure, linux-image-unsigned-4.15.0-180-generic, linux-buildinfo-5.13.0-1024-kvm, linux-headers-5.15.0-1007-kvm, linux-tools-generic-hwe-22.04, linux-modules-4.15.0-1116-kvm, linux-tools-generic-lpae-hwe-20.04, linux-buildinfo-5.15.0-33-generic, linux-tools-4.15.0-1116-kvm, linux-image-extra-virtual, linux-tools-aws-lts-18.04, linux-headers-lowlatency-64k-hwe-20.04, linux-signed-image-lowlatency-hwe-16.04, linux-image-unsigned-5.15.0-1007-kvm, linux-modules-5.13.0-44-generic-64k, linux-image-unsigned-5.15.0-1005-gcp, linux-oem-20.04, linux-modules-5.15.0-1007-kvm, linux-hwe-5.13-cloud-tools-5.13.0-44, linux-image-lowlatency-hwe-16.04, linux-headers-5.13.0-44-generic-lpae, linux-signed-image-oem, linux-image-unsigned-5.15.0-1006-oracle, linux-tools-lowlatency-hwe-16.04, linux-cloud-tools-4.15.0-180-lowlatency, linux-cloud-tools-azure, linux-source-4.15.0, linux-oracle-tools-5.15.0-1006, linux-headers-generic-64k, linux-ibm, linux-modules-5.13.0-44-generic-lpae, linux-cloud-tools-5.13.0-44-lowlatency, linux-buildinfo-5.15.0-33-generic-64k, linux-generic-hwe-16.04, linux-headers-5.13.0-1025-aws, linux-kvm-tools-5.15.0-1007, linux-raspi-nolpae, linux-generic-64k-hwe-22.04-edge, linux-image-4.15.0-1116-kvm, linux-image-unsigned-5.13.0-1025-aws, linux-generic-lpae, linux-cloud-tools-5.13.0-1025-aws, linux-headers-gcp, linux-modules-extra-5.13.0-1028-raspi-nolpae, linux-hwe-tools-4.15.0-180, linux-generic-lpae-hwe-20.04-edge, linux-image-extra-virtual-hwe-16.04, linux-image-virtual-hwe-22.04, linux-lowlatency-tools-5.15.0-33, linux-buildinfo-4.15.0-1095-oracle, linux-headers-generic-lpae-hwe-16.04, linux-lowlatency-tools-common, linux-headers-5.13.0-44-lowlatency, linux-tools-5.13.0-1025-azure, linux-image-5.13.0-1024-kvm, linux-modules-extra-5.13.0-1025-azure, linux-headers-generic-lpae, linux-headers-gke-5.15, linux-buildinfo-5.15.0-1005-gcp, linux-source-5.13.0, linux-aws-tools-4.15.0-1130, linux-libc-dev, linux-headers-aws-hwe, linux-tools-5.15.0-33-generic-64k, linux-image-unsigned-5.15.0-33-generic, linux-cloud-tools-virtual-hwe-22.04, linux-headers-virtual-hwe-16.04, linux-tools-lowlatency-64k-hwe-20.04, linux-aws-tools-5.13.0-1025, linux-azure-headers-5.15.0-1007, linux-ibm-tools-common, linux-cloud-tools-virtual-hwe-22.04-edge, linux-image-lowlatency-hwe-22.04, linux-source-5.15.0, linux-cloud-tools-5.13.0-44, linux-headers-5.15.0-1005-gke, linux-tools-5.15.0-1005-gcp, linux-image-virtual-hwe-16.04, linux-signed-image-lowlatency-hwe-16.04-edge, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-tools-generic-hwe-16.04, linux-headers-5.13.0-44-generic, linux-tools-virtual-hwe-22.04-edge, linux-lowlatency-64k-hwe-22.04, linux-image-unsigned-5.15.0-1004-ibm, linux-image-5.13.0-1028-raspi, linux-buildinfo-5.13.0-44-generic-64k, linux-tools-lowlatency-64k-hwe-22.04, linux-signed-image-lowlatency, linux-tools-virtual, linux-modules-5.15.0-1005-gcp, linux-tools-gke-5.15, linux-modules-extra-aws, linux-modules-5.15.0-33-generic-64k, linux-generic-lpae-hwe-16.04, linux-signed-oem, linux-gke-5.15, linux-image-generic-lpae-hwe-16.04, linux-headers-ibm, linux-image-unsigned-5.15.0-1005-gke, linux-tools-generic-64k-hwe-20.04, linux-modules-extra-raspi-nolpae, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-22.04-edge, linux-headers-generic-hwe-16.04, linux-gke, linux-modules-5.15.0-1007-azure, linux-tools-lowlatency, linux-lowlatency-cloud-tools-5.15.0-33, linux-image-gcp, linux-headers-generic-lpae-hwe-22.04-edge, linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-oem, linux-modules-4.15.0-1095-oracle, linux-cloud-tools-5.15.0-33-generic, linux-hwe-5.13-tools-5.13.0-44, linux-image-5.13.0-44-lowlatency, linux-hwe-5.13-headers-5.13.0-44, linux-tools-generic-64k-hwe-20.04-edge, linux-generic-hwe-16.04-edge, linux-tools-5.13.0-44-lowlatency, linux-headers-generic-hwe-20.04-edge, linux-image-lowlatency-64k-hwe-22.04-edge, linux-tools-oracle, linux-image-5.15.0-33-lowlatency, linux-aws-lts-18.04, linux-signed-image-oracle-lts-18.04, linux-image-virtual-hwe-22.04-edge, linux-image-oracle, linux-image-unsigned-4.15.0-1095-oracle, linux-buildinfo-5.13.0-44-lowlatency, linux-kvm-tools-5.13.0-1024, linux-image-generic-lpae-hwe-20.04, linux-lowlatency-hwe-16.04, linux-tools-azure, linux-tools-5.13.0-44-generic-64k, linux-tools-lowlatency-hwe-20.04, linux-modules-extra-5.15.0-33-generic, linux-modules-extra-4.15.0-1130-aws, linux-headers-lowlatency-hwe-22.04-edge, linux-headers-lowlatency-hwe-16.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-headers-5.15.0-33, linux-headers-lowlatency-hwe-22.04, linux-aws-cloud-tools-5.13.0-1025, linux-raspi, linux-lowlatency-64k-hwe-20.04, linux-generic-lpae-hwe-16.04-edge, linux-image-oem, linux-headers-5.15.0-1005-gcp, linux-headers-virtual-hwe-20.04, linux-buildinfo-5.13.0-44-generic, linux-cloud-tools-virtual-hwe-20.04, linux-hwe-5.13-tools-host, linux-tools-generic-lpae-hwe-22.04-edge, linux-tools-raspi, linux-tools-generic, linux-buildinfo-4.15.0-180-lowlatency, linux-signed-image-generic-hwe-16.04, linux-tools-generic-lpae-hwe-22.04, linux-modules-extra-5.15.0-1007-azure, linux-tools-generic-64k-hwe-22.04, linux-image-unsigned-5.15.0-33-generic-64k, linux-headers-4.15.0-1095-oracle, linux-image-generic-lpae-hwe-16.04-edge, linux-tools-generic-lpae-hwe-20.04-edge, linux-image