AusCERT - Security Bulletins
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 13 perc 48 másodperc
ASB-2022.0093 - [Win][UNIX/Linux] Oracle Database Server: CVSS (Max): 7.2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0093
Oracle Database Server Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle Application Express
Oracle Database Server
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-21498 CVE-2022-21411 CVE-2022-21410
CVE-2021-41165 CVE-2021-22569
Comment: CVSS (Max): 7.2 CVE-2022-21410 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
OVERVIEW
Multiple vulnerabilities have been identified in :
o Oracle Application Express, versions prior to 22.1
o Oracle Database Server, versions 12.1.0.2, 19c, 21c
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 5 new security patches plus
additional third party patches noted below for Oracle Database
Products. None of these vulnerabilities may be remotely exploitable
without authentication, i.e., none may be exploited over a network
without requiring user credentials. None of these patches are
applicable to client-only installations, i.e., installations that do
not have the Oracle Database Server installed." [1]
CVE-2022-21410
7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
The supported version that is affected is 19c. Easily exploitable
vulnerability allows high privileged attacker having Create Any
Procedure privilege with network access via Oracle Net to compromise
the affected system. Successful attacks of this vulnerability can
result in takeover of the affected system.
Affects:
o Oracle Database - Enterprise Edition Sharding 19c
CVE-2022-21498
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Supported versions that are affected are 12.1.0.2, 19c and 21c.
Easily exploitable vulnerability allows low privileged attacker
having Create Procedure privilege with network access via multiple
protocols to compromise the affected system. Successful attacks of
this vulnerability can result in unauthorized creation, deletion or
modification access to critical data or all the affected system's
accessible data.
Affects:
o Java VM 12.1.0.2, 19c, 21c
CVE-2021-41165
5.4 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
The supported version that is affected is Prior to 22.1. Easily
exploitable vulnerability allows low privileged attacker having Valid
User Account privilege with network access via HTTP to compromise the
affected system. Successful attacks require human interaction from a
person other than the attacker and while the vulnerability is in the
affected system, attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in unauthorized update, insert or delete access to some of the
affected system's accessible data as well as unauthorized read access
to a subset of the affected system's accessible data.
Affects:
o Oracle Application Express (CKEditor) Prior to 22.1
CVE-2022-21411
5.4 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Supported versions that are affected are 12.1.0.2, 19c and 21c.
Easily exploitable vulnerability allows low privileged attacker
having Create Session privilege with network access via Oracle Net to
compromise the affected system. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete
access to some of the affected system's accessible data as well as
unauthorized read access to a subset of the affected system's
accessible data.
Affects:
o RDBMS Gateway / Generic ODBC Connectivity 12.1.0.2, 19c, 21c
CVE-2021-22569
2.8 AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Supported versions that are affected are 19c and 21c. Easily
exploitable vulnerability allows low privileged attacker having Local
Logon privilege with logon to the infrastructure where the affected
system executes to compromise the affected system. Successful attacks
require human interaction from a person other than the attacker.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a partial denial of service (partial DOS) of the
affected system.
Affects:
o Oracle Spatial and Graph MapViewer (protobuf-java) 19c, 21c
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9tduNLKJtyKPYoAQg+yA/+MNhuigeabLXrgt7ENtQ9/i8G/Cu+2eTl
DLnZ18qlyTODkKh5RX8nQvC30cfqbe1+y9izFb6V7wNNy6ZORYDUHtkrc06KF7ri
MJ0IUcmJIuoYjjoCc0Hf5dijz6tO+vF9tmPV09cpipCh1kbPJtr5AXm191DFeEHt
xa86NRyW9vETWdlAvZ4VKHkVXJ2BJHpE5trH+kAM3wAlGmxCxQHzzXmSf1R94kG3
vbNEM/QIPhC7Ms/MLmU++vJHJ6SyN8xCgDifMD1qAgxC/UgtDKalyfVJeAP4LIK8
jb+T7tgAysEua3eNsaNxCYBzZ0I114qBUHn/utMaVe26ndh7h68xFC3kGnyvKXWE
dJKjO/HGO/N1JGR4uD4tZwuBohC/p6qZJakYV41j62mxcTsOIpC01S42d36yUN17
uVJ+xahSFnEom4JKh93vOOVnwQWGsUrLpYb/uKlAhB+Go1gvqZkqlmfiU2X5KTe8
HGjwbmOpExF5qxkPohG8Vl+J/1hokJkX3JSElThLsHz00zBkyi4Zmp6Z1OctG4Sd
/beTz/393a5YyMHCOSoSj9SGwXLFXDs6z/v1Z86JOazI5N9+pcPhDUqtpm1kCMLG
qP6pDp8PVfygqaOQuDUd/Hv5wmNjChWbxgNwh2liTlDSsPXPsUos7NqXgv4W4CjD
L0+6TcaRAn4=
=cXtl
-----END PGP SIGNATURE-----
ASB-2022.0092 - [Win][UNIX/Linux] Oracle SQL Developer: CVSS (Max): 6.6
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0092
Oracle SQL Developer Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle SQL Developer
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2021-44832 CVE-2020-13956
Comment: CVSS (Max): 6.6 CVE-2021-44832 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
OVERVIEW
Multiple vulnerabilities have been identified in :
o Oracle SQL Developer, versions prior to 21.99
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 2 new security patches for
Oracle SQL Developer. 1 of these vulnerabilities may be remotely
exploitable without authentication, i.e., may be exploited over a
network without requiring user credentials." [1]
CVE-2021-44832
6.6 AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
The supported version that is affected is Prior to 21.4.2. Difficult
to exploit vulnerability allows high privileged attacker with network
access via HTTP to compromise Oracle SQL Developer. Successful
attacks of this vulnerability can result in takeover of Oracle SQL
Developer.
Affects:
o Oracle SQL Developer Prior to 21.4.2
CVE-2020-13956
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
The supported version that is affected is Prior to 21.99. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via HTTP to compromise Oracle SQL Developer.
Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of Oracle SQL Developer
accessible data.
Affects:
o Oracle SQL Developer Prior to 21.99
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9qheNLKJtyKPYoAQjLMRAAkxbZr64G0YagiqFadXt7n/EAqULTi7nO
TX6Lb6+jHdTxT95JpIWDI1CsGdACEMiGVgrCC9zUP9YpataqqKQYH2aoK/sTHOgz
dcHWiY4VoP0pIcqHZWTcT02ulAxTkCfYNG0daRy8NcyK//SWhLhMMkwEs54J+lZz
9y1jqvEgoyrzI+wFJo+zlpx9sqS14rBxpdA7CQ2aBJBtf+vUMorrsvSBB0ngeI2N
dL2JvYSNPdFUjDPQmISQucsfGWefIwDyQKxQV2BiJek7F3j/mWZdz8UEfeHoxKe2
WlHxE91/jB/P55tF3cH93l7M8cPfl4UzEUFzS106ovQrrRe6s2pr42rDia20ib+b
d9aA+R1BhQ1V0LGPclsu/k/sXhiwWRTUcLOFBoLq6n6g/dYq5Qb46HNFWtzcDndK
zh14Zqw0vs0TNPbt2zbloadCmVp3H5FPA6/ujp3yGWJ/KVDSPjZm6n8/MwQA0UGx
/5oKj8IirExwc2FPzdIZ6fAMEQd6zXWGfWtaEAiBNBRuLQnJg8kwgAv7TfbVx6ZD
A379pO4TYXeHnLrmRI9pxsRYMQWxQPQoX/m422nFCsCO71O5wGcIGPr5n5VfXbvw
7GkfQAwN+5nrGecd354vW6fB9bYt9Q2IQQNIZqkR/2P2Yx93LCoG6VCnLyQ8wbar
NuLl4YnREr0=
=FhHH
-----END PGP SIGNATURE-----
ASB-2022.0091 - [Win][UNIX/Linux][Virtual] Oracle Virtualization: CVSS (Max): 9.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0091
Oracle Virtualization Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle Secure Global Desktop
Oracle VM VirtualBox
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Virtualisation
Resolution: Patch/Upgrade
CVE Names: CVE-2022-21491 CVE-2022-21488 CVE-2022-21487
CVE-2022-21471 CVE-2022-21465 CVE-2021-40438
Comment: CVSS (Max): 9.0 CVE-2021-40438 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
OVERVIEW
Multiple vulnerabilities have been identified in :
o Oracle Secure Global Desktop, version 5.6
o Oracle VM VirtualBox, versions prior to 6.1.34
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 6 new security patches for
Oracle Virtualization. 1 of these vulnerabilities may be remotely
exploitable without authentication, i.e., may be exploited over a
network without requiring user credentials." [1]
CVE-2021-40438
9.0 AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
The supported version that is affected is 5.6. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle Secure Global Desktop. While the
vulnerability is in Oracle Secure Global Desktop, attacks may
significantly impact additional products (scope change). Successful
attacks of this vulnerability can result in takeover of Oracle Secure
Global Desktop.
Affects:
o Oracle Secure Global Desktop 5.6
CVE-2022-21491
7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The supported version that is affected is Prior to 6.1.34. Easily
exploitable vulnerability allows low privileged attacker with logon
to the infrastructure where Oracle VM VirtualBox executes to
compromise Oracle VM VirtualBox. Successful attacks of this
vulnerability can result in takeover of Oracle VM VirtualBox.
Note : This vulnerability applies to Windows systems only.
Affects:
o Oracle VM VirtualBox Prior to 6.1.34
CVE-2022-21465
6.7 AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H
The supported version that is affected is Prior to 6.1.34. Easily
exploitable vulnerability allows high privileged attacker with logon
to the infrastructure where Oracle VM VirtualBox executes to
compromise Oracle VM VirtualBox. While the vulnerability is in Oracle
VM VirtualBox, attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized
update, insert or delete access to some of Oracle VM VirtualBox
accessible data.
Affects:
o Oracle VM VirtualBox Prior to 6.1.34
CVE-2022-21471
6.5 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
The supported version that is affected is Prior to 6.1.34. Easily
exploitable vulnerability allows low privileged attacker with logon
to the infrastructure where Oracle VM VirtualBox executes to
compromise Oracle VM VirtualBox. While the vulnerability is in Oracle
VM VirtualBox, attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of Oracle VM VirtualBox.
Affects:
o Oracle VM VirtualBox Prior to 6.1.34
CVE-2022-21487
3.8 AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
The supported version that is affected is Prior to 6.1.34. Easily
exploitable vulnerability allows low privileged attacker with logon
to the infrastructure where Oracle VM VirtualBox executes to
compromise Oracle VM VirtualBox. While the vulnerability is in Oracle
VM VirtualBox, attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in unauthorized read access to a subset of Oracle VM VirtualBox
accessible data.
Affects:
o Oracle VM VirtualBox Prior to 6.1.34
CVE-2022-21488
3.8 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
The supported version that is affected is Prior to 6.1.34. Easily
exploitable vulnerability allows low privileged attacker with logon
to the infrastructure where Oracle VM VirtualBox executes to
compromise Oracle VM VirtualBox. While the vulnerability is in Oracle
VM VirtualBox, attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in unauthorized update, insert or delete access to some of Oracle VM
VirtualBox accessible data.
Affects:
o Oracle VM VirtualBox Prior to 6.1.34
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9omONLKJtyKPYoAQgpsg//Tw/QHWFlHq0bbs+omJ+cDOJM4NbP2wdl
0gROzHSjR+biWfWuXioLtyuIpa64eTQeQYr3zt7r+dEnrN0HLavPuJsIYv/lCQ8e
P7LVSa7++S4FJHzUCi2oxYueDbfe7dsvV0nHS/YQHDxqg4SwcvbYqU6vCdqrvHx2
kuOJ9MyPRVlezQhke1WlOMu2YpC4d8B7xJmyewm1jufgw+9LEf5sKvNzpuk8GQ9b
3rHcKMY1A20dccIVnxT6/pMFhExQd2MmbR6uK6S4UdUqGz68kLnuC4s3F13cgRR/
xsSriEu3OuYx6AAcvKE0EQWJ4MeXY1Tf13Qg9e2Uqfb6IDwOCAyVY7B0ek0mLicl
pJU3yYDtYwKu9KXEaNCKRvE7GzAkgnRwv78AX8Kxxe+F0rJmTrDzhEKtLEhtveFG
bks10LCFecLyMBcZHTQ96qPv87kSQXtW5GP4UznhXxXV9FWQj2f5oWBfZj5JnKT+
bBBl6zFJQDXotIfGopyQZesDWAM47xVT/mFAZPDySQeYwnHcs8O2LDlMqYCeCa7U
t5jEeJWbytomndNnu/+zqE7pfON35o64fCaUVvWey6qvTJeciztPp/CzB5oOSdoc
85Np0ZIcN4wakMOFLKuvSvrDaUtD85GpcNd4vAVv5GR6wSrXdIzZwTcT8fUpWjBG
MMh3wKW8bSY=
=D1wv
-----END PGP SIGNATURE-----
ASB-2022.0090 - [Win][UNIX/Linux][Appliance][Solaris] Oracle Systems: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0090
Oracle Systems Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle Solaris
Oracle Solaris Cluster
Oracle StorageTek ACSLS
Oracle StorageTek Tape Analytics (STA)
Oracle ZFS Storage Appliance Kit
Oracle Ethernet Switch TOR-72
Oracle Ethernet Switch ES1-24
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Solaris
Network Appliance
Resolution: Patch/Upgrade
CVE Names: CVE-2022-21494 CVE-2022-21493 CVE-2022-21463
CVE-2022-21461 CVE-2022-21446 CVE-2022-21416
CVE-2021-39275 CVE-2021-29425 CVE-2021-2351
CVE-2020-11979 CVE-2020-11022 CVE-2020-9488
CVE-2020-6950 CVE-2020-5421 CVE-2020-1968
CVE-2019-17195 CVE-2019-3740
Comment: CVSS (Max): 9.8 CVE-2021-39275 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
OVERVIEW
Multiple vulnerabilities have been identified in :
o Oracle Ethernet Switch ES1-24, version 1.3.1
o Oracle Ethernet Switch TOR-72, version 1.2.2
o Oracle Solaris, version 11
o Oracle Solaris Cluster, version 4
o Oracle StorageTek ACSLS, version 8.5.1
o Oracle StorageTek Tape Analytics (STA), version 2.4
o Oracle ZFS Storage Appliance Kit, version 8.8
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 20 new security patches for
Oracle Systems. 14 of these vulnerabilities may be remotely
exploitable without authentication, i.e., may be exploited over a
network without requiring user credentials." [1]
CVE-2019-17195
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The supported version that is affected is 4. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle Solaris Cluster. Successful attacks of this
vulnerability can result in takeover of Oracle Solaris Cluster.
Affects:
o Oracle Solaris Cluster 4
CVE-2021-39275
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The supported version that is affected is 8.8. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise Oracle ZFS Storage Appliance Kit.
Successful attacks of this vulnerability can result in takeover of
Oracle ZFS Storage Appliance Kit.
Affects:
o Oracle ZFS Storage Appliance Kit 8.8
CVE-2021-2351
8.3 AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
The supported version that is affected is 2.4. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
Oracle Net to compromise Oracle StorageTek Tape Analytics (STA).
Successful attacks require human interaction from a person other than
the attacker and while the vulnerability is in Oracle StorageTek Tape
Analytics (STA), attacks may significantly impact additional products
(scope change). Successful attacks of this vulnerability can result
in takeover of Oracle StorageTek Tape Analytics (STA).
Affects:
o Oracle StorageTek ACSLS 8.5.1
o Oracle StorageTek Tape Analytics (STA) 2.4
CVE-2022-21446
8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
The supported version that is affected is 11. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise Oracle Solaris. Successful attacks
of this vulnerability can result in unauthorized creation, deletion
or modification access to critical data or all Oracle Solaris
accessible data as well as unauthorized read access to a subset of
Oracle Solaris accessible data.
Affects:
o Oracle Solaris 11
CVE-2020-11979
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
The supported version that is affected is 2.4. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle StorageTek Tape Analytics (STA). Successful
attacks of this vulnerability can result in unauthorized creation,
deletion or modification access to critical data or all Oracle
StorageTek Tape Analytics (STA) accessible data.