-5.15.0-1007-kvm, linux-hwe-5.13-tools-common, linux-buildinfo-5.15.0-1005-gke, linux-tools-oracle-lts-18.04, linux-headers-virtual-hwe-20.04-edge, linux-headers-oracle, linux-image-unsigned-5.15.0-33-lowlatency-64k, linux-virtual-hwe-16.04-edge, linux-image-generic-hwe-22.04-edge, linux-modules-4.15.0-180-generic-lpae, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-headers-5.15.0-1004-ibm, linux-headers-lowlatency-64k-hwe-22.04, linux-tools-virtual-hwe-22.04, linux-ibm-headers-5.15.0-1004, linux-image-5.15.0-33-generic-lpae, linux-tools-4.15.0-180-generic, linux-image-generic-64k-hwe-22.04-edge, linux-generic-64k-hwe-22.04, linux-modules-extra-5.15.0-1005-gke, linux-tools-5.15.0-1004-ibm, linux-buildinfo-5.15.0-1004-ibm, linux-image-5.15.0-1004-ibm, linux-aws-hwe, linux-tools-4.15.0-180-generic-lpae, linux-hwe, linux-tools-5.15.0-33-generic, linux-image-5.15.0-1005-gke, linux-modules-5.13.0-1024-kvm, linux-image-extra-virtual-hwe-16.04-edge, linux-image-oracle-lts-18.04, linux-oracle-headers-4.15.0-1095, linux-generic-hwe-22.04-edge, linux-hwe-5.13-cloud-tools-common, linux-signed-generic, linux-image-5.15.0-33-lowlatency-64k, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-image-5.13.0-44-generic, linux-azure-cloud-tools-5.13.0-1025, linux-headers-5.13.0-1028-raspi-nolpae, linux-image-unsigned-4.15.0-180-lowlatency, linux-image-generic-64k-hwe-20.04-edge, linux-modules-extra-5.13.0-1025-aws, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-modules-4.15.0-180-generic, linux-image-4.15.0-180-lowlatency, linux-kvm-headers-5.13.0-1024, linux-image-generic-lpae-hwe-22.04-edge, linux-tools-5.13.0-44-generic-lpae, linux-buildinfo-5.13.0-1025-aws, linux-azure-tools-5.13.0-1025, linux-aws-cloud-tools-4.15.0-1130, linux-headers-virtual-hwe-22.04-edge, linux-tools-5.15.0-1007-azure, linux-modules-extra-aws-hwe, linux-headers-raspi, linux-kvm, linux-kvm-tools-4.15.0-1116, linux-tools-aws-hwe, linux-headers-4.15.0-180, linux-image-5.13.0-44-generic-64k, linux-headers-kvm, linux-image-generic-hwe-16.04, linux-image-lowlatency-hwe-16.04-edge, linux-tools-virtual-hwe-20.04-edge, linux-image-kvm, linux-headers-lowlatency-hwe-20.04-edge, linux-gcp-headers-5.15.0-1005, linux-image-generic-lpae, linux-headers-generic-64k-hwe-20.04, linux-buildinfo-5.13.0-1028-raspi, linux-buildinfo-5.13.0-1028-raspi-nolpae, linux-tools-gke, linux-source, linux-headers-lowlatency-hwe-20.04, linux-tools-ibm, linux-image-aws-lts-18.04, linux-modules-5.13.0-44-lowlatency, linux-signed-oracle, linux-image-generic-hwe-20.04, linux-headers-oracle-lts-18.04, linux-generic-hwe-20.04, linux-aws-hwe-cloud-tools-4.15.0-1130, linux-lowlatency-headers-5.15.0-33, linux-headers-5.13.0-44, linux-azure, linux-tools-kvm, linux-tools-generic-lpae-hwe-16.04-edge, linux-tools-5.15.0-1007-kvm, linux-image-virtual-hwe-20.04, linux-cloud-tools-4.15.0-180-generic, linux-gke-tools-5.15.0-1005, linux-azure-cloud-tools-5.15.0-1007, linux-headers-5.13.0-44-generic-64k, linux-tools-5.15.0-33, linux-tools-generic-hwe-22.04-edge, linux-tools-host, linux-modules-5.15.0-1005-gke, linux-gke-headers-5.15.0-1005, linux-cloud-tools-5.15.0-1007-azure, linux-modules-4.15.0-180-lowlatency, linux-tools-virtual-hwe-20.04, linux-image-unsigned-5.13.0-1024-kvm, linux-cloud-tools-generic-hwe-16.04-edge, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-5.13.0-1024-kvm, linux-tools-5.15.0-33-generic-lpae, linux-headers-generic-hwe-22.04, linux-cloud-tools-virtual-hwe-20.04-edge, linux-buildinfo-4.15.0-1116-kvm, linux-gcp, linux-image-gke-5.15, linux-tools-raspi-nolpae, linux-oracle-lts-18.04, linux-gcp-tools-5.15.0-1005, linux-modules-extra-5.15.0-1006-oracle, linux-tools-generic-64k-hwe-22.04-edge, linux-tools-generic-64k, linux-image-virtual-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-headers-5.13.0-1028-raspi, linux-image-lowlatency-64k-hwe-22.04, linux-image-generic, linux-signed-oracle-lts-18.04, linux-image-unsigned-5.15.0-1007-azure, linux-image-unsigned-5.15.0-33-lowlatency, linux-headers-lowlatency-64k, linux-modules-extra-4.15.0-180-generic, linux-image-generic-hwe-16.04-edge, linux-image-5.15.0-1006-oracle, linux-modules-5.15.0-33-generic, linux-signed-image-oracle, linux-buildinfo-5.15.0-33-lowlatency, linux-headers-generic-hwe-20.04, linux-tools-5.13.0-44-generic, linux-modules-5.15.0-1004-ibm, linux-cloud-tools-lowlatency-hwe-16.04, linux-generic-64k-hwe-20.04, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-azure-tools-5.15.0-1007, linux-modules-5.13.0-1025-aws, linux-tools-aws, linux-modules-5.15.0-33-lowlatency, linux-lowlatency-hwe-16.04-edge, linux-cloud-tools-lowlatency-hwe-22.04, linux-raspi-tools-5.13.0-1028, linux-image-oem-20.04, linux-aws, linux-modules-5.15.0-33-lowlatency-64k, linux-lowlatency-64k-hwe-20.04-edge, linux-modules-extra-5.15.0-1004-ibm, linux-image-virtual, linux-modules-extra-azure, linux-oracle-tools-4.15.0-1095, linux-buildinfo-4.15.0-180-generic, linux-aws-5.13-cloud-tools-5.13.0-1025, linux-image-4.15.0-1130-aws-hwe, linux-headers-5.15.0-33-generic, linux-tools-5.15.0-1006-oracle, linux-buildinfo-4.15.0-180-generic-lpae, linux-image-gke, linux-image-generic-64k, linux-tools-virtual-hwe-16.04-edge, linux-image-4.15.0-1095-oracle, linux-image-raspi-nolpae, linux-crashdump, linux-buildinfo-5.15.0-1007-kvm, linux-virtual-hwe-20.04, linux-cloud-tools-5.13.0-44-generic, linux-image-raspi, linux-image-4.15.0-1130-aws, linux-kvm-headers-5.15.0-1007, linux-image-generic-lpae-hwe-22.04, linux-tools-5.15.0-1005-gke, linux-modules-extra-raspi, linux-signed-generic-hwe-16.04, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-tools-5.13.0-44, linux-aws-5.13-headers-5.13.0-1025, linux-lowlatency-64k, linux-tools-lowlatency-hwe-20.04-edge, linux-aws-5.13-tools-5.13.0-1025, linux-cloud-tools-generic-hwe-22.04, linux-headers-raspi-nolpae, linux-image-5.15.0-1005-gcp, linux-virtual-hwe-20.04-edge, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-headers-5.15.0-1006-oracle, linux-tools-5.15.0-33-lowlatency, linux-buildinfo-5.15.0-33-lowlatency-64k, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-cloud-tools-4.15.0-180, linux-tools-5.13.0-1025-aws, linux-lowlatency-hwe-20.04-edge, linux-cloud-tools-virtual, linux-headers-virtual-hwe-22.04, linux-headers-5.13.0-1025-azure, linux-generic-lpae-hwe-22.04-edge, linux-image-generic-64k-hwe-22.04, linux-modules-extra-aws-lts-18.04, linux-image-extra-virtual-hwe-22.04, linux-headers-5.15.0-33-generic-lpae, linux-headers-lowlatency-hwe-16.04, linux-tools-lowlatency-hwe-22.04-edge, linux-lowlatency-hwe-22.04, linux-image-5.13.0-1025-azure, linux-tools-4.15.0-180-lowlatency, linux-image-lowlatency-64k, linux-buildinfo-5.15.0-33-generic-lpae, linux-aws-5.13, linux-signed-lowlatency-hwe-16.04, linux-hwe-5.13-source-5.13.0, linux-headers-generic-hwe-22.04-edge, linux-headers-generic-hwe-16.04-edge, linux-image-5.15.0-33-generic-64k, linux-virtual-hwe-22.04, linux-image-ibm, linux-aws-headers-5.13.0-1025, linux-image-extra-virtual-hwe-20.04-edge, linux-headers-generic-lpae-hwe-16.04-edge, linux-lowlatency-tools-host, linux-image-5.15.0-1007-azure, linux-tools-generic-lpae-hwe-16.04, linux-buildinfo-4.15.0-1130-aws, linux-modules-5.13.0-1025-azure, linux-headers-5.15.0-33-lowlatency, linux-tools-generic-lpae, linux-lowlatency-64k-hwe-22.04-edge, linux-azure-headers-5.13.0-1025, linux-ibm-source-5.15.0, linux-tools-lowlatency-64k, linux-modules-5.15.0-33-generic-lpae, linux-headers-4.15.0-180-generic-lpae, linux-headers-azure, linux-image-lowlatency-hwe-22.04-edge, linux-image-unsigned-5.13.0-1025-azure, linux-tools-generic-hwe-16.04-edge, linux-aws-edge, linux-image-virtual-hwe-20.04-edge, linux-cloud-tools-generic-hwe-22.04-edge, linux-tools-5.13.0-1028-raspi-nolpae, linux-generic-lpae-hwe-20.04, linux-generic-lpae-hwe-22.04, linux-buildinfo-5.13.0-1025-azure, linux-headers-aws-lts-18.04, linux-kvm-headers-4.15.0-1116, linux-ibm-tools-5.15.0-1004, linux-image-lowlatency, linux-modules-extra-5.13.0-44-generic, linux-headers-generic-64k-hwe-22.04, linux, linux-modules-extra-5.15.0-1005-gcp, linux-headers-lowlatency, linux-headers-4.15.0-1116-kvm, linux-cloud-tools-generic, linux-image-lowlatency-64k-hwe-20.04, linux-oracle-headers-5.15.0-1006, linux-signed-generic-hwe-16.04-edge, linux-headers-5.15.0-33-generic-64k, linux-signed-lowlatency, linux-modules-5.13.0-1028-raspi-nolpae, linux-tools-oem, linux-cloud-tools-5.13.0-1025-azure, linux-lowlatency-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-cloud-tools-4.15.0-1130-aws, linux-virtual-hwe-22.04-edge, linux-signed-lowlatency-hwe-16.04-edge, linux-oracle, linux-headers-aws, linux-headers-4.15.0-180-generic, linux-image-5.13.0-1025-aws, linux-modules-5.15.0-1006-oracle, linux-tools-lowlatency-64k-hwe-20.04-edge - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2IqskNZI30y1K9AQht4g//QmX0ZkpTCJMmrm4ETt3tfSmtF24Jrg0S e1a4RWrleoSmOGrmks89Swm3QG0gBwaQqxgWxMQi/PoMbaYYNcAnWtigsxQsjDkp vaJerTiyAcvvhN0vZMUyOIRtPbKO96DIjfAs/HDn3nKvSfvFV3dWJKZx3lSp3Fph Cho4mI7VCZv3WtjUi1Fe0NZ2p6NkE3fbnBZBxYxRZLFV16DDw3Vzc3yVF5qsxwdo dtjJ8pmTl4wjRl+7Avp1W54OBHPVpgY7TzI5P1VpUHIDZxC+CPrCH1kesNQzC1Nl rbWxGcYuVCSUzZ9MkfgGvxCWimk9H/II5b9sSS9HhxPBiSBiqg/CRZskCZZ/9tNK fAUoUXp91rDPyxyeQwKKwFHELD0VMcIlXeT1KESrPjlHI4ztCtTCIqSuD8Ggarfj rtyaVBRWJ33odnXT3col7LbZv6UkMqamlWANlL6FA7yeKf8lN0hs8hpAm+3pzkma hldMPyDODWDARnQbX7XZU9t4e/ID7vN/w31a1DN8dClufHrdi9swZYrBNYRGCKjK 4Vfuw837KJIulZdDL9VJViXRL5kFzyuDrdTJVL3VnrxpPF7bS219SufmAsesgZSR t6fv3hnddlIYgQmy8Fp4whOgkuU/nN2OIQ8qDNWNCbYgQ/yCVrmgfRCr8lm1UfUc 2mBRNQqGqzA= =H9GQ -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2539 - [RedHat] thunderbird: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2539 thunderbird security update 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: thunderbird Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-1802 CVE-2022-1529 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:4730 Comment: CVSS (Max): 8.8 CVE-2022-1802 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: thunderbird security update Advisory ID: RHSA-2022:4730-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:4730 Issue date: 2022-05-24 CVE Names: CVE-2022-1529 CVE-2022-1802 ===================================================================== 1. Summary: An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Thunderbird must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2089217 - CVE-2022-1802 Mozilla: Prototype pollution in Top-Level Await implementation 2089218 - CVE-2022-1529 Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: thunderbird-91.9.1-1.el7_9.src.rpm x86_64: thunderbird-91.9.