Affects:
o Oracle StorageTek ACSLS 8.5.1
o Oracle StorageTek Tape Analytics (STA) 2.4
CVE-2020-6950
6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
The supported version that is affected is 4. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle Solaris Cluster. Successful attacks require
human interaction from a person other than the attacker. Successful
attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all Oracle Solaris Cluster
accessible data.
Affects:
o Oracle Solaris Cluster 4
CVE-2020-5421
6.5 AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
The supported version that is affected is 8.5.1. Difficult to exploit
vulnerability allows low privileged attacker with network access via
HTTP to compromise Oracle StorageTek ACSLS. Successful attacks
require human interaction from a person other than the attacker and
while the vulnerability is in Oracle StorageTek ACSLS, attacks may
significantly impact additional products (scope change). Successful
attacks of this vulnerability can result in unauthorized creation,
deletion or modification access to critical data or all Oracle
StorageTek ACSLS accessible data as well as unauthorized read access
to a subset of Oracle StorageTek ACSLS accessible data.
Affects:
o Oracle StorageTek ACSLS 8.5.1
CVE-2019-3740
6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
The supported version that is affected is 8.5.1. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTPS to compromise Oracle StorageTek ACSLS. Successful attacks
require human interaction from a person other than the attacker.
Successful attacks of this vulnerability can result in unauthorized
access to critical data or complete access to all Oracle StorageTek
ACSLS accessible data.
Affects:
o Oracle StorageTek ACSLS 8.5.1
CVE-2020-11022
6.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
The supported version that is affected is 8.5.1. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle StorageTek ACSLS. Successful attacks
require human interaction from a person other than the attacker and
while the vulnerability is in Oracle StorageTek ACSLS, attacks may
significantly impact additional products (scope change). Successful
attacks of this vulnerability can result in unauthorized update,
insert or delete access to some of Oracle StorageTek ACSLS accessible
data as well as unauthorized read access to a subset of Oracle
StorageTek ACSLS accessible data.
Affects:
o Oracle StorageTek ACSLS 8.5.1
CVE-2022-21493
5.9 AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
The supported version that is affected is 11. Easily exploitable
vulnerability allows low privileged attacker with logon to the
infrastructure where Oracle Solaris executes to compromise Oracle
Solaris. Successful attacks require human interaction from a person
other than the attacker and while the vulnerability is in Oracle
Solaris, attacks may significantly impact additional products (scope
change). Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of Oracle Solaris.
Affects:
o Oracle Solaris 11
CVE-2022-21461
5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
The supported version that is affected is 11. Easily exploitable
vulnerability allows low privileged attacker with logon to the
infrastructure where Oracle Solaris executes to compromise Oracle
Solaris. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all Oracle
Solaris accessible data.
Affects:
o Oracle Solaris 11
CVE-2022-21463
5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
The supported version that is affected is 11. Easily exploitable
vulnerability allows low privileged attacker with logon to the
infrastructure where Oracle Solaris executes to compromise Oracle
Solaris. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of Oracle Solaris.
Affects:
o Oracle Solaris 11
CVE-2022-21416
5.0 AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
The supported version that is affected is 11. Easily exploitable
vulnerability allows low privileged attacker with logon to the
infrastructure where Oracle Solaris executes to compromise Oracle
Solaris. Successful attacks require human interaction from a person
other than the attacker. Successful attacks of this vulnerability can
result in unauthorized creation, deletion or modification access to
critical data or all Oracle Solaris accessible data.
Affects:
o Oracle Solaris 11
CVE-2021-29425
4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
The supported version that is affected is 4. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle Solaris Cluster. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete
access to some of Oracle Solaris Cluster accessible data as well as
unauthorized read access to a subset of Oracle Solaris Cluster
accessible data.
Affects:
o Oracle Solaris Cluster 4
CVE-2022-21494
4.0 AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
The supported version that is affected is 11. Difficult to exploit
vulnerability allows high privileged attacker with logon to the
infrastructure where Oracle Solaris executes to compromise Oracle
Solaris. Successful attacks require human interaction from a person
other than the attacker. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of Oracle Solaris.
Affects:
o Oracle Solaris 11
CVE-2020-1968
3.7 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
The supported version that is affected is 1.2.2. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
HTTPS to compromise Oracle Ethernet Switch TOR-72. Successful attacks
of this vulnerability can result in unauthorized read access to a
subset of Oracle Ethernet Switch TOR-72 accessible data.
Affects:
o Oracle Ethernet Switch ES1-24 1.3.1
o Oracle Ethernet Switch TOR-72 1.2.2
CVE-2020-9488
3.7 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
The supported version that is affected is 8.5.1. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
HTTP to compromise Oracle StorageTek ACSLS. Successful attacks of
this vulnerability can result in unauthorized read access to a subset
of Oracle StorageTek ACSLS accessible data.
Affects:
o Oracle StorageTek ACSLS 8.5.1
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9ofeNLKJtyKPYoAQjXXg//ZyHGnurhPhfQN2yEtKSPZwm+MN8UQ54h
kVn9VuFv+hur1qL2VjLRKbA++Wm+VNvzkHcX//W59UTmDxxW7DgMYviL3a2M0/Ky
CYpqxVOdqP/md6AS+Rho3mzNf58DOHMq/eMkl5sTkQybQ1eWTKz0RzqWWBoocX9z
/IkTCKzmjithwMROL3mboBL8n6fm4F35deumzwH/81joD+2ME6iSVk2SLeJ+54NZ
4dqIqs9s+MZcj7+Idv7Ep0MYb1uHg2VsPnIOfxeqHBRehWQGzjUp0zr5PKqEBnIH
wib1wVDh20VZ/TiJYtldt592+2qRrN23E6ZQFkZj6zOjMDNITZ0D38zRbiKyBZK2
GyurOIGnOn87Rg9JhiHWsudKG5UxkR0vIxFQYB+RaVB1HLTOUqRtjR5TYlwl44Fe
RGe+GoqMUsBBczSeoF7WyVVx9c1qDEGalwNRAs7k1B2UkxP+ZNM16A6Jf4SW9vkV
4JPW9ieurD4XzMD3KLoie/lVYiYRV2ofmTeBxJOihFhkZ++uVT0yvMkWcmAdEvtB
W5jdGFKH/fsKvHgHz+WxmVC/60TECLX73j6Ocn+SWWhnallml8dt1whAeddUktQ6
obGSFFBS4Mo8c06B7KI9BaepW7Oq9QbCwHJdmHhs9hhiU4K+7ga1IW0km4e6SFcJ
GKEQMkuMbxE=
=/VNp
-----END PGP SIGNATURE-----
ASB-2022.0089 - [Win][UNIX/Linux] Oracle MySQL: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0089
Oracle MySQL Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: MySQL Cluster
MySQL Connectors
MySQL Enterprise Monitor
MySQL Server
MySQL Workbench
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-23305 CVE-2022-23181 CVE-2022-22965
CVE-2022-21490 CVE-2022-21489 CVE-2022-21486
CVE-2022-21485 CVE-2022-21484 CVE-2022-21483
CVE-2022-21482 CVE-2022-21479 CVE-2022-21478
CVE-2022-21462 CVE-2022-21460 CVE-2022-21459
CVE-2022-21457 CVE-2022-21454 CVE-2022-21452
CVE-2022-21451 CVE-2022-21444 CVE-2022-21440
CVE-2022-21438 CVE-2022-21437 CVE-2022-21436
CVE-2022-21435 CVE-2022-21427 CVE-2022-21425
CVE-2022-21423 CVE-2022-21418 CVE-2022-21417
CVE-2022-21415 CVE-2022-21414 CVE-2022-21413
CVE-2022-21412 CVE-2022-0778 CVE-2021-44832
CVE-2021-42340 CVE-2021-41184 CVE-2021-22570
Comment: CVSS (Max): 9.8 CVE-2022-23305 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
OVERVIEW
Multiple vulnerabilities have been identified in :
o MySQL Cluster, versions 7.4.35 and prior, 7.5.25 and prior,
7.6.21 and prior, 8.0.28 and prior
o MySQL Connectors, versions 8.0.28 and prior
o MySQL Enterprise Monitor, versions 8.0.29 and prior
o MySQL Server, versions 5.7.37 and prior, 8.0.28 and prior
o MySQL Workbench, versions 8.0.28 and prior
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 43 new security patches for
Oracle MySQL. 11 of these vulnerabilities may be remotely exploitable
without authentication, i.e., may be exploited over a network without
requiring user credentials." [1]
CVE-2022-23305
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Supported versions that are affected are 8.0.29 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Enterprise
Monitor. Successful attacks of this vulnerability can result in
takeover of MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2022-22965
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Supported versions that are affected are 8.0.29 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Enterprise
Monitor. Successful attacks of this vulnerability can result in
takeover of MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2022-0778
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Connectors.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Connectors.
Affects:
o MySQL Connectors 8.0.28 and prior
o MySQL Connectors 8.0.28 and prior
o MySQL Enterprise Monitor 8.0.29 and prior
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
o MySQL Workbench 8.0.28 and prior
CVE-2021-42340
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.29 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Enterprise
Monitor. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2021-22570
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-23181
7.0 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Supported versions that are affected are 8.0.29 and prior. Difficult
to exploit vulnerability allows low privileged attacker with logon to
the infrastructure where MySQL Enterprise Monitor executes to
compromise MySQL Enterprise Monitor. Successful attacks of this
vulnerability can result in takeover of MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2021-44832
6.6 AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Supported versions that are affected are 8.0.29 and prior. Difficult
to exploit vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Enterprise Monitor.
Successful attacks of this vulnerability can result in takeover of
MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2022-21454
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21482
6.3 AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Supported versions that are affected are 8.0.28 and prior. Difficult
to exploit vulnerability allows high privileged attacker with access
to the physical communication segment attached to the hardware where
the MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
takeover of MySQL Cluster.
Affects:
o MySQL Cluster 8.0.28 and prior
CVE-2022-21483
6.3 AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
takeover of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2022-21489
6.3 AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
takeover of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2022-21490
6.3 AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
takeover of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2021-41184
6.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Supported versions that are affected are 8.0.29 and prior. Easily
exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Enterprise
Monitor. Successful attacks require human interaction from a person
other than the attacker and while the vulnerability is in MySQL
Enterprise Monitor, attacks may significantly impact additional
products (scope change). Successful attacks of this vulnerability can
result in unauthorized update, insert or delete access to some of
MySQL Enterprise Monitor accessible data as well as unauthorized read
access to a subset of MySQL Enterprise Monitor accessible data.
Affects:
o MySQL Enterprise Monitor 8.0.29 and prior
CVE-2022-21457
5.9 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Supported versions that are affected are 8.0.28 and prior. Difficult
to exploit vulnerability allows unauthenticated attacker with network
access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized access to
critical data or complete access to all MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21425
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21440
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21459
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21478
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21479
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server and unauthorized read access to a subset of MySQL
Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21418
5.0 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Supported versions that are affected are 8.0.28 and prior. Difficult
to exploit vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server as well as unauthorized update, insert or delete access to
some of MySQL Server accessible data.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21417
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21413
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21427
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21412
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21414
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21435
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21436
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21437
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21438
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21452
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21462
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21415
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.28 and prior
CVE-2022-21451
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Difficult to exploit vulnerability allows high privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21444
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Difficult to exploit vulnerability allows high privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21460
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Supported versions that are affected are 5.7.37 and prior and 8.0.28
and prior. Difficult to exploit vulnerability allows high privileged
attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL
Server accessible data.
Affects:
o MySQL Server 5.7.37 and prior, 8.0.28 and prior
CVE-2022-21484
2.9 AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
unauthorized read access to a subset of MySQL Cluster accessible data
and unauthorized ability to cause a partial denial of service
(partial DOS) of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2022-21485
2.9 AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
unauthorized read access to a subset of MySQL Cluster accessible data
and unauthorized ability to cause a partial denial of service
(partial DOS) of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2022-21486
2.9 AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L
Supported versions that are affected are 7.4.35 and prior, 7.5.25 and
prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit
vulnerability allows high privileged attacker with access to the
physical communication segment attached to the hardware where the
MySQL Cluster executes to compromise MySQL Cluster. Successful
attacks require human interaction from a person other than the
attacker. Successful attacks of this vulnerability can result in
unauthorized read access to a subset of MySQL Cluster accessible data
and unauthorized ability to cause a partial denial of service
(partial DOS) of MySQL Cluster.
Affects:
o MySQL Cluster 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and
prior, 8.0.28 and prior
CVE-2022-21423
2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Supported versions that are affected are 8.0.28 and prior. Easily
exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a partial denial of service (partial DOS) of MySQL
Server.
Affects:
o MySQL Server 8.0.28 and prior
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9lMONLKJtyKPYoAQjwmw/8DpqMmz+CGodvAfE3CA5qB9Q4rJbdrdxI
NK3aT2l5Pvx1xLlvWAAM+Q+VHeySOgAmHE2drkvcwjeyi6tC+NWrOewv+qmhMwDp
EE+WW2dvQXwjrBTqDc657lBoDn0My9MnCiBuTBMtiVdLtb+WBSYpV40iPe4fJjlg
jZxiCVJbsYDVPOHTAg/51vzzub1bfPP6cCD9FpZP8rdRkznVbm3VK2prbfZq0ai5
CSpGFtQIRIbxuripil78k3UC8A3lM88FVWB9B0oaatrBnAjMd9Ui7tbWCoqqB8gD
RPF6dMcGdk7WRGtn7OCRB5uSHJ1DyJsIjz+B9zKcqLjE3d6fBE+/Yfqw9L1YZx7D
/1Xr44raw9lMQGX5p8RrctC7lDI2R9Ninz+KFHjlOK8TM6mtYDMex/8eoO3kHAp8
Rz/Z/wElAwll9xzKNRyt1WYGSkLOPbrkR4tqHoFhtGh4nnJKHNrathrYc97vap34
b6F0O+2SsDUAYJrzR83yQle1ZwGcnh/QO1DRTEkNDtNX8SDIbwyb/SVobwt2DA3H
g+qC9d8diWE3Ok3P9i7slH49jWeDlXQPh3pd+aH+6QFpTUMlmIDkMs09Wdv7e+s9
bLxUtsV833Md5vWgyqWuVF5G4caFl8FKI2xaugikX5ZR3yVaTdB/jo62hfxMNB6d
sVqk8y42t0I=
=OLX4
-----END PGP SIGNATURE-----
ASB-2022.0088 - [Win][UNIX/Linux] Oracle GraalVM Enterprise Edition and Java SE: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0088
Oracle Java SE Critical Patch Update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle GraalVM Enterprise Edition
Oracle Java SE
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-21496 CVE-2022-21476 CVE-2022-21449
CVE-2022-21443 CVE-2022-21434 CVE-2022-21426
CVE-2022-0778
Comment: CVSS (Max): 7.5 CVE-2022-21476 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
OVERVIEW
Multiple vulnerabilities have been identified in :
o Oracle GraalVM Enterprise Edition, versions 20.3.5, 21.3.1,
22.0.0.2
o Oracle Java SE, versions 7u331, 8u321, 11.0.14, 17.0.2, 18
[1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 7 new security patches for
Oracle Java SE. All of these vulnerabilities may be remotely
exploitable without authentication, i.e., may be exploited over a
network without requiring user credentials." [1]
CVE-2022-0778
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Supported versions that are affected are Oracle GraalVM Enterprise
Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
HTTPS to compromise Oracle GraalVM Enterprise Edition. Successful
attacks of this vulnerability can result in unauthorized ability to
cause a hang or frequently repeatable crash (complete DOS) of Oracle
GraalVM Enterprise Edition.
Affects:
o Oracle GraalVM Enterprise Edition Oracle GraalVM Enterprise
Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21449
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols
to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized
creation, deletion or modification access to critical data or all
Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21476
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols
to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized
access to critical data or complete access to all Oracle Java SE,
Oracle GraalVM Enterprise Edition accessible data.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21426
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols
to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a partial denial of service (partial DOS) of Oracle
Java SE, Oracle GraalVM Enterprise Edition.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21496
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols
to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of Oracle Java SE, Oracle
GraalVM Enterprise Edition accessible data.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21434
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols
to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.
Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of Oracle Java SE, Oracle
GraalVM Enterprise Edition accessible data.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
CVE-2022-21443
3.7 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Supported versions that are affected are Oracle Java SE: 7u331,
8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:
20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit vulnerability
allows unauthenticated attacker with network access via multiple
protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise
Edition. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial
DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.
Note : This vulnerability applies to Java deployments, typically in
clients running sandboxed Java Web Start applications or sandboxed
Java applets, that load and run untrusted code (e.g., code that comes
from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the
APIs.
Affects:
o Oracle Java SE, Oracle GraalVM Enterprise Edition Oracle Java
SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM
Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
[2] Text Form of Oracle Critical Patch Update - April 2022 Risk
Matrices
https://www.oracle.com/security-alerts/cpuapr2022verbose.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9lEuNLKJtyKPYoAQhBDA/9GUgUvPdz7xFNs+j4s4L5A0DhDacG68b7
lLLqgVghkNmtM/E0NKDoiVVXD3rEoLXtetAV/HNxyKghuHygbMn0EvBClpTXjvVK
2xKBBxFZz8TH3BmKFRm5euY1giqdYssdPqKHjwFZzfeFehb6GX/NfjB7NhjMzW/c
AxPb1LL5QtTlOEFd7TfmzaYV7dQahqmLJjRl5e6YHhT3V1TN3567S3ZBiFuNlbYE
FiF4E2tXtBH2DA2M273pn6S5lbVUq6lSPvEIotFwqjvXCebT6q5BwnlusNDg/K7w
/bTEU39BVEMeM6FdmLBJp5y2kJPbOgdS57NJsu1XKxMg08s532KJST6XKqDiDWP9
9ROD3Oxs5eAZ6xOBiiS5rYp1+EZb27XpSDiwgyqhdcKOHiQtrQ0cMEEJj1d6x3yg
dOj4nqlU7YMls9tghTI52hXWnvSQCFJSFWnt8kEURns9IV4FeViA/1yLbMEspjY4
Xuh4nazRSmrVEBqPHv1n5FZDbySpECu74KMsVTI0SxCs81ig7VLkuBG1w7reMokE
Pa/EQDKo3LR03TlU+IHrdb3xDZU1BVJJmWoIhVNHns3LX2k+k1lDoxIFgyqqo1uC
NGLvMl7dKBh6i/O/hHGP8IPvZkeiUar3RYCjNJ4VcmabuCt3lEcN7nPOqi29hDWx
BIOurF133Gw=
=EGSW
-----END PGP SIGNATURE-----
ESB-2022.1683 - [RedHat] kpatch-patch: CVSS (Max): 7.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1683
kpatch-patch security update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kpatch-patch
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-25636 CVE-2022-0492 CVE-2021-4083
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1418
Comment: CVSS (Max): 7.8 CVE-2022-25636 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kpatch-patch security update
Advisory ID: RHSA-2022:1418-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1418
Issue date: 2022-04-19
CVE Names: CVE-2021-4083 CVE-2022-0492 CVE-2022-25636
=====================================================================
1. Summary:
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update
Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS EUS (v.8.4) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it
(CVE-2021-4083)
* kernel: cgroups v1 release_agent feature may allow privilege escalation
(CVE-2022-0492)
* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c
6. Package List:
Red Hat Enterprise Linux BaseOS EUS (v.8.4):
Source:
kpatch-patch-4_18_0-305-1-12.el8.src.rpm
kpatch-patch-4_18_0-305_10_2-1-9.el8_4.src.rpm
kpatch-patch-4_18_0-305_12_1-1-8.el8_4.src.rpm
kpatch-patch-4_18_0-305_17_1-1-7.el8_4.src.rpm
kpatch-patch-4_18_0-305_19_1-1-7.el8_4.src.rpm
kpatch-patch-4_18_0-305_25_1-1-6.el8_4.src.rpm
kpatch-patch-4_18_0-305_28_1-1-4.el8_4.src.rpm
kpatch-patch-4_18_0-305_30_1-1-4.el8_4.src.rpm
kpatch-patch-4_18_0-305_34_2-1-2.el8_4.src.rpm
kpatch-patch-4_18_0-305_3_1-1-11.el8_4.src.rpm
kpatch-patch-4_18_0-305_40_1-1-1.el8_4.src.rpm
kpatch-patch-4_18_0-305_40_2-1-1.el8_4.src.rpm
kpatch-patch-4_18_0-305_7_1-1-10.el8_4.src.rpm
ppc64le:
kpatch-patch-4_18_0-305-1-12.el8.ppc64le.rpm
kpatch-patch-4_18_0-305-debuginfo-1-12.el8.ppc64le.rpm
kpatch-patch-4_18_0-305-debugsource-1-12.el8.ppc64le.rpm
kpatch-patch-4_18_0-305_10_2-1-9.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_10_2-debuginfo-1-9.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_10_2-debugsource-1-9.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_12_1-1-8.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_12_1-debuginfo-1-8.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_12_1-debugsource-1-8.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_17_1-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_17_1-debuginfo-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_17_1-debugsource-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_19_1-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_19_1-debuginfo-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_19_1-debugsource-1-7.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_25_1-1-6.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_25_1-debuginfo-1-6.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_25_1-debugsource-1-6.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_28_1-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_28_1-debuginfo-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_28_1-debugsource-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_30_1-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_30_1-debuginfo-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_30_1-debugsource-1-4.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_34_2-1-2.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_34_2-debuginfo-1-2.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_34_2-debugsource-1-2.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_3_1-1-11.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_3_1-debuginfo-1-11.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_3_1-debugsource-1-11.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_1-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_1-debuginfo-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_1-debugsource-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_2-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_2-debuginfo-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_40_2-debugsource-1-1.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_7_1-1-10.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_7_1-debuginfo-1-10.el8_4.ppc64le.rpm
kpatch-patch-4_18_0-305_7_1-debugsource-1-10.el8_4.ppc64le.rpm
x86_64:
kpatch-patch-4_18_0-305-1-12.el8.x86_64.rpm
kpatch-patch-4_18_0-305-debuginfo-1-12.el8.x86_64.rpm
kpatch-patch-4_18_0-305-debugsource-1-12.el8.x86_64.rpm
kpatch-patch-4_18_0-305_10_2-1-9.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_10_2-debuginfo-1-9.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_10_2-debugsource-1-9.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_12_1-1-8.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_12_1-debuginfo-1-8.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_12_1-debugsource-1-8.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_17_1-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_17_1-debuginfo-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_17_1-debugsource-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_19_1-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_19_1-debuginfo-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_19_1-debugsource-1-7.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_25_1-1-6.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_25_1-debuginfo-1-6.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_25_1-debugsource-1-6.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_28_1-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_28_1-debuginfo-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_28_1-debugsource-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_30_1-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_30_1-debuginfo-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_30_1-debugsource-1-4.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_34_2-1-2.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_34_2-debuginfo-1-2.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_34_2-debugsource-1-2.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_3_1-1-11.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_3_1-debuginfo-1-11.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_3_1-debugsource-1-11.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_1-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_1-debuginfo-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_1-debugsource-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_2-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_2-debuginfo-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_40_2-debugsource-1-1.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_7_1-1-10.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_7_1-debuginfo-1-10.el8_4.x86_64.rpm
kpatch-patch-4_18_0-305_7_1-debugsource-1-10.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-4083
https://access.redhat.com/security/cve/CVE-2022-0492
https://access.redhat.com/security/cve/CVE-2022-25636
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl80udzjgjWX9erEAQgE7A//Vo+WRJXpOuWN7TSUMzc0ohIFQ6Vz2n2S
7XfT0D1EhTKDysLQKzItKoKjW5RpbJtHmu2h2rsITxHZGUZ+RqF9G0rLCZf2Bcil
sRtm2Pe895OnRw+v/Bg5KWpgfjw0OjAjvwQVEgFsiZyVK1BeM2QOTQ/46iaitEnj
3GylGh9EWMV9Wk3tlS0mcnw867QNaLwLyuHx9MuKPXz75yszhHj3C5lYWku5dUfC
WpxhV0L7OizWelULlg8ZcftGcjhCY5alGVdu/IDlP6DVJCv+Wzl6aeIbW5p1jBse
oc2T78irRxRjFZgYkuTM9Y1n5Zf9spr/I6ioX5dOClvsVurLLa17GW5qhsY+hajB
Kands4Dg2Jw+Pv47eu2NSUzVtfclmAtJljR58gUFAxOEELBNbHdrDWjG8ahpRkom
xuXgzLeaMA+PpPJXjSe/ieVAaknN+iBn/pZQXsMO2dWculDKQPA69XYbelc6/hD3
lpSc3t3Ek0grmyBE1spNIXsBmcLSIdILZvtnB7dfyCSqZr//+p8WELruf839X4HF
kiw5UItaxyOdymPdT8sow2VL+24EMX3YM1/HCFQETJVkZird4gG28RStytNWgkn+
NI4vbU3ZuhQch4Yr4cK+fBHX9gRcLNYEQ59xLQ7/wjKsRygmjqMTvcbLVyzsWThq
gZ8+Yj2cdDA=
=anGY
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XueNLKJtyKPYoAQjzaA//W2wNUT9RkiMOE2MaWMR4HojUPlYyliOG
3g8aRVBGp30GTbtN4RFEAXKQrhSVwXa+7t/tVKWFhTQ+HNI4cgTm8cRGaUv5R6gy
h92R+XWf+Thy9s8hMdGc4k4tujTVoMHakUMHrd/fZwPK6cOG4a+Jy/xoirIIIHQo
qtss3nAPwIpvb3ecCS47S4RJtSqx4zNYR9vRLca8v15CsENRhjrmXMZOgjdUZStR
FyKDYUryG66n98NxnBPpM+3Q36Go6FOHAYTz7rH1Pt8WQoW++DQPc42b/mafgnxj
gnHlq7GYySLVawSH868lLbVQMnMNPsLeBcBUuIqdBgKa9qwsRzKw3SI026r+YWpu
8Hp3UK4aXgru5iweHsdZW91i0w/861x22Tl1OGQirNhCnkbGCDOgLLKGprvGIM69
OpiAht336UPVhYnOrJWfOXtnSvMNo29o2px5bfLVwDcLjJUTfw6U5Gg04R9tNMIz
D5iFnM0paezhJRZDqwcErT/YjnQOy8ucODOTKnxILlCzx/ZOEUbAa25vcuUzsXKG
W1eZJgCGiWBtbAdFd5aTyBHMrwyorVjSBPtKv595IyjPywonZZM+30xjWy3KZEUw
ah3Jekn6HRKhmT8i0LbAU8JZ5WYZFtzMEbC2EmlaCuJr1Rg3w4F+1gdVb3oF4Nio
xUjXcKyPix0=
=m18O
-----END PGP SIGNATURE-----
ESB-2022.1682 - [RedHat] kernel: CVSS (Max): 7.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1682
kernel security update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-0492 CVE-2021-4155 CVE-2021-0920
CVE-2020-0466
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1417
Comment: CVSS (Max): 7.8 CVE-2020-0466 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2022:1417-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1417
Issue date: 2022-04-19
CVE Names: CVE-2020-0466 CVE-2021-0920 CVE-2021-4155
CVE-2022-0492
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6
Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 6 ELS) - i386, noarch, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: use after free in eventpoll.c may lead to escalation of privilege
(CVE-2020-0466)
* kernel: Use After Free in unix_gc() which could result in a local
privilege escalation (CVE-2021-0920)
* kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
(CVE-2021-4155)
* kernel: cgroups v1 release_agent feature may allow privilege escalation
(CVE-2022-0492)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1920480 - CVE-2020-0466 kernel: use after free in eventpoll.c may lead to escalation of privilege
2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
6. Package List:
Red Hat Enterprise Linux Server (v. 6 ELS):
Source:
kernel-2.6.32-754.47.1.el6.src.rpm
i386:
kernel-2.6.32-754.47.1.el6.i686.rpm
kernel-debug-2.6.32-754.47.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.47.1.el6.i686.rpm
kernel-devel-2.6.32-754.47.1.el6.i686.rpm
kernel-headers-2.6.32-754.47.1.el6.i686.rpm
perf-2.6.32-754.47.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.47.1.el6.noarch.rpm
kernel-doc-2.6.32-754.47.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.47.1.el6.noarch.rpm
s390x:
kernel-2.6.32-754.47.1.el6.s390x.rpm
kernel-debug-2.6.32-754.47.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.47.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.47.1.el6.s390x.rpm
kernel-devel-2.6.32-754.47.1.el6.s390x.rpm
kernel-headers-2.6.32-754.47.1.el6.s390x.rpm
kernel-kdump-2.6.32-754.47.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.47.1.el6.s390x.rpm