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-91.9.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: thunderbird-91.9.1-1.el7_9.src.rpm ppc64le: thunderbird-91.9.1-1.el7_9.ppc64le.rpm thunderbird-debuginfo-91.9.1-1.el7_9.ppc64le.rpm x86_64: thunderbird-91.9.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-91.9.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: thunderbird-91.9.1-1.el7_9.src.rpm x86_64: thunderbird-91.9.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-91.9.1-1.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1529 https://access.redhat.com/security/cve/CVE-2022-1802 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYo1E59zjgjWX9erEAQgmpA/+KYix4PXOph/HdWZCBckIF9Pf1N6thbFw zfpz/S/vvdutu2NEcybaqN1k75GmjMNMxK27RnnxuJolNd4GGjZsortrMXTtq03L BCqW6FC+X51vWCAFcTrObXu4GWvFSpTTRIhLyqNBVVyk+NqLWptQAslv/5ozclOz K+YicZbDDDceC5H8t3mgWMxI2YewRalmgdzSsYfn1hz0stYpw2CDr7QhMtP33Hwi /ph8czSeqzU/Q3s9f9MvdGYUoTau7KK/QamHp/6gN+gM/jkoKNUymlgf9/hixeVf iTZsYzylSA1UZqwSwO2LOloNou6iT9sDVPvMqLzFKKrkEw7RQiw/pwma3hPmc79D 1Ob5E9/+2GAW2Dh61hUJR4Fodc/GXKiyzExoDhcNNavDHtPe2p0o0H7vy0qN882i cfaKIA/WY3Q8BsoIkUh7cAZhN4ZEVoiDTxxegWwQ7e9UIAfRzCNnPlGY1NTnpNgw xsYNlZdcG7yAL/xf1ZtW6/cLGkXJWdWmqGbWEJilub583DTKIQTJpBg9g00RdnY0 eYduyCgm5fiNu7idJDGhHblIrtrlwuozzWt+JlQAjBoA12yB8woF87TSxgtfXhA6 4TCDUQ+AXsY7zwTGuBUe7HBjZJAQxl/6Hq4R+m4Ce3fL9iLsG+drN4nvvnHyBJ4Q DVFcAaCavRY= =deqd - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2H/MkNZI30y1K9AQgJ7w//YaQ8iNiXypV4lJNyWWg2EJnabMRO0b81 ThpE+H1NmgQF05+SeZvx6GpljtJdJ5FRpVj5Upfpzwam90DpVcins/NGuyxYraQO ktrAgvau0cjB6e7xoov/U7Uc24NhJ//quj5/ad3RYhW6gTu1girBVBAJvtUcRpPu Uryz8HDS1Y2YhRSp42yHkCBB4cKFUYLvIX4QzEuEg2j4Ma8ztSSAmhrjltaXlwgV dQMV+qsQ60SAZn7RkSx0LCxCg/j8j07RO9PSP7Key+fd/adtGQlxERaFV1lb6EpT je+5t20s4eAtu9FiE5kUNmAA3jLV1+2nJdUmbDWyH18K+rq/aU7av/fj11MFy1iI 1qWPMssiruUVbQl12x2hSK2Lzvot4A96KndLqCexcTobVW9B8to+J2qXyucdOZAJ riUaO3OdGDubF2SKmsg+BGoq7gFJPM4PjeWkMq04bzmg6V2zZZ58KTc/Se7nUGjD 4z9ncyu0+1TizWDftYYBpCwYuWznbVNtciZjFqZAVuI3v5AESnyYDOX+hrH0jSNi YzVgsNkPVtBVmUZzTl1rriIx9l6BOoRz6IuK15DLilFRkErU6IiJKH/sorYfMnl0 d3bLNIaldFcP34NzuT4enWhQX9M+hBTb76sDgYm3pzNsa5pa9yn3p542tLTGfH4B xOkSDkRXjY0= =tb4o -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2538 - [RedHat] firefox: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2538 firefox security update 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firefox Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-1802 CVE-2022-1529 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:4729 Comment: CVSS (Max): 8.8 CVE-2022-1802 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2022:4729-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:4729 Issue date: 2022-05-24 CVE Names: CVE-2022-1529 CVE-2022-1802 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2089217 - CVE-2022-1802 Mozilla: Prototype pollution in Top-Level Await implementation 2089218 - CVE-2022-1529 Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: firefox-91.9.1-1.el7_9.src.rpm x86_64: firefox-91.9.1-1.el7_9.x86_64.rpm firefox-debuginfo-91.9.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-91.9.1-1.el7_9.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-91.9.1-1.el7_9.src.rpm ppc64: firefox-91.9.1-1.el7_9.ppc64.rpm firefox-debuginfo-91.9.1-1.el7_9.ppc64.rpm ppc64le: firefox-91.9.1-1.el7_9.ppc64le.rpm firefox-debuginfo-91.9.1-1.el7_9.ppc64le.rpm s390x: firefox-91.9.1-1.el7_9.s390x.rpm firefox-debuginfo-91.9.1-1.el7_9.s390x.rpm x86_64: firefox-91.9.1-1.el7_9.x86_64.rpm firefox-debuginfo-91.9.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: firefox-91.9.1-1.el7_9.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-91.9.1-1.el7_9.src.rpm x86_64: firefox-91.9.1-1.el7_9.x86_64.rpm firefox-debuginfo-91.9.1-1.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-91.9.1-1.el7_9.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1529 https://access.redhat.com/security/cve/CVE-2022-1802 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYo1E4dzjgjWX9erEAQjr5Q/9G+BFzo5hmBLNjEvTDJIQjPHUZtbY/+Pr FWVC3BXqq1q7JKO1cggC19FsHnLWumxatTYKslqWv3nPcNbdGYed6kriP8Uu3eZB wH/dtZNS4l0sbbnJ7Qkzy+HciaA5AgAG3vNkfPcJOjTjO4d1DSveMbptljkd2p7X zklE/Owe+R38N9tRdS7bmyt/wO6P1bfaAxuj+FMrOWodgy7nOawxA0eGQRXiK2An qfrufG4DVv8uu7zhJiJq0a7ZOTjqm+c1sT/RceANUN65js2ERuND4/OytEqEkqZm dnNDYKHlGmXrBsqXLloSLe3A1YosxCgjSl34E5h9neTCguAuUsvGBjmMypBcok3y rfMPyfcjBxxrWYfrfr2TucI6nhX9qVqYUyFu5eNScYQiwlDrLiY6RPa3VUvQfSZn SrtcnIh6i4Sdd7StMkZjNM8i2pvA6f3QDN51RamJUnfN+mmIPJGo6yFFefxRaiSI E0XXf8OUxdftIPh2gLuaXVWI8r7PWzTxDy1USJWHnjf6wosVAP2c9mtIPm7DhAhZ Y8PiBmEn92lu8v7A1XTmc3Fq1CTthkQ8rNBwe4GaeyoqvGc+S1Unb/Pzh5qgfYZT 66qiPw5VjqLwtnwJ3PWp9lujXtFEDDYu8NLiPXPXS1d8zWpP7JRMaYMdM1/SmQTg I7Z9UPrs9Rs= =NwlG - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2H9skNZI30y1K9AQin8RAAjOLHmFns/T/YD7cX6KAsO3bffOBPGDYj G26zMhrayPdE+1A9kfVCmXAK7gURXCQBs80lOCLIk9TcwzOCnkAv7WmbM/FTFfsE 2cORIwbqAL3P3P/O/YqymqzeP2kZABXkn3gaKlVOex3P2yNDEq3wr89eopEiNpaj c4sTITvEqgPlwpF40RlKiliP1cDIx6T1sevdb9/2ppkVnNEftAOrBH2wjuUd88Sq FKo2ERbc4gjNUa48zcMYn2fleItTO6ANT0GEFYvtbK13LLhU98/pD4dFaUou7bNk 6fFdKWLb0njTkc4Ro/pBFdlG8wr9YWss7qAB0wj51TchJ2QRptID7AO76+Kosp+L tiocxLKmwplb3Dewf4VRWrNsNMIt5nKQLtx97xxfI9dB0zbc0eWukH3ECpMVHDAJ whXqa556T5pxreN8+BzHscRXTEPjOHIUoYzk+kBafAFLD5cpogaBAC16AngW84gs Xbrapu6OQQir9FrUob9RLe8oPTTkboKBmUtoycZpmzjuCHlCZk5awqPYuKGT5X1B IszJBJNM1P4qY68kOPj3YkglBDGrZ40fQ32uLdWuDSt/2dwhihvd9IMcmdTTLkhp 3W80JZymIGFB3G7JcLjAC4m7hSOk8CuRNbeSbz7OO+b+lIPp7GabloZkQTWFZpuh FrBozv9+TbQ= =ZAIG -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2537 - [Ubuntu] AccountsService: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2537 USN-5439-1: AccountsService vulnerability 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: AccountsService Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1804 Original Bulletin: https://ubuntu.com/security/notices/USN-5439-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5439-1: AccountsService vulnerability 24 May 2022 AccountsService could be made to crash or stop responding. Releases o Ubuntu 22.04 LTS Packages o accountsservice - query and manipulate user account information Details Gunnar Hjalmarsson discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or stop responding, resulting in a denial of service. (CVE-2022-1804) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o accountsservice - 22.07.5-2ubuntu1.3 o libaccountsservice0 - 22.07.5-2ubuntu1.3 After a standard system update you need to reboot your computer to make all the necessary changes. References o CVE-2022-1804 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2H78kNZI30y1K9AQjx+A//bpk7V+Jv/q2BWAt5JUKtTMN6xDbkImLV Bv9rNzdGLs4TqV2wZ2hOLVHnSu/nNKIXL85qvuLXiue82VeF9kewYTBZoev469zq /+JhBwxtcWxObMMoR0PUtuHZ5z9EjxYMkpumG2XNtlPPBHRZT6eVr0+v90Ru6Fhp em+PJGox+JhtnwYD/FcOFYjVSy397tXamwZDAYMsFzzx9aRdGzXq8bPonMvIn66b V9IXGbjtncEoaCf3adLYzGTXQNWpPeav0pHXmfRWsP+uzfp1mF4tmAbKVlr2x2r8 SZQwohQwaYd6XvG2CEby5hFpoDUFj9Z8CPzUh/y7xAHhCKPdvpalmGed6ONkwpPN g7DieXuEMdb7IfVdB/ts2hW7bWyIxBLFleGQEW1eKH4zniPiX4wgE7yT1qLMjhQS p1PkfsKujwG+0eNdhBIpNjeY+o3Ftu18QjwwaaQmWQsWSh+YWHdC+Yq/jnhkaDgN KzXfj+G0OYCy1HiZglxzwyD2rsyfzEkyBrHBM7qVvaMHl+qFLhXaFBt451FGcn0E +6ttIQfZGjuuFKgDi0gDexfIA3yMQhnp2eW3ky5UZoHOx9CWfBcJafNFP9+Yt6zN dnCVWyT2lCOhe/nytvu3fywuw+B4dTeUwjz7PRZKVOOINNJXjaGyO28fnLxOxyVq JLkjTWPmW6U= =umgd -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2536 - [Ubuntu] Rsyslog: CVSS (Max): 8.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2536 USN-5404-2: Rsyslog vulnerability 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Rsyslog Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-24903 Original Bulletin: https://ubuntu.com/security/notices/USN-5404-2 Comment: CVSS (Max): 8.1 CVE-2022-24903 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5404-2: Rsyslog vulnerability 24 May 2022 Rsyslog could be made to crash if it received a specially crafted request. Releases o Ubuntu 16.04 ESM Packages o rsyslog - Enhanced syslogd Details USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o rsyslog - 8.16.0-1ubuntu3.1+esm2 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2022-24903 Related notices o USN-5404-1 : rsyslog-pgsql, rsyslog-gssapi, rsyslog-kubernetes, rsyslog-gnutls, rsyslog-elasticsearch, rsyslog-kafka, rsyslog-mysql, rsyslog-hiredis, rsyslog-relp, rsyslog-snmp, rsyslog-czmq, rsyslog-mongodb, rsyslog-openssl, rsyslog - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo2H6ckNZI30y1K9AQj84g//Rm7PwBAXK5qZ3d6GQTLbL8wiOWdPRrK8 mOst4FnAxElY1Ayobt7rN8G6QV9CBwmUW1DfAhDTX2qStnN+Eu9wixrlrIU9kH2/ sNENAXuInaB89KWQlAUTN4dojvS0gUC1HjTd4chVHoMj8OqXe2U0pl+I80FMmHJq WAiZAHuf0uelFhL7HhhT0vTeLrKt8RplMF8AxKJohEzWp3PeeCfcnvMo8SqUu8cn ZB/l9vEONSenhOZ7pjPXUNBteM664SXwdbKOdTPD9g7GGMcxiI1beW/HGArwDx2X jJykaXyDNZScNq2qHOX6RjgJQZJXaJiuzZfiha9zln4Kq0JplHdVg7NPUvQ/Hly+ ItSyRoxZB+T9cJySVTlMLGVVWOZZ+KcwydvpyJubXzb3myV9Ymi0/l2AHf34hBlF d/cx2w72Ub+ckwPKRKcxGtPG3yGIbk9gJST3tfK90UhWnyW2+IOu6/ISDQAdplJh q3tUALSPGffganuR/4Uv5mkD0hCn42VndcdUfqqX/5V6MGd8uyKEJW7Hw72y46FL 9ok1ZRs8KtA4DhyY+hJMyfrcW/H7naXWbHkk2LVBmasHb/KPHQ+tSS6lskLJzOeu tGapL+QaDkn4IOdPk6B2N3WZBYzBBExPc/jCK8of7HfdELdsLkT6e36tc3WxE1xV 7UoNkV5QfIE= =j3hS -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2535 - [SUSE] libarchive: CVSS (Max): 7.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2535 Security update for libarchive 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libarchive Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-26280 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221803-1 Comment: CVSS (Max): 7.4 CVE-2022-26280 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for libarchive ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1803-1 Rating: moderate References: #1197634 Cross-References: CVE-2022-26280 Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libarchive fixes the following issues: o CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init (bsc#1197634). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1803=1 o SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1803=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1803=1 Package List: o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): bsdtar-3.4.2-150200.4.6.1 bsdtar-debuginfo-3.4.2-150200.4.6.1 libarchive-debugsource-3.4.2-150200.4.6.1 libarchive-devel-3.4.2-150200.4.6.1 libarchive13-3.4.2-150200.4.6.1 libarchive13-debuginfo-3.4.2-150200.4.6.1 o openSUSE Leap 15.3 (x86_64): libarchive13-32bit-3.4.2-150200.4.6.1 libarchive13-32bit-debuginfo-3.4.2-150200.4.6.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): bsdtar-3.4.2-150200.4.6.1 bsdtar-debuginfo-3.4.2-150200.4.6.1 libarchive-debugsource-3.4.2-150200.4.6.