perf-2.6.32-754.47.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.47.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.47.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.47.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.47.1.el6.x86_64.rpm
perf-2.6.32-754.47.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6 ELS):
i386:
kernel-debug-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.47.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
python-perf-2.6.32-754.47.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.i686.rpm
s390x:
kernel-debug-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.47.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
python-perf-2.6.32-754.47.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.47.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
python-perf-2.6.32-754.47.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.47.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-0466
https://access.redhat.com/security/cve/CVE-2021-0920
https://access.redhat.com/security/cve/CVE-2021-4155
https://access.redhat.com/security/cve/CVE-2022-0492
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7uadzjgjWX9erEAQhnhA//XOtUCSYOkUHLZsRBgu7bvAbhSXBmq0gX
w2r2aiBuQqB2UNbgKBL5NYasS21UNSIDIejjwV85kQx99C8bCtyw5gIPS44sPbIW
IrkxfaO7rdVFBt0YfUTFAQU86srn1PySrKoOQ8TIh6kUhh0s8lWSdgSjUBFoDtUc
PDLrrGIjWYo1xZyP3eWpVKfxUe9T7rZnSo81p9Z8ixXtwfWXce8H45eaN7zoYe18
Iw0e0wz3wLSjXj7Jtg4PAf2UZvzXc/WK6Do0ivkC/GSnOmqMOjZJkCxbv2/n78Hb
9amiurLPj8+tZprcRutqCjaX7fKLomlnxrjI+qH4P8coejvU9CXpkkHHzFbeWAMr
0a+AqbTDCT2WOL67YTJBTSOrVxUfxPwW7qj3f9jHydTyvR3rm/v+Jlq8C1hQu2PM
xEYfx7ZvrTIOKimcQAUICu5YN95TwrTYpYokq2jBA/zhLpURLgYH2EjbA32LlYU2
KTI9uZ8CLov7HX88n4wwuwJ62OtrXxK0oB5m00iqbmRzz2NC5a4Y8hGFC/fcjJam
+kyDgturAiCeMQm4GpkZlh4D0wyyEdk+8U6h0OifL+uFaWJkGBXmtQvb1Vlc/Ly6
UoO/7MlLxd4jVBkMTHzWCntb5fdYO+4XdFWHsyg1FcngQTs15ULPTTq8PVTI3JI/
fUKC6y5QWY4=
=w54V
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XqONLKJtyKPYoAQjuqg//c5Zm7Nehfit1hfsfjEWODFTQUjYPSMj+
bmyLVjBQPIKnvSIvPzIVfLzBxMUdceqx5IsQ9CekDGFpOTRR3RTYqPRFeja4eSVV
jm0P7WR+BjeLXmQpIEv8kAw/Rc4MLH7GEeCzx1DgsVEqkM0KcH4FX/WYT/moXj5Z
CoQiwy01muyw8tFy04Urz/n0eoLPgXsK0A6Ctkps+P1sK8ujsL5pK1fWLLhuq4Hd
9m7QPIdmX29Jn7fAh7squcq06v9jvv5kieREN+3Ic3e7sFX62VciFTJgj7vjDMNA
Flo07sXFT4APfDFjUzlv0wLyY/JCa+arqaphzvccA9cTaC7Zb2EM0D5mnjQyWrRj
nR3+SFhMFonL2LPk8z0w+vYdKf7p+UuI3aXrWoEPh2TrrBdV+xS2gn5FKYfPWehk
cOdGyACpdBIG4T4Hgt+hzNIPIZyUDmJZE5qzPrmp5vzGemECtEkbw1wvJoM6zgOP
HQevge8B76c772MIkqlW2SDdemNqG+dGCtfriUCAsFDDaPf3SyT3av9gEtbDWtbo
X5ACt/CgP09tZofi8q1o/7J6JiV7Vk/LxA/dZtIJWf8P98xFTXoLWug+QVPaQjr0
/DLUu8VBIJxZTUO2itYhtGG3a2STehmoFfQWItXB3D3rKtAHWllaK//iZpR5LhNA
UvFvQ8s/XUM=
=Z5K9
-----END PGP SIGNATURE-----
ESB-2022.1681 - [RedHat] kernel-rt: CVSS (Max): 7.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1681
kernel-rt security and bug fix update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel-rt
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-25636 CVE-2022-0492 CVE-2021-4083
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1413
Comment: CVSS (Max): 7.8 CVE-2022-25636 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel-rt security and bug fix update
Advisory ID: RHSA-2022:1413-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1413
Issue date: 2022-04-19
CVE Names: CVE-2021-4083 CVE-2022-0492 CVE-2022-25636
=====================================================================
1. Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Real Time EUS (v.8.4) - x86_64
Red Hat Enterprise Linux Real Time for NFV EUS (v.8.4) - x86_64
3. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it
(CVE-2021-4083)
* kernel: cgroups v1 release_agent feature may allow privilege escalation
(CVE-2022-0492)
* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* kernel-rt: update RT source tree to the RHEL-8.4.z8 source tree
(BZ#2059334)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c
6. Package List:
Red Hat Enterprise Linux Real Time for NFV EUS (v.8.4):
Source:
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.src.rpm
x86_64:
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-kvm-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
Red Hat Enterprise Linux Real Time EUS (v.8.4):
Source:
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.src.rpm
x86_64:
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-4083
https://access.redhat.com/security/cve/CVE-2022-0492
https://access.redhat.com/security/cve/CVE-2022-25636
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7uhdzjgjWX9erEAQi8YBAAkUdFptawoGEINw+0aLnAKXIUQiVFCOLE
k1X+OM2CJBevwLdfCbqwSFLWgzZRzZoMio9ONvyfvCSU5b5oDoRdywUk37x0jtaR
NtGAcFIgaZlRKU5onM7cL59n0Qo5So4S+eG9SUbDWWcht6DgKLcaVN+8d657vOK9
bggwA6QSGWQdRqHdaLf2rV9SYlflMHTcg2SEgU2aFXKmWZnnj9dDfIGgMwhu6eY5
BCCVdC/8/SkaKZW9i6sgmxYFAniL8opDx0C3mkd3a7LYx+RQfM9N3wTL8FubV2Do
zdITckAwYdpTgIzlgP1tWoUUihaXz/WujkHHVuSCG6gTAIal0bHGfAngdEreBQPz
xq7jM2Oa/t/eXpmCSfYstfQkFSK6W28sKxvR/oRbJMH08BH5cIvaQorpUsin28g3
IZ4lDOFvDqS1BfnKBaZ13p2dMYfqUL/Q+PLvL46NWZ2mAHNQjEBqIyn6vL5+o3QQ
UBBY+TJflaYmP82rr/hFV6L4ewF0cJJ9Cth8HXxT1fABzFCb5uHRCnyTDhDxGzey
SlyJU3tOUw1CBWkSoXdqyUF6iv9pnzkiOTMIwTCNUU3dVzSJwYASgpT9LwI2z9C5
Wyw6ckHw7b6FDfyVC+4ZPiPEwc+tmpFdUdugbX0kTFB+6GpEOewcDyg3QQg9ZV1/
vfctWBLq3kQ=
=zsvE
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIUAwUBYl9Xj+NLKJtyKPYoAQgQyQ/0D970z0LToh67VnJ3ACUrecu04M7aCA1S
f+SvarUImfiVWxu/MUoP43F+9b5dzw43LpjWM6AX4YtfeCYLcu3wOuCvHdaMzRTE
xZPnEk0ue8xtQQ1M1kbBc3g5ph4JzqJTaUsm8yRVjQG0fWRP7ddp4qEYnPQ4Rh2e
GstmUrDcT18h68oqUULL4g2LFtLBMhsEE+vnYr6iGODP45IatxR7b7Dzx9LnVz+0
2ltiA4Zt8sq94TNt/yiinOO/yjSEeVw/+LGlE7z8jvsE12GeemQQeMc7APUMqb9L
k4vnNvGs+AKoT5SslLG4J6AEalSKXZr3dijV6pRkAgls2vSsQYfC0FNIJt1H7dq+
B0iMvF9VCOFzinKFVsBr4wVeEXqZMb9dimi3Mblmlj4lj2uxnOiY+qXuXpJf6PI+
KHG3eiWbuepXxQ4pFEL+i4B02XTYzbyhyKCjZX0E7mK2A7gyR1H9uj2POCCwvaW9
zG9amYNHOl7Mz8EargwETSailz6MOIXGV8/qRe3uFBBDrw89gBGzkxkrns0dTsIL
ZmzMvT6BBfUJjC9vhmbTLRNGCxVylGXfR4tDBmmrJ1+zpVYnuPwCJ+aclfnjuBuH
mMAMV5Fv+Igr/rq16xtg8NNr06M1Lseq9AjeQnWgNdCbKuaw6BdUdAazIRX+Tp4o
TgTqqKkgrg==
=rDpf
-----END PGP SIGNATURE-----
ESB-2022.1680 - [RedHat] 389-ds:1.4: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1680
389-ds:1.4 security and bug fix update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: 389-ds:1.4
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2021-4091
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1410
Comment: CVSS (Max): 7.5 CVE-2021-4091 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: 389-ds:1.4 security and bug fix update
Advisory ID: RHSA-2022:1410-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1410
Issue date: 2022-04-19
CVE Names: CVE-2021-4091
=====================================================================
1. Summary:
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise
Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The
base packages include the Lightweight Directory Access Protocol (LDAP)
server and command-line utilities for server administration.
Security Fix(es):
* 389-ds-base: double free of the virtual attribute context in persistent
search (CVE-2021-4091)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* DB corruption "_entryrdn_insert_key - Same DN (dn:
nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,) is already in the
entryrdn file" (BZ#2066800)
* IPA server (389ds) is very slow in execution of some searches
(`&(memberOf=...)(objectClass=ipaHost)` in particular) (BZ#2066801)
* monitor displays wrong date for connection (BZ#2066848)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2030307 - CVE-2021-4091 389-ds-base: double free of the virtual attribute context in persistent search
2066800 - DB corruption "_entryrdn_insert_key - Same DN (dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,) is already in the entryrdn file"
2066801 - IPA server (389ds) is very slow in execution of some searches (`&(memberOf=...)(objectClass=ipaHost)` in particular)
2066848 - monitor displays wrong date for connection
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v.8.4):
Source:
389-ds-base-1.4.3.16-20.module+el8.4.0+14552+b182c759.src.rpm
aarch64:
389-ds-base-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-debugsource-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-devel-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-legacy-tools-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-legacy-tools-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-libs-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-libs-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-snmp-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
389-ds-base-snmp-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.aarch64.rpm
noarch:
python3-lib389-1.4.3.16-20.module+el8.4.0+14552+b182c759.noarch.rpm
ppc64le:
389-ds-base-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-debugsource-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-devel-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-legacy-tools-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-legacy-tools-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-libs-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-libs-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-snmp-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
389-ds-base-snmp-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.ppc64le.rpm
s390x:
389-ds-base-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-debugsource-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-devel-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-legacy-tools-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-legacy-tools-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-libs-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-libs-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-snmp-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
389-ds-base-snmp-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.s390x.rpm
x86_64:
389-ds-base-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-debugsource-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-devel-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-legacy-tools-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-legacy-tools-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-libs-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-libs-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-snmp-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
389-ds-base-snmp-debuginfo-1.4.3.16-20.module+el8.4.0+14552+b182c759.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-4091
https://access.redhat.com/security/updates/classification/#low
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7ul9zjgjWX9erEAQhcxg/9HAutJcNWHFMbkpHZEZupCBTm+F+4hV4X
7RpRa+QZv35GBEYMPPcdG6fGQ+HizL6JXYJ7PoMh4Tk4yvLLSDbV/DgGAu6otfMg
w6rY3LYC8NK2ddQmU5ERGU6SH8o0SCV++hMznrwEJYGIsmAQ5K3Iwh4umszrjNfF
5dTrCRDrPJKh8ToXKa99D5vC3WMHLFbNrHl3KQJLvFMEc7q5IkRB7X8wSY6flBml
CGoR49DjTGVeD746+n3il58ShxaTqq2e2MPl5ipKjGtsLmxaTPPvqzPlgvchyIuO
Czp9glJy6bhe2JnYGZf4nKLmlZCjm5d4CvAr1HzTvzymwrCVUnbLfHuRbBYZnoU8
p1wZUJJXummvngFjCGO7+oOKA5B13ZvJ6qSQJVRBu1r8LyTgFKLyUr5AgvZhAw0N
nJklqR9dOnpdFLEHyx9O3lDtD+K1mRndUvBpY4JtMYwqs8yMlvGabnahHvhdoCJ7
6tbr6F+x3o20zfA/4FvEopNUxoFjI8c07hK4UIdusH+x3veyH/MMMfLz35172/FW
0MCJ/1fS4tROH7L9pJhTecL49cQTntGfMf4TjKQO68fz34mjglOxRbVI84Yz92rz
F1bdxx8jc4ZLBfB4rTTvOsx4Hq2wAMqPZAEqDFilnx/viToRvbxkqbl3RCpr5FX6
a9hoUJbZW40=
=w/jo
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XeONLKJtyKPYoAQinbBAAsNuHBQwhY7h42AUE9JTevgJrriQE0XHr
Cxh3oV45MlL6+w6q7w27CA1iSZpBXsn43xwz0S8xe1F+pk6w2VWrDsIwTAqdc2t5
BPfUuGKYfohc5oW2bSlZfs4lmstSwCHfF9Tt5z/Y/2LVUTcEbNjaqAIxe8clkRhM
VyysEBeZhlcwallHR6oAtNwz082DS4mglOLQpwIMr+B6i5DyFrqphjj1+5Nt1+vR
swj4qZowzuRtnAQLljNjv44KMVNd+s1+SR39Sf/7AMt69u3VKafdhR/C4zrTGuq5
gMbCgOhEpzv8tO/PSnqqzBW1RBs56h4WBDGk/0msP1vDQlY2/Gk+vtB2ah6hqi7K
KSFfIeatq+26xKhALJMH0Zic1dBfRCAwGzJtdjXrktg4qMIVe98mCtCKi938LMnR
L+MOf5tlYAgle/c37Z1RTNSqdLISkejFVvPxbS69kL6pkY5kOTjGPVnr8MCAntBU
mUOowDE2NAH3hxREKZIoeY3egwmzM8/FzbJJFJ8jGJpccsKGpjtMJf7W5DIWIOGQ
VW8jaWdQwlB9+XRobxN/gKmLN7Ezpoahu1PEtNBUN8iarzqe5qejfFosie/2IkU7
5ikmigmd01LBAlxfIaA/88zeUUE5AMF58QLArr9q/jZHkoQMKloeQqAXPzZp8c2D
9R+CfkgGATM=
=Ty1q
-----END PGP SIGNATURE-----
ESB-2022.1679 - [RedHat] container-tools:2.0: CVSS (Max): 4.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1679
container-tools:2.0 security and bug fix update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: container-tools:2.0
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27651 CVE-2022-27649
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1407
Comment: CVSS (Max): 4.8 CVE-2022-27651 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: container-tools:2.0 security and bug fix update
Advisory ID: RHSA-2022:1407-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1407
Issue date: 2022-04-19
CVE Names: CVE-2022-27649 CVE-2022-27651
=====================================================================
1. Summary:
An update for the container-tools:2.0 module is now available for Red Hat
Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.