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libarchive-debugsource-3.4.2-150200.4.6.1 libarchive-devel-3.4.2-150200.4.6.1 libarchive13-3.4.2-150200.4.6.1 libarchive13-debuginfo-3.4.2-150200.4.6.1 References: o https://www.suse.com/security/cve/CVE-2022-26280.html o https://bugzilla.suse.com/1197634 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wO8kNZI30y1K9AQghThAAsAsn2RZqITi1FR4m4hrFuerc5HH6get/ szd07E4yB5Ym0XUa6sBUTyDIj5G3X6ZM/69zBKgINrRtXi/R2EeAc7rqPGNDImEe Jq5yEq1UDTSx3vZlu2hca0lsy6Ex5EmRvvwbYXgylsGIeJtwK/rlWSs4j1Kg8FL/ CrXCR3hdRzzOuxfYb/XsZVWcxTcHgBnYp0EqePeY3PzRmFPImETD2eObhhBQQX5Y lFhRcmhVZemOfMrT2FVlIOp0EufPIXSTDDH7TrVg52aWsr4KNudNho2Xj9sw9yGa KrCmTjQBV9Mj+mPpGO5/JCAPGPKtZrMAj7/POizS1rWE2G3oRb3yYsNA2m+HBpXE nkHnGIWYrbIWvlHzOZsGZkYlej/uuA7OeUlqBfcjCt+MFQQy8X3P5NpVKch6XQ0U Nv5TVvJGq1R+sYd0UIuc+kXtXgFSAeQEml7Ws1LzJeIDK1J2gFyqxvX7JzrCjE6T DrHetIctetgFDUsvnrTo/+RR6icAdvxLDWgVgL3oar2GIllVZ2zyRxC/naWpF8W3 cNyITMk4Mjxm+h0CTCBm00H07ZhAWvqnH52IW82MTtxVvTylILgGT5IIEzFwo3Nf Y8bOYyjnh/xTAZPuaJJT75Zqu89ZMbKn96hVdsoe3kLtGfhKPzWdKKyEzsFBuxuU KzTLIjrh50E= =yVIu -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2534 - [SUSE] curl: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2534 Security update for curl 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: curl Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-27782 CVE-2022-27781 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221805-1 Comment: CVSS (Max): 7.5 CVE-2022-27782 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1805-1 Rating: important References: #1199223 #1199224 Cross-References: CVE-2022-27781 CVE-2022-27782 Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for curl fixes the following issues: o CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223) o CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1805=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1805=1 Package List: o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): curl-debuginfo-7.60.0-11.40.2 curl-debugsource-7.60.0-11.40.2 libcurl-devel-7.60.0-11.40.2 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): curl-7.60.0-11.40.2 curl-debuginfo-7.60.0-11.40.2 curl-debugsource-7.60.0-11.40.2 libcurl4-7.60.0-11.40.2 libcurl4-debuginfo-7.60.0-11.40.2 o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libcurl4-32bit-7.60.0-11.40.2 libcurl4-debuginfo-32bit-7.60.0-11.40.2 References: o https://www.suse.com/security/cve/CVE-2022-27781.html o https://www.suse.com/security/cve/CVE-2022-27782.html o https://bugzilla.suse.com/1199223 o https://bugzilla.suse.com/1199224 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wMMkNZI30y1K9AQhcQw/9HDrEBd01Oe7HdI+L+ecCCVAVBUDhFA0x vNh09KyondcO2hi5l2nbpka4g5vzp+4TTWXnnNYkepjL0w6LphjPcPxd5KAhDp+K xifZ8v9uhWj+e8qJX3pkI7zi4JfEV3ydTASpic8Sv+pRV0DKbrjGA7xeFjxxEF/z juGbVKvkDQD81raZ1Y90uEe9HDPDQsWdWj8VGaiUYOtUAGLzUe2/EvtD/OtxAb7A x2WxzzKJAZ0rtgt7MwRep3agO4KjgwyqJVcswlJXiKN6hf/3j2N04hZXpUvc7P0h TtL1yq0vQpmi51y/ej44lfDwdP7FQsNmo/MFXLASmQSMW+iKJQDJySgEUA9G7TFT 74zVRWS0Dsa4DPXZZT2acJHNyhgEpv4GKowdSRHYsK5Aa3VF3S4BDe7mIZOLI8+9 sfGNFg0xIIQu2bHXCEmB/nFA1HkQ9qmuiJFqMia8Ukv6+xQBbo2vqJyJEnQCubFY P3kqdNZjJhD5AjbNEeudS5zmoIQ1vvxFKoryaRIgiqBCkr2AAXw8N30LYFgAKXva NwA7rvuQD3a1gS8C72AYlF6KD5a5nK78oPeP7mMCIi6HR3jxV+AT9LCmHpsJ2gpC zVjT6bJ3nR4xCa7WAO8AwEHhwIbMA7M/KcsZOXeXh+9WaQjczlqkkzd3UjVAamop 8mCzponKmi4= =rtwx -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2533 - [SUSE] Linux Kernel: CVSS (Max): 7.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2533 Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-1280 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221796-1 Comment: CVSS (Max): 7.0 CVE-2022-1280 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1796-1 Rating: important References: #1198590 Cross-References: CVE-2022-1280 Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 SUSE Linux Enterprise Module for Live Patching 15-SP3 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.12.14-122_113 fixes one issue. The following security issue was fixed: o CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in drivers/gpu/drm/drm_lease.c. This flaw allowed a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak (bsc#1198590). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Module for Live Patching 15-SP3: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1798=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-1800=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-1801=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-1807=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-1810=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-1811=1 o SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-1792=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-1793=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-1794=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-1795=1 o SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-1791=1 SUSE-SLE-Live-Patching-12-SP5-2022-1796=1 SUSE-SLE-Live-Patching-12-SP5-2022-1797=1 SUSE-SLE-Live-Patching-12-SP5-2022-1806=1 Package List: o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-57-default-17-150200.3.1 kernel-livepatch-5_3_18-57-default-debuginfo-17-150200.3.1 