Security Fix(es):
* podman: Default inheritable capabilities for linux container should be
empty (CVE-2022-27649)
* buildah: Default inheritable capabilities for linux container should be
empty (CVE-2022-27651)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* [8.2 EUS backport] podman cpu stats bug (BZ#2062400)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2066568 - CVE-2022-27649 podman: Default inheritable capabilities for linux container should be empty
2066840 - CVE-2022-27651 buildah: Default inheritable capabilities for linux container should be empty
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v.8.4):
Source:
buildah-1.11.6-9.module+el8.4.0+14792+f44be4c2.src.rpm
cockpit-podman-11-1.module+el8.4.0+14792+f44be4c2.src.rpm
conmon-2.0.15-1.module+el8.4.0+14792+f44be4c2.src.rpm
container-selinux-2.130.0-1.module+el8.4.0+14792+f44be4c2.src.rpm
containernetworking-plugins-0.8.3-4.module+el8.4.0+14792+f44be4c2.src.rpm
criu-3.12-9.module+el8.4.0+14792+f44be4c2.src.rpm
fuse-overlayfs-0.7.8-1.module+el8.4.0+14792+f44be4c2.src.rpm
podman-1.6.4-28.module+el8.4.0+14792+f44be4c2.src.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.4.0+14792+f44be4c2.src.rpm
runc-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.src.rpm
skopeo-0.1.41-4.module+el8.4.0+14792+f44be4c2.src.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.src.rpm
toolbox-0.0.7-1.module+el8.4.0+14792+f44be4c2.src.rpm
udica-0.2.1-2.module+el8.4.0+14792+f44be4c2.src.rpm
aarch64:
buildah-1.11.6-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
buildah-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
buildah-debugsource-1.11.6-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
buildah-tests-1.11.6-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
buildah-tests-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
conmon-2.0.15-1.module+el8.4.0+14792+f44be4c2.aarch64.rpm
containernetworking-plugins-0.8.3-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
containernetworking-plugins-debuginfo-0.8.3-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
containernetworking-plugins-debugsource-0.8.3-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
containers-common-0.1.41-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
crit-3.12-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
criu-3.12-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
criu-debuginfo-3.12-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
criu-debugsource-3.12-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
fuse-overlayfs-0.7.8-1.module+el8.4.0+14792+f44be4c2.aarch64.rpm
fuse-overlayfs-debuginfo-0.7.8-1.module+el8.4.0+14792+f44be4c2.aarch64.rpm
fuse-overlayfs-debugsource-0.7.8-1.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-debugsource-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-remote-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-remote-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
podman-tests-1.6.4-28.module+el8.4.0+14792+f44be4c2.aarch64.rpm
python3-criu-3.12-9.module+el8.4.0+14792+f44be4c2.aarch64.rpm
runc-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.aarch64.rpm
runc-debuginfo-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.aarch64.rpm
runc-debugsource-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.aarch64.rpm
skopeo-0.1.41-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
skopeo-debuginfo-0.1.41-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
skopeo-debugsource-0.1.41-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
skopeo-tests-0.1.41-4.module+el8.4.0+14792+f44be4c2.aarch64.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.aarch64.rpm
slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.aarch64.rpm
slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.aarch64.rpm
noarch:
cockpit-podman-11-1.module+el8.4.0+14792+f44be4c2.noarch.rpm
container-selinux-2.130.0-1.module+el8.4.0+14792+f44be4c2.noarch.rpm
podman-docker-1.6.4-28.module+el8.4.0+14792+f44be4c2.noarch.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.4.0+14792+f44be4c2.noarch.rpm
toolbox-0.0.7-1.module+el8.4.0+14792+f44be4c2.noarch.rpm
udica-0.2.1-2.module+el8.4.0+14792+f44be4c2.noarch.rpm
ppc64le:
buildah-1.11.6-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
buildah-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
buildah-debugsource-1.11.6-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
buildah-tests-1.11.6-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
buildah-tests-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
conmon-2.0.15-1.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
containernetworking-plugins-0.8.3-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
containernetworking-plugins-debuginfo-0.8.3-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
containernetworking-plugins-debugsource-0.8.3-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
containers-common-0.1.41-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
crit-3.12-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
criu-3.12-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
criu-debuginfo-3.12-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
criu-debugsource-3.12-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
fuse-overlayfs-0.7.8-1.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
fuse-overlayfs-debuginfo-0.7.8-1.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
fuse-overlayfs-debugsource-0.7.8-1.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-debugsource-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-remote-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-remote-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
podman-tests-1.6.4-28.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
python3-criu-3.12-9.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
runc-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
runc-debuginfo-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
runc-debugsource-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
skopeo-0.1.41-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
skopeo-debuginfo-0.1.41-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
skopeo-debugsource-0.1.41-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
skopeo-tests-0.1.41-4.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.ppc64le.rpm
s390x:
buildah-1.11.6-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
buildah-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
buildah-debugsource-1.11.6-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
buildah-tests-1.11.6-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
buildah-tests-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
conmon-2.0.15-1.module+el8.4.0+14792+f44be4c2.s390x.rpm
containernetworking-plugins-0.8.3-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
containernetworking-plugins-debuginfo-0.8.3-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
containernetworking-plugins-debugsource-0.8.3-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
containers-common-0.1.41-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
crit-3.12-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
criu-3.12-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
criu-debuginfo-3.12-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
criu-debugsource-3.12-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
fuse-overlayfs-0.7.8-1.module+el8.4.0+14792+f44be4c2.s390x.rpm
fuse-overlayfs-debuginfo-0.7.8-1.module+el8.4.0+14792+f44be4c2.s390x.rpm
fuse-overlayfs-debugsource-0.7.8-1.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-debugsource-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-remote-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-remote-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
podman-tests-1.6.4-28.module+el8.4.0+14792+f44be4c2.s390x.rpm
python3-criu-3.12-9.module+el8.4.0+14792+f44be4c2.s390x.rpm
runc-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.s390x.rpm
runc-debuginfo-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.s390x.rpm
runc-debugsource-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.s390x.rpm
skopeo-0.1.41-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
skopeo-debuginfo-0.1.41-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
skopeo-debugsource-0.1.41-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
skopeo-tests-0.1.41-4.module+el8.4.0+14792+f44be4c2.s390x.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.s390x.rpm
slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.s390x.rpm
slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.s390x.rpm
x86_64:
buildah-1.11.6-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
buildah-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
buildah-debugsource-1.11.6-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
buildah-tests-1.11.6-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
buildah-tests-debuginfo-1.11.6-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
conmon-2.0.15-1.module+el8.4.0+14792+f44be4c2.x86_64.rpm
containernetworking-plugins-0.8.3-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
containernetworking-plugins-debuginfo-0.8.3-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
containernetworking-plugins-debugsource-0.8.3-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
containers-common-0.1.41-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
crit-3.12-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
criu-3.12-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
criu-debuginfo-3.12-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
criu-debugsource-3.12-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
fuse-overlayfs-0.7.8-1.module+el8.4.0+14792+f44be4c2.x86_64.rpm
fuse-overlayfs-debuginfo-0.7.8-1.module+el8.4.0+14792+f44be4c2.x86_64.rpm
fuse-overlayfs-debugsource-0.7.8-1.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-debugsource-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-remote-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-remote-debuginfo-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
podman-tests-1.6.4-28.module+el8.4.0+14792+f44be4c2.x86_64.rpm
python3-criu-3.12-9.module+el8.4.0+14792+f44be4c2.x86_64.rpm
runc-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.x86_64.rpm
runc-debuginfo-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.x86_64.rpm
runc-debugsource-1.0.0-65.rc10.module+el8.4.0+14792+f44be4c2.x86_64.rpm
skopeo-0.1.41-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
skopeo-debuginfo-0.1.41-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
skopeo-debugsource-0.1.41-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
skopeo-tests-0.1.41-4.module+el8.4.0+14792+f44be4c2.x86_64.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.x86_64.rpm
slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.x86_64.rpm
slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.4.0+14792+f44be4c2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-27649
https://access.redhat.com/security/cve/CVE-2022-27651
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7ud9zjgjWX9erEAQgdShAAmpEhlMjKEwhc+cEFZ0EiPToNp5/nttu4
ZWw1cOoj569LGQxCVrRLBoNNil8MIA3depqZrUmC1seT2wrdoa+3o5A+1J9vmTyH
OocLlpHGcfZquufWtTnJbPcbLGJ83tSa121GJBa8WMC8pq4L6A2rxqAfHLAqY7QZ
d3DvneYqwSVdQo7/dWGxAgYd9LTkTWCXfSZRR6fSUce6vwUIsfcwAYHIlXLO/6SN
WE+UeOsPsOONLvkjZj1Fk7JGQvLmT/VuhJSBYhQ2hQiCyjkQQ0/nnYBcUDoDyODt
cfBeoJVfCsXNbiO/ZwnB2RlLXVGvHwGNYx8H2Jz1gDz4uqIBNQnuXBhEe7DDrmAq
03Vv4snoZ0oexDMUkdFk0FSITKPHFMMcsrb2sZWMBJRVy3lPMg0DIcrUs7mMhwe0
moNMR9OnCIvNAzHLHfgLUMQg91wf3Zqb0Q8dwOgYgVKT2FYU6QP5WY5sWechDTaa
Ddw/pq+OXJZ1p008gblhcXOWkMiOthkikuea4dzfyo2Sr7UDYDN6YBNhEYO9WmkN
VALSXEGK29A0WS4gvRQyuM8dmTCA5rzN920jf6md6Lj/4SII2rBYYsSBiDrLpRGH
1eM0NbzRTT9RHbk+NCJ/P/vAm+YoXm1rNc/fhP5RIdDMg5Si1ShaXn4gv8BBGF+x
4/wjOBkLPWE=
=Eq8j
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XZONLKJtyKPYoAQgleg//Qz60ahgjmeIH55ZZECQhfsPxZQLve0CO
qsvVqmTkws8I7y2ceJijyDxKfgnVu/w2awmh6eUcw9bXg1AhmS3ujB9jHtuSqwyl
W5WMlXh8CMze60BcZz0rLBTac5cWjfcYD9yEOZ+NlaxBmQYAJyihup/+m17ZCsEv
+OLBnDZFrd3JU09s4nOfy6An55bU3FFmteoGJTjxuk7IfntSy8pDGQ1wjlgzrlYj
29ZV4vJnTc+ib6k+btff3JOiQHcQqmsCXe1Enbnr+ZeMbeyPCFPrWVfteHWGibhv
VwAKjW7BeJCqVG8Pd/t2BgCp1O+6hKR2BxRnluM7Vmw0Zgnw718kj6TIjgzVsH7j
2yyNFEc6qS5x/D5W/PfnlppmxHc4cVzH4tPbfGD8vPB0izlepCSkNkqO9xm19IR6
hHmSiDQW7YwjpNHy3SR0iyptRmSR+QxVgKYMPH99bXGWIypHJtx97UqF5jRE1wAP
VJfE0BYX7eGWYWLs9pWU47jMEYPJz14yrk0a5qALxzuuEm989qbtq/v5ZH7H/6yj
QtR6PV2eYsHVo305ErwmS4CnyHhMK8PR4Jcx/fJdh+lDEElVwta0uG2+IyFyWiag
a4w+Sgk3IlzUPv42fepYX1RDZs/v+N/mWQx26+2eBVWLqcyqqmI3dxmiLyiGLtk2
zkDtFEInkEY=
=Mfst
-----END PGP SIGNATURE-----
ESB-2022.1678 - [RedHat] OpenShift Virtualization 2.6.10 RPMs: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1678
OpenShift Virtualization 2.6.10 RPMs security and bug fix update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Virtualization 2.6.10 RPMs
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33198 CVE-2021-33197 CVE-2021-33195
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1402
Comment: CVSS (Max): 7.5 CVE-2021-33198 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Virtualization 2.6.10 RPMs security and bug fix update
Advisory ID: RHSA-2022:1402-01
Product: cnv
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1402
Issue date: 2022-04-19
CVE Names: CVE-2021-33195 CVE-2021-33197 CVE-2021-33198
=====================================================================
1. Summary:
Red Hat OpenShift Virtualization release 2.6.10 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
CNV 2.6 for RHEL 7 - x86_64
CNV 2.6 for RHEL 8 - x86_64
3. Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 2.6.10 RPMs.
Security Fix(es):
* golang: net: lookup functions may return invalid host names
(CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if
first one is empty (CVE-2021-33197)
* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error
if passed inputs with very large exponents (CVE-2021-33198)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1989564 - CVE-2021-33195 golang: net: lookup functions may return invalid host names
1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty
1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents
2051113 - 2.6.10 rpms
6. Package List:
CNV 2.6 for RHEL 7:
Source:
kubevirt-2.6.10-230.el7.src.rpm
x86_64:
kubevirt-virtctl-2.6.10-230.el7.x86_64.rpm
kubevirt-virtctl-redistributable-2.6.10-230.el7.x86_64.rpm
CNV 2.6 for RHEL 8:
Source:
kubevirt-2.6.10-230.el8.src.rpm
x86_64:
kubevirt-virtctl-2.6.10-230.el8.x86_64.rpm
kubevirt-virtctl-redistributable-2.6.10-230.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-33195
https://access.redhat.com/security/cve/CVE-2021-33197
https://access.redhat.com/security/cve/CVE-2021-33198
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7uftzjgjWX9erEAQga0g//Uuj2PhJ9sjQLWl6NCvZ0u8clCtMPCUIJ
RBMwzmvsspsqGBGIHVDYRGU9EAf+F082B5wHUU+SXCDonbpfvWTu+hI+aLiTLKTY
T2zJE8q1b6qMXk4FOcBxKgnaGuEW/snfwPnqOPrmDpK/DLe1cpmZ+dGu4prxg8PL
1HZj2ASEyeR3E1YK0JzWVDINeCXFoNAJeVa7Xf48iFcpqPgVOL3g6DQAVd4PoqoL
QgfA6fhEpine9ADuxtLKKlbulosJSX2v1xlWRBDLeHQ1pmCUBys9xB6v7I+3LfYb
QAz8JPrQMZu6N/3+wTp5aHWOeKD7kERDQOXXkDO59qz4hjB0a9xZsKM+3mPv5lnT
UAfsjjUhDzc0Ya35A/Keawf0roySEGAxQ3L1ceuTBnarWp9v0ZooKA6uAGKXxhhx
agn02J9TzC3bAh88NUlHUXFMslQkJMrFy7edtvzumN2IdFxDHRyN1okj86uLuxiB
D5mAjjRXN6ezESZGayZVJiZTKHwesk+/7tGgvxUcKQiNaHZYAbQuSwI3T4cVjPME
p/MY6MFhcXocE+HeFl43Dr51aXq1axahQcN1GahIjZW139Vjhp6kaQSjV+ofj/oP
XzEWhSC1g5x/h9wM4nexo7Lcy4Mp+qVVL4Xn5lXNWNLyb06aiPhoQEGcrZIr4hnO
dSKQq2JB3GQ=
=a2y4
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XVeNLKJtyKPYoAQhUiQ//ZXOwyS1ov32HnGfRU1z4XAUN6RouGzYR
LMsSEVthC20d6ueqv6aIy2INDqZGstbrPWz5hqw5FG+pHLv3lBqHrIPm5ROOrVa4
6oSVRHTjMLnYjfmeaBgIvWzgnpOJ/Gz2rNecIuqndmEdNSMdQ70ri5HcIMx7ZHnK
cjmUXOoSeOkmrYMBMMODJPQ/9Jaj4WoOsTobBQgGBM2qPy2VvIotH+TfQ8PwirDm
Kp/tuw8/+wIFCNWCKqvYyAa4vWm2P/n3DTwGbCk7Uk91d+Gw3e7IqLVlRgzJwm4/
9YVS3ZwV5RMXaQK4QcRS5657b5VxS9D5szUKyLNly/wh5ZxErAuDLF9Q630B8Gyv
fI1I14hjTOxxFHMP+mvJpZhG+BzWa4WBADuGzLWhf45Z0Ol/WfD+2rka63Zcakr+
3ekcjDQLwgJKV+DF/x0q7NJV81qc6jtXGr6KBY/Mu52RdukTBxpI9BEpeuISKqGg
Nc9+CoFLKy1oD5T+tDejha9+WOptpiWY7doErQJk44p68DpTxDbXXczSdQCNNi78
jA0cCcLmlpldmy1tr0ZpcN36Wh3PZZatNHI1HkJ5brrbK65cAYB5w+YvLGqQ8vHy
Z2/kvjP43dYxW4CGzna5mt7DdRRYsBGuBVmtaj1lTchkZLpewK7L/wuHiZFF9jKc
NFf49qgSJOw=
=n8dr
-----END PGP SIGNATURE-----
ESB-2022.1677 - [RedHat] Migration Toolkit for Containers (MTC) 1.5.4: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1677
Migration Toolkit for Containers (MTC) 1.5.4 security update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Migration Toolkit for Containers (MTC) 1.5.4
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-25315 CVE-2022-25236 CVE-2022-25235
CVE-2022-24407 CVE-2022-23852 CVE-2022-23308
CVE-2022-23219 CVE-2022-23218 CVE-2022-22942
CVE-2022-22827 CVE-2022-22826 CVE-2022-22825
CVE-2022-22824 CVE-2022-22823 CVE-2022-22822
CVE-2022-22817 CVE-2022-22816 CVE-2022-0847
CVE-2022-0778 CVE-2022-0532 CVE-2022-0516
CVE-2022-0492 CVE-2022-0435 CVE-2022-0413
CVE-2022-0392 CVE-2022-0361 CVE-2022-0359
CVE-2022-0330 CVE-2022-0318 CVE-2022-0261
CVE-2021-46143 CVE-2021-45960 CVE-2021-44717
CVE-2021-44716 CVE-2021-42574 CVE-2021-41190
CVE-2021-36221 CVE-2021-36087 CVE-2021-36086
CVE-2021-36085 CVE-2021-36084 CVE-2021-33560
CVE-2021-31566 CVE-2021-28153 CVE-2021-23177
CVE-2021-22925 CVE-2021-22898 CVE-2021-22876
CVE-2021-21684 CVE-2021-20232 CVE-2021-20231
CVE-2021-4154 CVE-2021-4122 CVE-2021-3999
CVE-2021-3800 CVE-2021-3580 CVE-2021-3572
CVE-2021-3521 CVE-2021-3445 CVE-2021-3426
CVE-2021-3200 CVE-2021-0920 CVE-2020-25710
CVE-2020-25709 CVE-2020-24370 CVE-2020-16135
CVE-2020-14155 CVE-2020-13435 CVE-2020-12762
CVE-2019-20838 CVE-2019-19603 CVE-2019-18218
CVE-2019-17595 CVE-2019-17594 CVE-2019-13751
CVE-2019-13750 CVE-2019-5827 CVE-2014-3577
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1396
Comment: CVSS (Max): 9.8 CVE-2022-25315 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Migration Toolkit for Containers (MTC) 1.5.4 security update
Advisory ID: RHSA-2022:1396-01
Product: Red Hat Migration Toolkit
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1396
Issue date: 2022-04-19
CVE Names: CVE-2014-3577 CVE-2019-5827 CVE-2019-13750
CVE-2019-13751 CVE-2019-17594 CVE-2019-17595
CVE-2019-18218 CVE-2019-19603 CVE-2019-20838
CVE-2020-12762 CVE-2020-13435 CVE-2020-14155
CVE-2020-16135 CVE-2020-24370 CVE-2020-25709
CVE-2020-25710 CVE-2021-0920 CVE-2021-3200
CVE-2021-3426 CVE-2021-3445 CVE-2021-3521
CVE-2021-3572 CVE-2021-3580 CVE-2021-3800
CVE-2021-3999 CVE-2021-4122 CVE-2021-4154
CVE-2021-20231 CVE-2021-20232 CVE-2021-21684
CVE-2021-22876 CVE-2021-22898 CVE-2021-22925
CVE-2021-23177 CVE-2021-28153 CVE-2021-31566
CVE-2021-33560 CVE-2021-36084 CVE-2021-36085
CVE-2021-36086 CVE-2021-36087 CVE-2021-36221
CVE-2021-41190 CVE-2021-42574 CVE-2021-44716
CVE-2021-44717 CVE-2021-45960 CVE-2021-46143
CVE-2022-0261 CVE-2022-0318 CVE-2022-0330
CVE-2022-0359 CVE-2022-0361 CVE-2022-0392
CVE-2022-0413 CVE-2022-0435 CVE-2022-0492
CVE-2022-0516 CVE-2022-0532 CVE-2022-0778
CVE-2022-0847 CVE-2022-22816 CVE-2022-22817
CVE-2022-22822 CVE-2022-22823 CVE-2022-22824
CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
CVE-2022-22942 CVE-2022-23218 CVE-2022-23219
CVE-2022-23308 CVE-2022-23852 CVE-2022-24407
CVE-2022-25235 CVE-2022-25236 CVE-2022-25315
=====================================================================
1. Summary:
The Migration Toolkit for Containers (MTC) 1.5.4 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.
Security Fix(es):
* golang: net/http/httputil: panic due to racy read of persistConn after
handler panic (CVE-2021-36221)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
3. Solution:
For details on how to install and use MTC, refer to:
https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic
5. References:
https://access.redhat.com/security/cve/CVE-2014-3577
https://access.redhat.com/security/cve/CVE-2019-5827
https://access.redhat.com/security/cve/CVE-2019-13750
https://access.redhat.com/security/cve/CVE-2019-13751
https://access.redhat.com/security/cve/CVE-2019-17594
https://access.redhat.com/security/cve/CVE-2019-17595
https://access.redhat.com/security/cve/CVE-2019-18218
https://access.redhat.com/security/cve/CVE-2019-19603
https://access.redhat.com/security/cve/CVE-2019-20838
https://access.redhat.com/security/cve/CVE-2020-12762
https://access.redhat.com/security/cve/CVE-2020-13435
https://access.redhat.com/security/cve/CVE-2020-14155
https://access.redhat.com/security/cve/CVE-2020-16135
https://access.redhat.com/security/cve/CVE-2020-24370
https://access.redhat.com/security/cve/CVE-2020-25709
https://access.redhat.com/security/cve/CVE-2020-25710
https://access.redhat.com/security/cve/CVE-2021-0920
https://access.redhat.com/security/cve/CVE-2021-3200
https://access.redhat.com/security/cve/CVE-2021-3426
https://access.redhat.com/security/cve/CVE-2021-3445
https://access.redhat.com/security/cve/CVE-2021-3521
https://access.redhat.com/security/cve/CVE-2021-3572
https://access.redhat.com/security/cve/CVE-2021-3580
https://access.redhat.com/security/cve/CVE-2021-3800
https://access.redhat.com/security/cve/CVE-2021-3999
https://access.redhat.com/security/cve/CVE-2021-4122
https://access.redhat.com/security/cve/CVE-2021-4154
https://access.redhat.com/security/cve/CVE-2021-20231
https://access.redhat.com/security/cve/CVE-2021-20232
https://access.redhat.com/security/cve/CVE-2021-21684
https://access.redhat.com/security/cve/CVE-2021-22876
https://access.redhat.com/security/cve/CVE-2021-22898
https://access.redhat.com/security/cve/CVE-2021-22925
https://access.redhat.com/security/cve/CVE-2021-23177
https://access.redhat.com/security/cve/CVE-2021-28153
https://access.redhat.com/security/cve/CVE-2021-31566
https://access.redhat.com/security/cve/CVE-2021-33560
https://access.redhat.com/security/cve/CVE-2021-36084
https://access.redhat.com/security/cve/CVE-2021-36085
https://access.redhat.com/security/cve/CVE-2021-36086
https://access.redhat.com/security/cve/CVE-2021-36087
https://access.redhat.com/security/cve/CVE-2021-36221
https://access.redhat.com/security/cve/CVE-2021-41190
https://access.redhat.com/security/cve/CVE-2021-42574
https://access.redhat.com/security/cve/CVE-2021-44716
https://access.redhat.com/security/cve/CVE-2021-44717
https://access.redhat.com/security/cve/CVE-2021-45960
https://access.redhat.com/security/cve/CVE-2021-46143
https://access.redhat.com/security/cve/CVE-2022-0261
https://access.redhat.com/security/cve/CVE-2022-0318
https://access.redhat.com/security/cve/CVE-2022-0330
https://access.redhat.com/security/cve/CVE-2022-0359
https://access.redhat.com/security/cve/CVE-2022-0361
https://access.redhat.com/security/cve/CVE-2022-0392
https://access.redhat.com/security/cve/CVE-2022-0413
https://access.redhat.com/security/cve/CVE-2022-0435
https://access.redhat.com/security/cve/CVE-2022-0492
https://access.redhat.com/security/cve/CVE-2022-0516
https://access.redhat.com/security/cve/CVE-2022-0532
https://access.redhat.com/security/cve/CVE-2022-0778
https://access.redhat.com/security/cve/CVE-2022-0847
https://access.redhat.com/security/cve/CVE-2022-22816
https://access.redhat.com/security/cve/CVE-2022-22817
https://access.redhat.com/security/cve/CVE-2022-22822
https://access.redhat.com/security/cve/CVE-2022-22823
https://access.redhat.com/security/cve/CVE-2022-22824
https://access.redhat.com/security/cve/CVE-2022-22825
https://access.redhat.com/security/cve/CVE-2022-22826
https://access.redhat.com/security/cve/CVE-2022-22827
https://access.redhat.com/security/cve/CVE-2022-22942
https://access.redhat.com/security/cve/CVE-2022-23218
https://access.redhat.com/security/cve/CVE-2022-23219
https://access.redhat.com/security/cve/CVE-2022-23308
https://access.redhat.com/security/cve/CVE-2022-23852
https://access.redhat.com/security/cve/CVE-2022-24407
https://access.redhat.com/security/cve/CVE-2022-25235
https://access.redhat.com/security/cve/CVE-2022-25236
https://access.redhat.com/security/cve/CVE-2022-25315
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7undzjgjWX9erEAQiqnA//coS+jbyEFQN1aAdPyLbi2n3NcYI984MP
Jb+dx3PPN+OZ+W8pXqp786iVzD5rPvpuFc4M0COp+Ambsfw3VZCmGk9+R4KtiMi/
tK0GXP0A+t91IeyEhGcOcUtruivBaToMwriBCLwPGSduTy67eEYA5z50yilDWyP/
dwksdQFru9fFtNo6ssWZg0bk4+p37fxkH2RqRrVRSNlRZMqW6of1gj77mx+YBBHU
p5NOxg00+0JuUyvvzVAWRAk5i5lTETiO85uDZLhv01YzBDHnroQxj2BmprXVSneZ
U7ToSzYjTYHN3uUdO23ytBRTAB3Sw8yIlVHSoPhQBO8pBmzIh/MC3dGgwdfp/QRk
cdlVKMN4wfq9k693qVgMlUFIqGC05VMDqd5ftpVWdOlb71fxE2yCiawJeg2bgA9x
eiEiAF2mCcQgFrEQUZz3NkQ1Ck9KLlkGDDucCJldWo2JB2OgP9ZocwvlrtwuaEQF
lJ7ltPPMB/5mPuFiccqhKNP1uDU4LsMve7+eJtXvi9au/A8DCF3H5wGnufNRNxg1
o4e1BUL0e8WLkpaeqfioz+h98udNi6DRN1x9a1rs7HjKAgDneqWq1QdvWPrD1Xmw
8E5l/kiIOZgHdKV37//oF/InpGnxdO2mGHge+KSrwkMBZ05hfqhv0ika0SNcMFB2
APVsdFf7Z0E=
=TaCO
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XP+NLKJtyKPYoAQhDYA/9FbL9K7n8EvCzaTb9xSL+UTus0pk/5s/7
dq4lySHB+Ongx6l2ZpvivKvBaNVekL3jz9X4k/YZYlB/hd5+79aD0d61BpCQ+s9k
zo57jxto+9hl/KfaOsxoY62MxIZPJFbSnwZoVBH6snOswJqdQH9DjCu0VYbmHZ4m
UftB7eOYi5m8dpuC8AmhhlihVimpRQtPJ8ZdXB+xaOMeffoRmkJizSneiBM44OIy
ghYplsMVgT6BQRsR8NMi4XncsroOebjBI9oZKlpWbLYgUmRE1S4awCyVse1pBDX6
URDufkNtvv/aw/b3NEA2O8aZsTeH7mSV2pdjeDZ5Y4cK4VWi+u/ciUoVCKwupQ3Z
7s9eKXauDw9eqRqHQs8918iAntzdyi+dSb8FPVFpElIYp/YFsNgff+BzEkjJzAxX
o6zds7AwdMFtgpoZD3yJJ2Qhs9hwtb3ydOaSz9L/0MHven+bbQVr4rSBNyOPBaed
aemnMyw2zB85qGr/77hRLduwl/fgk5MotvkLFecc9hKnPkOzpDZ8akdPc1r942kq
J0v8lJ+UL+9beqy0DPFCsURd2or7u3XKbOyHTid2iEYWY7myrUL6uFxC7g28bnl8
0qcvNZf/q1FeYE+7kcnmBvM69gtDw7viKvFsBfDCmEgQg2cgV4BuX0n4pjWymyyo
WGKI0fgfWt0=
=Xh+0
-----END PGP SIGNATURE-----
ESB-2022.1676 - [RedHat] Red Hat Ceph Storage 3: CVSS (Max): 8.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1676
Red Hat Ceph Storage 3 Security and Bug Fix update
20 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Ceph Storage 3
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2021-20288
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1394
Comment: CVSS (Max): 8.0 CVE-2021-20288 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat Ceph Storage 3 Security and Bug Fix update
Advisory ID: RHSA-2022:1394-01
Product: Red Hat Ceph Storage
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1394
Issue date: 2022-04-19
CVE Names: CVE-2021-20288
=====================================================================
1. Summary:
An update is now available for Red Hat Ceph Storage 3.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Ceph Storage 3 MON - ELS - ppc64le, x86_64
Red Hat Ceph Storage 3 OSD - ELS - ppc64le, x86_64
Red Hat Ceph Storage 3 Tools - ELS - noarch, ppc64le, x86_64
3. Description:
Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: Unauthorized global_id reuse in cephx (CVE-2021-20288)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1938031 - CVE-2021-20288 ceph: Unauthorized global_id reuse in cephx
2068353 - [Ceph-ansible]: Adding osd using add-osd.yml fails
2069491 - [Ceph-ansible]: RHCS deployment fails for non-devices osd scenario
2071676 - Adding rgw using site-container.yml with limit fails
6. Package List:
Red Hat Ceph Storage 3 MON - ELS:
Source:
ceph-12.2.12-141.el7cp.src.rpm
ppc64le:
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
ceph-mgr-12.2.12-141.el7cp.ppc64le.rpm
ceph-mon-12.2.12-141.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
librados2-12.2.12-141.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
librbd1-12.2.12-141.el7cp.ppc64le.rpm
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
librgw2-12.2.12-141.el7cp.ppc64le.rpm
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
python-rados-12.2.12-141.el7cp.ppc64le.rpm
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
x86_64:
ceph-base-12.2.12-141.el7cp.x86_64.rpm
ceph-common-12.2.12-141.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
ceph-mgr-12.2.12-141.el7cp.x86_64.rpm
ceph-mon-12.2.12-141.el7cp.x86_64.rpm
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
ceph-test-12.2.12-141.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
librados-devel-12.2.12-141.el7cp.x86_64.rpm
librados2-12.2.12-141.el7cp.x86_64.rpm
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
librbd1-12.2.12-141.el7cp.x86_64.rpm
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
librgw2-12.2.12-141.el7cp.x86_64.rpm
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
python-rados-12.2.12-141.el7cp.x86_64.rpm
python-rbd-12.2.12-141.el7cp.x86_64.rpm
python-rgw-12.2.12-141.el7cp.x86_64.rpm
Red Hat Ceph Storage 3 OSD - ELS:
Source:
ceph-12.2.12-141.el7cp.src.rpm
ppc64le:
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
ceph-osd-12.2.12-141.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
librados2-12.2.12-141.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
librbd1-12.2.12-141.el7cp.ppc64le.rpm
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
librgw2-12.2.12-141.el7cp.ppc64le.rpm
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
python-rados-12.2.12-141.el7cp.ppc64le.rpm
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
x86_64:
ceph-base-12.2.12-141.el7cp.x86_64.rpm
ceph-common-12.2.12-141.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
ceph-osd-12.2.12-141.el7cp.x86_64.rpm
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
ceph-test-12.2.12-141.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
librados-devel-12.2.12-141.el7cp.x86_64.rpm
librados2-12.2.12-141.el7cp.x86_64.rpm
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
librbd1-12.2.12-141.el7cp.x86_64.rpm
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
librgw2-12.2.12-141.el7cp.x86_64.rpm
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
python-rados-12.2.12-141.el7cp.x86_64.rpm
python-rbd-12.2.12-141.el7cp.x86_64.rpm
python-rgw-12.2.12-141.el7cp.x86_64.rpm
Red Hat Ceph Storage 3 Tools - ELS:
Source:
ceph-12.2.12-141.el7cp.src.rpm
ceph-ansible-3.2.59-1.el7cp.src.rpm
noarch:
ceph-ansible-3.2.59-1.el7cp.noarch.rpm
ppc64le:
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
ceph-fuse-12.2.12-141.el7cp.ppc64le.rpm
ceph-mds-12.2.12-141.el7cp.ppc64le.rpm
ceph-radosgw-12.2.12-141.el7cp.ppc64le.rpm
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
librados2-12.2.12-141.el7cp.ppc64le.rpm
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
librbd1-12.2.12-141.el7cp.ppc64le.rpm
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
librgw2-12.2.12-141.el7cp.ppc64le.rpm
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
python-rados-12.2.12-141.el7cp.ppc64le.rpm
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
rbd-mirror-12.2.12-141.el7cp.ppc64le.rpm
x86_64:
ceph-base-12.2.12-141.el7cp.x86_64.rpm
ceph-common-12.2.12-141.el7cp.x86_64.rpm
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
ceph-fuse-12.2.12-141.el7cp.x86_64.rpm
ceph-mds-12.2.12-141.el7cp.x86_64.rpm
ceph-radosgw-12.2.12-141.el7cp.x86_64.rpm
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
librados-devel-12.2.12-141.el7cp.x86_64.rpm
librados2-12.2.12-141.el7cp.x86_64.rpm
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
librbd1-12.2.12-141.el7cp.x86_64.rpm
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
librgw2-12.2.12-141.el7cp.x86_64.rpm
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
python-rados-12.2.12-141.el7cp.x86_64.rpm
python-rbd-12.2.12-141.el7cp.x86_64.rpm
python-rgw-12.2.12-141.el7cp.x86_64.rpm
rbd-mirror-12.2.12-141.el7cp.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-20288
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYl7ub9zjgjWX9erEAQinLg//XkldX2Himghu5oIT4krOlNRS0I82Xxj6
s/OJHAmF5kmSsnoNxcQd6/j4rltRXX5ndsDeRhEeC6KYNqnIJoKnMT80GSv+KUKi
4nIyLCbLysO2FXqLF4HtTmMjJ65IzfVIEpFer/8o/YnALMqUqK0z6kreRCJL+9Ww
M/ShJR2llQTR1rh+5HlM0jZgbDVGgjTdv3OlU6nfJxo1CEwZiPuuHH6nmV3SmM3B
WhWGy+C5xfTUjKdHI3SNDhU7zUm6e7tPb13ZBvF9AZG+gOPgoasMMcih9mHzmR+p
eUh+/MPE/5gGcgTrQEuLcQ0XeA1J1KCzLx5VRmI2u7JK4wrXx5/OzgFdJYGI5FQx
uUZkLS+Mn+p3vbdguPe72/5HFIPiv7IyNoisE7BRRyiLBF60WljolNGxD76XwOK7
bauJEUNlJVk8fK3dtS5AvMemVnzKrb3tTDEEUFbbqsnpRH+u2SlqnRJlRk2ZJpMs
jbkNRe08w2nnZ/0cw9BO1WagUYVV3p4KfjsqS3cQDFSaeGw026bHj4g1x8/sp1Ua
lFiy6kAtrp2WrpwICTrbtu5nSnIGmta+teuu3JTdCs3Ysp2zbicMg/27IJPfYNZn
aGkjmaFA0vprzyiV3zG/Gl113pCejL81iaQTc1fD5Qwp+68BBSZtYXBh7i8jahp1
1imSeVAkN+A=
=piMe
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl9XJONLKJtyKPYoAQiypw//aIun/iB5gs3gRmMONn8nlz45rFWO4i6V
52Z6/sBPUd6thN0AyOyYNowD1We46w7AMHgi/004LDhTCAcNrOBVX7xtaoqgnqhY
g4BoI0ZR6ybrIIRswmGumMpLyUK6LQ/scDodMkAokc46hWS7L2WT7wmn7cFrFpJ5
HRYs9ekJViAnyHIgODjEeHIEif8J60VkBIjRFg6stDEdv/1E4L+4aqr433jUaJxh
Z/DVrUFCNZzV1oA1dTn59N/z9zn45Q8NK25AEvraDQxbxY2Apg4XydxAfqJ5Pils
Y+8/jbTxJ0IkWydU93AM9Y2RbRs3mzLbL8pE51qo2v+6etA4wY/S+9ORvTbJZEAD
TKRo1BrT8djybxVVyhQ5ard5zQ9ziK+gwyWckyA0L8Gbvk5+wPQtD9Fvomw93Dft
VzHSR7lFKM/Op2LNVjM01VhqVcOpOk5SryQEZlvT7WaeOUEtuKbOh/+9ho9Yx8g8
rOQw07kWZnPzPadZZawe0t+4IcG/Szc7ew9QZVrOqjRSZFYecMqAGFI1W6yIwe9N
0f+kzYJrMqEkeHZAR8XNo13qbSlhhLhYKigxlXcjngDgPowXv5P+eDePtA7v1MGd
iTMN2J0PRt5rFTERWuX70a7C0P+Xlv95Ssd3o3XUuKrj1ldLexgOfrjH6AUG6DqL
gYuvgszCpSE=
=VByV
-----END PGP SIGNATURE-----
ESB-2022.1675 - [RedHat] Red Hat Decision Manager 7.12.1: CVSS (Max): 8.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1675
Red Hat Decision Manager 7.12.1 security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Decision Manager 7.12.1
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22965
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1379
Comment: CVSS (Max): 8.1 CVE-2022-22965 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat Decision Manager 7.12.1 security update
Advisory ID: RHSA-2022:1379-01
Product: Red Hat Decision Manager
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1379
Issue date: 2022-04-14
CVE Names: CVE-2022-22965
=====================================================================
1. Summary:
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat Decision Manager is an open source decision management platform
that combines business rules management, complex event processing, Decision
Model & Notation (DMN) execution, and business optimization for solving
planning problems. It automates business decisions and makes that logic
available to the entire business.