kernel-livepatch-5_3_18-59_16-default-14-150300.2.1 kernel-livepatch-5_3_18-59_16-default-debuginfo-14-150300.2.1 kernel-livepatch-5_3_18-59_24-default-11-150300.2.1 kernel-livepatch-5_3_18-59_24-default-debuginfo-11-150300.2.1 kernel-livepatch-5_3_18-59_27-default-11-150300.2.1 kernel-livepatch-5_3_18-59_27-default-debuginfo-11-150300.2.1 kernel-livepatch-5_3_18-59_34-default-10-150300.2.1 kernel-livepatch-5_3_18-59_34-default-debuginfo-10-150300.2.1 kernel-livepatch-5_3_18-59_5-default-15-150300.2.1 kernel-livepatch-5_3_18-59_5-default-debuginfo-15-150300.2.1 kernel-livepatch-SLE15-SP3_Update_0-debugsource-17-150200.3.1 kernel-livepatch-SLE15-SP3_Update_1-debugsource-15-150300.2.1 kernel-livepatch-SLE15-SP3_Update_4-debugsource-14-150300.2.1 kernel-livepatch-SLE15-SP3_Update_6-debugsource-11-150300.2.1 kernel-livepatch-SLE15-SP3_Update_7-debugsource-11-150300.2.1 kernel-livepatch-SLE15-SP3_Update_9-debugsource-10-150300.2.1 o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-24_67-default-15-150200.2.1 kernel-livepatch-5_3_18-24_67-default-debuginfo-15-150200.2.1 kernel-livepatch-5_3_18-24_83-default-11-150200.2.1 kernel-livepatch-5_3_18-24_83-default-debuginfo-11-150200.2.1 kernel-livepatch-5_3_18-24_93-default-10-150200.2.1 kernel-livepatch-5_3_18-24_93-default-debuginfo-10-150200.2.1 kernel-livepatch-5_3_18-24_96-default-9-150200.2.1 kernel-livepatch-5_3_18-24_96-default-debuginfo-9-150200.2.1 kernel-livepatch-SLE15-SP2_Update_14-debugsource-15-150200.2.1 kernel-livepatch-SLE15-SP2_Update_19-debugsource-11-150200.2.1 kernel-livepatch-SLE15-SP2_Update_21-debugsource-10-150200.2.1 kernel-livepatch-SLE15-SP2_Update_22-debugsource-9-150200.2.1 o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kgraft-patch-4_12_14-122_110-default-5-2.1 kgraft-patch-4_12_14-122_113-default-4-2.1 kgraft-patch-4_12_14-122_77-default-15-2.1 kgraft-patch-4_12_14-122_98-default-9-2.1 References: o https://www.suse.com/security/cve/CVE-2022-1280.html o https://bugzilla.suse.com/1198590 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wKskNZI30y1K9AQgFoxAAmzXJF6HdL5IwT5RaiUJWFlqV/+hXxlrM XAZB7JvI4ghvXTqXy+2FCH/5XLg287cTSgTm/Tmr/SWc0YR8MAvN9WwAu6EBbgOv /PuaKXl2CgTT7uT3EwE4JFbZRrGzJqsVrFSrGZIllLWM9C1TI4H8FeH1Eo7Ngcys Bs9LYBVttTeuOqXxC6DkxhMM1pzzdVcyduURN9sCclaS7WT8L6YwkLCDovdPS0W8 vS3rOA6rkXQ7fXmTvpIEAXYxCfoYPUHBsQXfQfxyCJk/sp7b+U0W1VyS8LXVELiW iwGobhPWuC7Cu8hB2o6u00apo5iKNljeWBTS33Elqb9zYxZsC0VjCOcUZ43cRtW5 cnPF9Hu0gd0v4ny8jpPuMmjOPfJw7YkxZYTR+xGnbeLdwNocZ87+o2PyFswU/qL9 u8/G/zLVsOsAISFaZr//GUt/f/fdUnokA42Q9WCQjx6LrzSmNx+ax/tMeXO1DX3r 9XHdXHE3GIoCfVKWtL9XXFnrahUqGfSgIFIHNnW143s8LtxJM5hDNgcNevcUcLEU Ycs7k2CjG9k5DzDtAti/ejiuOFU0RLnc40hkYPOlrWL3YVx3/l7AnzSkVCu/pvXS uAKw9uIQMJkccahxDIR8PgTTfUlgMa2zUt8ejVWZb37B7jPvnIsEefTUK0o8skkW ExySUbtgcCM= =h5Sn -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2532 - [SUSE] slurm_20_11: CVSS (Max): 9.9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2532 Security update for slurm_20_11 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: slurm_20_11 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-29501 CVE-2022-29500 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221815-1 Comment: CVSS (Max): 9.9 CVE-2022-29500 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for slurm_20_11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1815-1 Rating: important References: #1199278 #1199279 Cross-References: CVE-2022-29500 CVE-2022-29501 Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for slurm_20_11 fixes the following issues: o CVE-2022-29500: Fixed architectural flaw that could have been exploited to allow an unprivileged user to execute arbitrary processes as root (bsc# 1199278). o CVE-2022-29501: Fixed a problem that an unprivileged user could have sent data to arbitrary unix socket as root (bsc#1199279). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1815=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1815=1 Package List: o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): libnss_slurm2_20_11-20.11.9-150100.3.14.1 libpmi0_20_11-20.11.9-150100.3.14.1 libslurm36-20.11.9-150100.3.14.1 perl-slurm_20_11-20.11.9-150100.3.14.1 slurm_20_11-20.11.9-150100.3.14.1 slurm_20_11-auth-none-20.11.9-150100.3.14.1 slurm_20_11-config-20.11.9-150100.3.14.1 slurm_20_11-config-man-20.11.9-150100.3.14.1 slurm_20_11-devel-20.11.9-150100.3.14.1 slurm_20_11-doc-20.11.9-150100.3.14.1 slurm_20_11-lua-20.11.9-150100.3.14.1 slurm_20_11-munge-20.11.9-150100.3.14.1 slurm_20_11-node-20.11.9-150100.3.14.1 slurm_20_11-pam_slurm-20.11.9-150100.3.14.1 slurm_20_11-plugins-20.11.9-150100.3.14.1 slurm_20_11-slurmdbd-20.11.9-150100.3.14.1 slurm_20_11-sql-20.11.9-150100.3.14.1 slurm_20_11-sview-20.11.9-150100.3.14.1 slurm_20_11-torque-20.11.9-150100.3.14.1 slurm_20_11-webdoc-20.11.9-150100.3.14.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): libnss_slurm2_20_11-20.11.9-150100.3.14.1 libpmi0_20_11-20.11.9-150100.3.14.1 libslurm36-20.11.9-150100.3.14.1 perl-slurm_20_11-20.11.9-150100.3.14.1 slurm_20_11-20.11.9-150100.3.14.1 slurm_20_11-auth-none-20.11.9-150100.3.14.1 slurm_20_11-config-20.11.9-150100.3.14.1 slurm_20_11-config-man-20.11.9-150100.3.14.1 slurm_20_11-devel-20.11.9-150100.3.14.1 slurm_20_11-doc-20.11.9-150100.3.14.1 slurm_20_11-lua-20.11.9-150100.3.14.1 slurm_20_11-munge-20.11.9-150100.3.14.1 slurm_20_11-node-20.11.9-150100.3.14.1 slurm_20_11-pam_slurm-20.11.9-150100.3.14.1 slurm_20_11-plugins-20.11.9-150100.3.14.1 slurm_20_11-slurmdbd-20.11.9-150100.3.14.1 slurm_20_11-sql-20.11.9-150100.3.14.1 slurm_20_11-sview-20.11.9-150100.3.14.1 slurm_20_11-torque-20.11.9-150100.3.14.1 slurm_20_11-webdoc-20.11.9-150100.3.14.1 References: o https://www.suse.com/security/cve/CVE-2022-29500.html o https://www.suse.com/security/cve/CVE-2022-29501.html o https://bugzilla.suse.com/1199278 o https://bugzilla.suse.com/1199279 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wJckNZI30y1K9AQiIhxAAs5D65Ph5p9N9xToIb9hKypSiA295qux/ cCKdF4t6uHZM5e/jw7hsklHSKByGMuHAyaFUfSNYnYBL2+ZsJrWkZMbPjgt/pi9l D2w3MLiMVo6+5CJkOJYxEoYzgvhjYyZuPzr4xbYCQNFEK9v0JgLHg5EY8QUqmkgw clx2IHrYojoxZ/LtUY5OKgmpG69D3PchZ43yBaUKbsx5jrboOmmVdwR0QxWmnUYP Xu4skkHKKuQdGGyGhZFQpOU1w0qrKFWHP8ahT6glDbJWc9lOx+zRAENmcUr2tJTj HfMeSIKUZ0xGMnnf/ZZh+gKP5iTuB0mrTyRRqo5BWjSbclsMK3unapswz9peQZda kIvDDNcU/sUglH9lYD0VWpd9bc3gPHmeggxKkoU1OyLOq+LxF4PXnfbRLjAPK54F RE10ClmqH3mgHWd9ib5L5sxsitG/IEWWDQCDfXd9Yv9QhXbkLeoUNkaUaE5ozNpg tspj7dZme+wPpxX2ai782qoOkl/AeU0Nn8FRmnY4srGfXjIfhhWOhCtagYJ0BalI lMpcuBFZhX1wcT+CoHuKtOiCKqZQTJt7NRQaZzjt9PpI02v8sXBLtWnvj3My/rng RAmfTPnR5DktPVeh3SH5K72KcFrBmhX+qY90FBZNk5bCqS4be0jA99S8L+IpoOLP 5qKZZnU6g1k= =MaJP -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2531 - [Ubuntu] PostgreSQL: CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2531 USN-5440-1: PostgreSQL vulnerability 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PostgreSQL Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1552 Original Bulletin: https://ubuntu.com/security/notices/USN-5440-1 Comment: CVSS (Max): 8.8 CVE-2022-1552 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5440-1: PostgreSQL vulnerability 24 May 2022 PostgreSQL could be made to execute commands as the superuser. Releases o Ubuntu 22.04 LTS o Ubuntu 21.10 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o postgresql-10 - Object-relational SQL database o postgresql-12 - Object-relational SQL database o postgresql-13 - Object-relational SQL database o postgresql-14 - Object-relational SQL database Details Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o postgresql-14 - 14.3-0ubuntu0.22.04.1 Ubuntu 21.10 o postgresql-13 - 13.7-0ubuntu0.21.10.1 Ubuntu 20.04 o postgresql-12 - 12.11-0ubuntu0.20.04.1 Ubuntu 18.04 o postgresql-10 - 10.21-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart PostgreSQL to make all the necessary changes. References o CVE-2022-1552 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wIMkNZI30y1K9AQia+Q/6A7m55vWFMXiGj0nNGnXzyUxLAEXG8DF4 j69pl+rdT6isWvMjgixftVvAe5HAlGnYq9VPYswV85bcCBT6qh4eUcVBQXeYxX0o bDvJEOStDqMR82h1Kvb8fdfqBG3AGUEkt+YGARNR6p/is3SUUO8208dvy4uRxtr6 235jAzEX/EitUM+iWgccVZNpBlO10oYDp2Ry/GrIazGo1hAWAIecPp66BdVvRo0r qThSWTBso8nAav2vX+qtrN027sAgp0OhHK1KuAbPagdMdllu4MpSPhFSRNufs7RM KiVZr1NeVMm7qgOKlUAWu6JA5zvJx2aZ9MzgXjVZTq0zw44aDTroiQ7J4gv0mqkl aIJFFO6KWizFicFALrvBAl+LQ2C8hF6V+kUbfQqdv3SPOuNMV6ascbFyGhNSk80Q WLV4fQQ9Pv2F5oPHMfiCcKD6WcJgObFuqXom4Y6Ms0/KCRhQKGNlDrqQLSYhTQbg Q7axDVrFjz9p3GgOc9I0ES9CY64o5DD4nZ9kt+/cQih2vIdL7PcEX8J3293NClPB 0Zi5HFAtPqKkQfELSRLiymCssoRmiW2qrSeJfJGPLgvwodNmDEpvSKeTc8QZ2Mtc qXDa9L1HvVv2GODvVRPsm5hkeW3nkevcVjZ11yv9n8dWIJNEYhQmfFvxn9PuBQ3T I/s8REPdrWc= =yLIL -----END PGP SIGNATURE-----
2022. május 25.

ESB-2022.2530 - [Ubuntu] WebKitGTK: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2530 USN-5441-1: WebKitGTK vulnerabilities 25 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: WebKitGTK Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade Original Bulletin: https://ubuntu.com/security/notices/USN-5441-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5441-1: WebKitGTK vulnerabilities 24 May 2022 Several security issues were fixed in WebKitGTK. Releases o Ubuntu 22.04 LTS o Ubuntu 21.10 o Ubuntu 20.04 LTS Packages o webkit2gtk - Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o libjavascriptcoregtk-4.1-0 - 2.36.2-0ubuntu0.22.04.1 o libwebkit2gtk-4.0-37 - 2.36.2-0ubuntu0.22.04.1 o libwebkit2gtk-4.1-0 - 2.36.2-0ubuntu0.22.04.1 o libjavascriptcoregtk-4.0-18 - 2.36.2-0ubuntu0.22.04.1 Ubuntu 21.10 o libwebkit2gtk-4.0-37 - 2.36.2-0ubuntu0.21.10.1 o libjavascriptcoregtk-4.0-18 - 2.36.2-0ubuntu0.21.10.1 Ubuntu 20.04 o libwebkit2gtk-4.0-37 - 2.36.2-0ubuntu0.20.04.1 o libjavascriptcoregtk-4.0-18 - 2.36.2-0ubuntu0.20.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. References o https://launchpad.net/bugs/1975602 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYo1wGskNZI30y1K9AQgF7Q//a7c4G2Yfp4mw0G1h7RE0kPVuhE+JUiVR OV79pZdnAJ7CPVSNFrzZOFSon4+Eco1cjDB1fjxbLVi/DAU8kGnHJOfe73sV3Aqr hDe/yldvjqNd6WKXp9tAZoag7u/JnzkwvnZte+b5864IhQv/8k9k1RkhzkGNFqx7 7tGF9MIisjR7E2dTsy742CCmL3PQL4av1PNhmqRy4Oh9WUwa4B/v5Mp+sMRaMnY7 BMSjWC2TFLy8lPmNv9ksCaXCe0vGIII5MDvAcFve2pBJhmVM6uqx2HJr4MKHXcB1 Nuds+iABYW4vSfkhTXB1vpgMEthk2SMBwTwcPrfbY8OYLSohUwRJmCM6aEzLS+ar ZM6L0WImMUKh3paUyarWJ2grv6ifgr/le9/seXKBou7X90TFAdPZYoOmD6R4AV9t R/LO9QPYJmtoIp5hegn5qOc6E7WDIXWJPsgoo786kGOI33od78S5aWp78pdEjr5b vDM3KzDT4AzHjNU8lmJkWR0FqmvCwSYjgFW8JJ51w6+mU5698vCnCV615fD+BUy3 DXClbBNWTDMzUyCP8LRrxWCP02APXD2nSG3F5vNSAs8re8zBuPYw/FcGZqe63x6W 6TspjeEsGT6Tg4S2tnT+MHj+fYYVoQbSpfM7Ml2ZOmNRSCMk37FGWo8iCpQT1XBw T+373JXTxZI= =lAeg -----END PGP SIGNATURE-----