This asynchronous security patch is an update to Red Hat Decision Manager
7.
Security Fix(es):
* spring-webmvc: spring-framework: RCE via Data Binding on JDK 9+
(CVE-2022-22965)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
A Spring MVC or Spring WebFlux application running on JDK 9 and above might
be vulnerable to remote code execution (RCE) via data binding. The specific
exploit requires the application to run on Tomcat as a WAR deployment.
This release upgrades Spring to 5.3.18 and Spring Boot to 2.6.6 which fixes
the Spring MVC and WebFlux jars.
For on-premise installations, before applying the update, back up your
existing installation, including all applications, configuration files,
databases and database settings, and so on.
It is recommended to halt the server by stopping the JBoss Application
Server process before installing this update; after installing the update,
restart the server by starting the JBoss Application Server process.
The References section of this erratum contains a download link (you must
log in to download the update).
4. Bugs fixed (https://bugzilla.redhat.com/):
2070348 - CVE-2022-22965 spring-framework: RCE via Data Binding on JDK 9+
5. References:
https://access.redhat.com/security/cve/CVE-2022-22965
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/security/vulnerabilities/RHSB-2022-003
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=rhdm&version=7.12.1
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYlidHNzjgjWX9erEAQhBihAApV3yXc8aEuRq9fMKL4EnxKcmHt9dgnX2
/Xsdp+isSEvWlE+TC/Ou0tptT1ZPfO3Adm/bXbsboaiq790W+aF8qHEYuA+WxtRW
RY9cx4AS/QfRo+puk36QAWUSEx4WzKeU1no/5A7hezcPxIEGP+EdSX4DgDaVW9mB
CZndXwiYAzLyYgVFI/y5AJP8CPZTvwFjdunOBDwqqNsKiVgFOjqHMJo/X+yus4bU
aFF0BAsA0OVCrjdnWV0fUqF1iON8cbELW7JqkGobM22PZZ6ngxzTXUTbvD1QovLM
Cbj2Ay7l7DHH/3v9Hqk7NLpzp/fa9Z/lQ5c+3okHu0QvanphRllsC893/KGGMXfa
7+S3iWFKV2cJ2249z01eZgX30s7rlSlFRTB9hUlitWLiYaMkWWW0iqt0+2cPkjDv
zP0hy1pYCyCFLluS85FVqW/9HBItNwReuXp9Vv3JqDy8L5+DIVv4WmSYcr4LCcj2
EC5WsIjNW7G4dL0RCukt+HascGTD+huNbzsrDuln4vQJ2HG+4vmH7Cmmlr4MvpHD
Bw4BW6UI8a09axvbUVi2x+w1qTTdiO9J1x4ngaFKjbvItNpT3VRB3YfLcPck1Zv6
DCEC2g11LdPnO2JR5M6t2eMsFlkfLDtqDFotVVzGLBXQWj7I5R2YK+OPrEF2dnXD
Pjhf0e6lKl4=
=xaz4
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5Et+NLKJtyKPYoAQjGFhAApI1dcHy/TKnPj4TI2vDiwomyFfhr8Cc8
oh1dhzYZx4bD0HZXzqMwDndhzPqXf6hr55+D3R+keVPlibNDUNnZW2WRnh1hz8xc
LTN5NBjrbPHWtEBg3AUefnCSUIBfxInbpAkd+9CY3galf8h1RhvkmssuaePBFsuj
VlyCy8I5BOg5dVq+252SqUYc1V718m0GM/tInYnHw4ZB50KeK42LMKNs1H7zkHa7
jRZ63zSwLqzb6Ak0tl9HRSAI9VvlHSAV9E8clKH0GypqpAvtzJ90OJ3KK+c9Yery
qSKKoBuL2YgdB1mvps7Y3VCXkttpdk9K5YkZTeStTD41XPSv2+ZfgxXOzEOBMxRu
UlkTzve8aTPFzs18sdvoUbyAR6Je0HXNdEgo4J4km6aOPUWCXFHJwCKVB6pd9ddt
NXSK/EizK8CsCQrdOBgAqP+wnvyC5RRP4b7l4+fIP9fDu63B0HDUj+wWS7exqqh4
kNUXKwn1iBqcVC+yzcQn7HN9G1RdLdwrSwyq/WnHuA4NPWHMdV4+nTNcQLVpf9Yi
Db8oMTGJ0bZ2QALAOHaFVlsJ6rWSn9GfhsAXMW7MB52bun/ssLAeUqQ0wEn6Vg5Y
VpQTPVb3QmH1OHECxsnmB1NFCAL6uY4Mw8h06kuGRqdljPQbXUKLuWhP1i+ttRAe
oMRt//LJzr8=
=4L6y
-----END PGP SIGNATURE-----
ESB-2022.1674 - [RedHat] Red Hat Process Automation Manager 7.12.1: CVSS (Max): 8.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1674
Red Hat Process Automation Manager 7.12.1 security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Process Automation Manager 7.12.1
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22965
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1378
Comment: CVSS (Max): 8.1 CVE-2022-22965 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat Process Automation Manager 7.12.1 security update
Advisory ID: RHSA-2022:1378-01
Product: Red Hat Process Automation Manager
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1378
Issue date: 2022-04-14
CVE Names: CVE-2022-22965
=====================================================================
1. Summary:
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat Process Automation Manager is an open source business process
management suite that combines process management and decision service
management and enables business and IT users to create, manage, validate,
and deploy process applications and decision services.
This asynchronous security patch is an update to Red Hat Process Automation
Manager 7.
Security Fix(es):
* spring-webmvc: spring-framework: RCE via Data Binding on JDK 9+
(CVE-2022-22965)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
A Spring MVC or Spring WebFlux application running on JDK 9 and above may
be vulnerable to remote code execution (RCE) via data binding. The specific
exploit requires the application to run on Tomcat as a WAR deployment.
This release upgrades Spring to 5.3.18 and Spring Boot to 2.6.6 which fixes
the Spring MVC and WebFlux jars.
For on-premise installations, before applying the update, back up your
existing installation, including all applications, configuration files,
databases and database settings, and so on.
It is recommended to halt the server by stopping the JBoss Application
Server process before installing this update; after installing the update,
restart the server by starting the JBoss Application Server process.
The References section of this erratum contains a download link (you must
log in to download the update).
4. Bugs fixed (https://bugzilla.redhat.com/):
2070348 - CVE-2022-22965 spring-framework: RCE via Data Binding on JDK 9+
5. References:
https://access.redhat.com/security/cve/CVE-2022-22965
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/security/vulnerabilities/RHSB-2022-003
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhpam&downloadType=securityPatches&version=7.12.1
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYlidJtzjgjWX9erEAQj9qw//Tpvclr+/j53jkkMoXgsNRkBO7PN0SMLb
66T7YlFnn7dqKxAtpTMGVlVTT7ulN1ANxLwcb6+6GpvKAeYGKJHKgerMag1RL2NJ
/6PAstNRQkbm99XfFdhI30hUu89pX2u3kN5mneH1mzgha73wgAm8t0Z2tAf2uTCk
MfvtTSO7NbBPAjSccPebIOgAULsBHifXop82oF6YWeVJvm1gcrd8fFvq7fSqGDxU
rWa+eheQzxxwrfADv3xQu/Xe8z2t0ImiYpZAdAdeozBEQ+MFZNEafXu1TBwmVbYo
Rg0lL3lK6aYslpaWC48JdVRcoprAgZ6B1nH7D4cfOzl+R7MeCu3ixNQ/lpN3kheB
1RjhSCvRnNunS/7YBri0rFCFTBBVrbq9AnMWvvrwBRZOi1zhn2OW++QEi0XYVLyy
f95wUvdOYs7xFTDOO2DReQC3hiBqn6IbRMLNvrlgRc21pMPxIJz6Fr6N8qtDZ7O1
WlOg0lstGeGGradAZWiNhYfMsdSVBw0BDtgTvm6i2KAOBHNuxgN5/6GYGHUJyUuf
mccTr9QwSAaLOMDI5WkPe/CvEBVfrJ5KE/vVLy129V737nWYbWcnAJFAPj6iI/xN
0BiHJ87LKW4wl/eVTit/+KBewAFC8XOe/4GtEFYNhj1Dagl5UysFS4WfFNJid7i2
agmYcTpNsDY=
=GOae
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5EkONLKJtyKPYoAQj99hAAiHYykm2FTTzXPE5i7/Xjrd+ZjUwkCND4
ebqY1/20zCa0rouhAEoDvbo/UhM6dHgpy6C2gu36LliQcQeIdt3Zf/G2M3YC7jJx
rvy2vFiiSSCZZ2PaXufWI+4MCTiE1B5KqlfI9kqZPPsCSvTX2Q2hIOE8lvhtR0oa
fHtuGbSeuw/wWuxiZvHJbR5nF0RuObbFa4f3Qs4s7Fkgr2XFPWshfYQsXWuI2pvF
WU4s3vWdSAJE5Cd9hutSL8aexMf/ndXZECMDLw6NnJIUge6AyTowKmFVb5cLr8Uh
jnysR+4p4xWH4IEqa+B3DjPjlrBBYST3XoGFVTQMJhrtEX4kfC/8GjSX/qxzcGta
1kO83f8KTKe7moZQlo5Lt0Vo10SVA6caK6BmUSPXKIbs+lGEmiC4qcp8+WDUiW9p
3qeXC+DCAFx35ntV0TPtPJu1ruDTS7jULzuacA3sgja4jEPh5ZwgNF59Cht3mE2H
zoRpfH5VIGnVt/6g+SiMaMOZZ+A59BEqvyeOJFTBbW0ybbn5EhUO4mraqe+NPExX
wtBiiqR2IZnT4C8spVhZM/Xv31Vmwm9EsDfW5rKgmjABVDyPBSaLpnePZR1b859Y
fynFOxKGO9brOiQ3dlPIC45+6pFQCOTeAO6qkK6xpqHn2Oo3QO1kzAXPKu3bDoqx
5WmogMzoiPs=
=44Uq
-----END PGP SIGNATURE-----
ESB-2022.1673 - [RedHat] Red Hat OpenShift Data Foundation 4.10.0: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1673
Red Hat OpenShift Data Foundation 4.10.0 enhancement,
security & bug fix update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat OpenShift Data Foundation 4.10.0
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2021-44717 CVE-2021-44716 CVE-2021-43565
CVE-2021-36221 CVE-2021-34558 CVE-2021-29923
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:1372
Comment: CVSS (Max): 7.5 CVE-2021-44716 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update
Advisory ID: RHSA-2022:1372-01
Product: RHODF
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1372
Issue date: 2022-04-13
CVE Names: CVE-2021-29923 CVE-2021-34558 CVE-2021-36221
CVE-2021-43565 CVE-2021-44716 CVE-2021-44717
=====================================================================
1. Summary:
Updated images that include numerous enhancements, security, and bug fixes
are now available for Red Hat OpenShift Data Foundation 4.10.0 on Red Hat
Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Data Foundation is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Data Foundation is a highly scalable, production-grade persistent
storage for stateful applications running in the Red Hat OpenShift
Container Platform. In addition to persistent storage, Red Hat OpenShift
Data Foundation provisions a multicloud data management service with an S3
compatible API.
Security Fix(es):
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
* golang: net/http: limit growth of header canonicalization cache
(CVE-2021-44716)
* golang: net/http/httputil: panic due to racy read of persistConn after
handler panic (CVE-2021-36221)
* golang: net: incorrect parsing of extraneous zero characters at the
beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to
panic (CVE-2021-34558)
Bug Fix(es):
These updated packages include numerous enhancements and bug fixes. Space
precludes documenting all of these changes in this advisory. Users are
directed to the Red Hat OpenShift Data Foundation Release Notes for
information on the most significant of these changes:
https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.10/html/4.10_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these
updated packages, which provide numerous bug fixes and enhancements.
or more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information refer to the CVE
page(s) listed in the References section.
3. Solution:
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
1898988 - [RFE] OCS CephFS External Mode Multi-tenancy. Add cephfs subvolumegroup and path= caps per cluster.
1954708 - [GSS][RFE] Restrict Noobaa from creating public endpoints for Azure Private Cluster
1956418 - [GSS][RFE] Automatic space reclaimation for RBD
1970123 - [GSS] [Azure] NooBaa insecure StorageAccount does not allow for TLS 1.2
1972190 - Attempt to remove pv-pool based noobaa-default-backing-store fails and makes this pool stuck in Rejected state
1974344 - critical ClusterObjectStoreState alert firing after installation of arbiter storage cluster, likely because ceph object user for cephobjectstore fails to be created, when storagecluster is reinstalled
1981341 - Changing a namespacestore's targetBucket field doesn't check whether the target bucket actually exists
1981694 - Restrict Noobaa from creating public endpoints for IBM ROKS Private cluster
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1991462 - helper pod runs with root privileges during Must-gather collection(affects ODF Managed Services)
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic
1996830 - OCS external mode should allow specifying names for all Ceph auth principals
1996833 - ceph-external-cluster-details-exporter.py should have a read-only mode
1999689 - Integrate upgrade testing from ocs-ci to the acceptance job for final builds before important milestones
1999952 - Automate the creation of cephobjectstoreuser for obc metrics collector
2003532 - [Tracker for RHEL BZ #2008825] Node upgrade failed due to "expected target osImageURL" MCD error
2005801 - [KMS] Tenant config does not override backendpath if the key is specified in UPPER_CASE
2005919 - [DR] [Tracker for BZ #2008587] when Relocate action is performed and the Application is deleted completely rbd image is not getting deleted on secondary site
2021313 - [GSS] Cannot delete pool
2022424 - System capacity card shows infinity % as used capacity.
2022693 - [RFE] ODF health should reflect the health of Ceph + NooBaa
2024107 - Retrieval of cached objects with `s3 sync` after change in object size in underlying storage results in an InvalidRange error
2024545 - Overprovision Level Policy Control doesn't support custom storageclass
2026007 - Use ceph 'osd safe-to-destroy' feature in OSD purge job
2027666 - [DR] CephBlockPool resources reports wrong mirroringStatus
2027826 - OSD Removal template needs to expose option to force remove the OSD
2028559 - OBC stuck on pending post node failure recovery
2029413 - [DR] Dummy image size is same as the size of image for which it was created
2030602 - MCG not reporting standardized metric correctly for usage
2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic
2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error
2030839 - Concecutive dashes in OBC name
2031023 - "dbStorageClassName" goes missing in storage cluster yaml for mcg standalone mode
2031705 - [GSS] OBC is not visible by admin of a Project on Console
2032404 - After a node restart, the RGW pod is stuck in a CrashLoopBackOff state
2032412 - [DR] After Failback and PVC deletion the rbd images are left in trash
2032656 - Rook not recovering when deleting osd deployment with kms encryption
2032969 - No RBD mirroring daemon down alert when daemon is down
2032984 - After creating a new SC it redirects to 404 error page instead of the "StorageSystems" page
2033251 - Fix ODF 4.9 compatibility with OCP 4.10
2034003 - NooBaa endpoint pod Terminated before new one comes in Running state after editing the configmap
2034805 - upgrade not started for ODF 4.10
2034904 - OCS operator version differ in CLI commands.
2035774 - Must Gather, Ceph files do not exist on MG directory
2035995 - [GSS] odf-operator-controller-manager is in CLBO with OOM kill while upgrading OCS-4.8 to ODF-4.9
2036018 - ROOK_CSI_* overrides missing from the CSV in 4.10
2036211 - [GSS] noobaa-endpoint becomes CrashLoopBackOff when uploading metrics data to bucket
2037279 - [Azure] OSDs go into CLBO state while mounting an RBD PVC
2037318 - Helper Pod doesn't come up for MCG only must-gather
2037497 - Concecutive dashes in OBC name
2038884 - noobaa-operator is stuck in a CrashLoopBackOff (r.OBC is nil, invalid memory address or nil pointer dereference)
2039240 - [KMS] Deployment of ODF cluster fails when cluster wide encryption is enabled using service account for KMS auth
2040682 - [GSS] Complete multipart upload operation fails with error ' Cannot read property 'sort' of undefined'
2041507 - Missing add modal for action "add capacity" in UI .
2042866 - must gather does not collect the yaml or describe output of the subscription
2043017 - "CSI Addons" operator is not hidden in OperatorHub and Installed Operators page
2043028 - the CSI-Addons sidecar is not automatically deployed, requires enabling in Rook ConfigMap
2043406 - ReclaimSpaceJob status showing "reclaimedSpace" value as "0"
2043513 - [Tracker for Ceph BZ 2044836] mon is in CLBO after upgrading to 4.10-113
2044447 - ODF 4.9 deployment fails when deployed using the ODF managed service deployer (ocs-osd-deployer)
2044823 - Update CSI sidecars to the latest release for 4.10
2045084 - [SNO] controller-manager state is CreateContainerError
2046186 - A TODO text block in the API browser
2046254 - Topolvm-controller is failing to pull image
2046677 - Reclaimspacecronjob is not created after adding the annotation reclaimspace.csiaddons.openshift.io/schedule in PVC
2046766 - [IBM Z]: csi-rbdplugin pods failed to come up due to ImagePullBackOff from the "csiaddons" registry
2046887 - use KMS_PROVIDER name for IBM key protect service as "ibmkeyprotect"
2047162 - ReclaimSpaceJob failing, fstrim is executed on a non-existing mountpoint/directory
2047201 - Add HPCS secret name to Ceph and NooBaa CR
2047562 - CSI Sidecar containers do not start
2047565 - PVC snapshot creation is not successful
2047625 - Dockerfile changes for topolvm
2047632 - mcg-operator failed to install on 4.10.0-126
2047642 - Replace alpine/openssl image in the downstream build
2048107 - vgmanager cannot list block devices on the node
2048370 - CSI-Addons controller makes node reclaimspace request even when the PVC is not mounted to any pod.
2048458 - python exporter script 'ceph-external-cluster-details-exporter.py' error cap mon does not match on ODF 4.10
2049029 - MCG admission control webhooks don't work
2049075 - openshift-storage namespace is stuck in terminating state during uninstall due to remaining csi-addons resources
2049081 - ReclaimSpaceJob is failing for RBD RWX PVC
2049424 - ODF Provider/Consumer mode - backport for missing content
2049509 - ocs operator stuck on CrashLoopBackOff while installing with KMS
2049718 - provider/consumer Mode: rook-ceph-csi-config configmap needs to be updated with the relevant subvolumegroup information
2049727 - [DR] Mirror Peer stuck in ExchangingSecret State
2049771 - We can see 2 ODF Multicluster Orchestrator operators in operator hub page
2049790 - Add error handling for GetCurrentStorageClusterRef
2050056 - [GSS][KMS] Tenant configmap does not override vault namespace
2050142 - [DR] MCO operator is setting s3region as empty inside s3storeprofiles
2050402 - Ramen doesn't generate correct VRG spec in sync mode
2050483 - [DR]post creating MirrorPeer, the ramen config map had invalid values
2051249 - [GSS]noobaa-db-pg-0 Pod stuck CrashLoopBackOff state
2051406 - Need commit hash in package json and logs
2051599 - Use AAD while unwrapping the KEY from HPCS/Key Protect KMS
2051913 - [KMS] Skip SC creation for vault SA based kms encryption
2052027 - cephfs: rados omap leak after deletesnapshot
2052438 - [KMS] Storagecluster is in progressing state due to failed RGW deployment when using cluster wide encryption with kubernetes auth method
2052937 - [KMS] Auto-detection of KV version fails when using Vault namespaces
2052996 - ODF deployment fails using RHCS in external mode due to cephobjectstoreuser
2053156 - Avoid worldwide permission mode setting at time of nodestage of CephFS share
2053517 - [DR] Applications are not getting DR protected
2054147 - Provider/Consumer: Provider API server crashloopbackoff
2054755 - Update storagecluster API in the odf-operator
2061251 - [GSS]Object Upload failed with Unhandled exception when not using parameter "UseChunkEncoding = false" in s3 client in ODF 4.9
5. References:
https://access.redhat.com/security/cve/CVE-2021-29923
https://access.redhat.com/security/cve/CVE-2021-34558
https://access.redhat.com/security/cve/CVE-2021-36221
https://access.redhat.com/security/cve/CVE-2021-43565
https://access.redhat.com/security/cve/CVE-2021-44716
https://access.redhat.com/security/cve/CVE-2021-44717
https://access.redhat.com/security/updates/classification/#important
6. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYlf0YdzjgjWX9erEAQiBfQ/9GAtNJ4oagyNDaHfbMaeGA/GCeiBiweH9
E3FYVd8Vedz6uxuL02Vm0yY6jlr7QWJADRExIEcRLZ63ctR4hdwzCs2EIWICEuSv
2Wl4MtVXTOe8b95UTNL8frkvTNoijGqAIN7NMpMenPeSJBM38Lwt/gAoYt4//CpK
afZmyfFTkGkoEGZ3hKvZpX2rQ/5zr1kAMErPZW71wctVcNAnv85DnThQQ+qy2UzI
xyBwU3gGUtTLzy7TRgauMbu8/y6JvRCsuoaeBUU4bLJIOL5ES851OpDP+nzGvx+H
M2yXB6ATHJ4YdqBM4wBCzXxApQD+FKFSCZoZMKpr1d1dZXPO0L0CUNFrNFHubLkk
xBLqFpHAEB89R+jZcrum1dBGEVB+Q2vqCRe6Udbjlyy20dS06jhBU8Zf2lt2Vo4u
Nfwpyb7rByXYXf0Bc+TYhXW6oIJSufvGWQp5pBkmlgi5YeV4VnHCEf4GuLbaPwFL
/009HbW6E1D+DTAbqUodpywOUEXeGZnNkSZH6xHazvNw4bXlCv+FlaMiKlrWIWMm
CZc98Enap/x84e0Py1gXNaReZedBBqi79US/zjKF9zr5r+yeat7zPAUduV69JMOh
vs5mXlCNc2JObCxEfYAGsI0LVOQQdaceIkUpUC9Ejq1Ei3ehhan6UxkFk5TJHOrF
TdB2/S/YEtk=
=2Ut5
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5EYONLKJtyKPYoAQgZMxAAqdWwBJkrXocFuY36G8/wb+7idLhdg2ea
RToq3fUbOoiDpsSEL0pCo+vkjnF2FyGkZs1Ouw7TBD4QdmPwua9l7Ob4nyAMWw3j
XETr/0S8uxTad81zhvel1YMWOG4BIKs/EqTpLmlOEVst0kKuxWmRzq2DmO10ufTO
dHclxMU/BVhpCkNOks3OIZoy1+8wSebHMpuNQVDIHwOyurDHq2K28AUjN3cQkXDY
Wl8yWuVInAQ4ItHSZ6mK1hwhTPlJfmEO8jqqgdgYHenCU/QYvsvIRzkdAWygAwES
QX6Rm0bqNRDlpj0SHIbZCkS5PChL5vs8u52ZshM6xI9bMSN7016LWS8kMIYkq5Ga
fIOPA5vwBL7XRreKgz59TBlCXCO/jGmHEFF4JrXoxb2wvOTwM00tSC5SMmuzjeQq
iEPLM7JIujpNZ4a+C+W4EeMyC3Zm/k6Dds6iC08lZn63b+FoLty5i5fxonQ/Nxiw
uUNm7jDSOGomiGlMY9tFQUQKaBdXWw5kBMyeQYN8HlCHYiCP/YTZwfk6v3EHHsns
5bSdzcmJi6eAKjqhQTJd6ctX/wJZGxD5KrcY+Yiz57gs3SA5e/fF+gYC9yC1Tygt
Smu2FcJLGnLAoM/SSDZCI/Bfs9XpeR9SWd9GqTiBd0EasR6dAf4xCgc+Dom0r8bs
+5f5iTAvTqk=
=CZ9J
-----END PGP SIGNATURE-----
ESB-2022.1672 - [Debian] xz-utils: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1672
xz-utils security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xz-utils
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
http://www.debian.org/security/2022/dsa-5123
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5123-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
April 18, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : xz-utils
CVE ID : CVE-2022-1271
Debian Bug : 1009167
cleemy desu wayo reported that incorrect handling of filenames by xzgrep
in xz-utils, the XZ-format compression utilities, can result in
overwrite of arbitrary files or execution of arbitrary code if a file
with a specially crafted filename is processed.
For the oldstable distribution (buster), this problem has been fixed
in version 5.2.4-1+deb10u1.
For the stable distribution (bullseye), this problem has been fixed in
version 5.2.5-2.1~deb11u1.
We recommend that you upgrade your xz-utils packages.
For the detailed security status of xz-utils please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xz-utils
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmJdvZFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QyGA//fxac3GDLmcVJ+PhY069vHhJS+nzMXTI2HfthlEa5mlnM4C6Ld71dYyPA
GJt6Z4FHr5eeOfURM2A36DVdeUjX/iJ5OQiwpCfYy7ZhqLQzv4fAzIt0YjWDM2Bf
Jnn0fA9tdiAO2JWNVQtAHPT9XM5AtFd1/fJrfDp9bmYGEPi2YPMTRd+tuvPw3IFE
YYuqduVWvHGvzgjFrNzL61YK0/irC4+ILpOQaAF8gsZY8Lq8We8/FQlmuweO7qlh
73IXKbunXDSv9NmVNYhQpuoBnLjrRWFRh24bjgRVmBzLb1K3/c5QmD8Od/iZbA8a
8i0XqhwBMTmlCmj3ItbicL06NSzlgJfSAMrDRGEfvWEQuN4J/pzHQYSU+xVz1Rw5
jCofjGUry+my2GynzPpiqQxOzojIxMy4qTQBFSarbMLWxeeGT9XYnvel9efHoPEC
GD8e5pcIX6fuacxHbn+GMquA3p+iRNNvriyhRISHsKT6vwmr4f7qan6beo7g71Yv
3DI6JS2NEPGhtNk3dZe6T6wslpZ8U241bUqznqxEXi7zt89Z7iiwfjYCzh0c41g2
jyA57EpnuV7Ugna5xvPv7oQE3Vw9PVvc++o2jUp6K74p7wwwqSlgveRpqxLR+CYl
1Jc+Ohy9oL88mj0W7x/SCp0zOCI2N+meTVVoJv8Cb9GupT2nAvE=
=k53J
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5D5eNLKJtyKPYoAQhoYg//e1BTkZjkbUzk3UY56vXtqK58aLmMkz25
pjt2lYwW+25i6B9r/vYLEEQvL1Xf3wXc4f7yb3toTb4ORUIxh6V11DlzNIism7FV
bjIgNYZC+Bhngr1Wie5R9fHmwrnvQGSaHZNS0tdyOqscrkHeKIy7pHJQBd9KscHg
deiZzJ0EN9lpJrN2ZRYQwzVtfYkhnq7M1jhbLEMBY2ELkPCuCJnDIGIiQ1E0uci3
43rlBP3+pQ3qYydnECrAD2sfQFbMj33eztSQZc9P2bAA3GMVVi1u7af/KZTsgj3V
7SheOujWGF8Krrw8ok7AjxkdQGohAoOe2NrN1XhE36FmqXXXL/Bg2/cosnL/OQfr
u0Usaq0Z1A8vDXWKhKPN64oVx1tCIOzWCSbyewz24AklIrs61S094Gx4WBFBnoDn
vYNRiIUbzqWVKeuc/siA39pTwyE0z6U+okRKCMG28ttMPNm2aTjAaQqC+3pT72f/
fJBEZa82t7og/EBIbAikbry911UkucmUGG9Z3WGxvaTE3DKqrcsS3qfRakAYSSFm
bWCyynsUGQNcilxbCAdicMbB3yCl+srX0huqk0gqfZnTjBm0FJoQw+tgyJRmExlf
5E93x+OFl+P4+jSekobJndY1Wt56ocngq2DwjVHl/uQlq7hdm6RcVaOO0ApcHvZe
BnVEOn5FFKM=
=ptJL
-----END PGP SIGNATURE-----
ESB-2022.1671 - [Debian] gzip: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1671
gzip security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: gzip
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
http://www.debian.org/security/2022/dsa-5122
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5122-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
April 18, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : gzip
CVE ID : CVE-2022-1271
Debian Bug : 1009168
cleemy desu wayo reported that incorrect handling of filenames by zgrep
in gzip, the GNU compression utilities, can result in overwrite of
arbitrary files or execution of arbitrary code if a file with a
specially crafted filename is processed.
For the oldstable distribution (buster), this problem has been fixed
in version 1.9-3+deb10u1.
For the stable distribution (bullseye), this problem has been fixed in
version 1.10-4+deb11u1.
We recommend that you upgrade your gzip packages.
For the detailed security status of gzip please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/gzip
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmJdvF5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RmRhAAlE52MxX2w/uR6jW070vlG4UkdFbBXh7OIhJrLTelUceZlC+BYxOd7aaM
/mzKlAB3QavBZxZM0Tczr/n9evZ3JUZUwmLMtR1p6zcYU+Ztw9Dd8DruKd2z2h+H
eCRyAW+4/mLEut8FnDvmFyDWQVfu1XcqQIwTmmJe+JbeNM1cHAaVY2jq8AsO5FHH
F/NGgscLdJ+uB54FCDd5TdXQvgdjrgG/8kDgd2bjWtbcIAnv+WDtHksSAQRnFxRX
bwYBzFMojQTGAolmRE79rbXXCLEJuMAoClYZ9EY4mw5fssKfJgsS9oNyNRZ4rhqf
YodxfX1//X3MRx/qAroCUsVHEx3UFYSLal4bt949oixb/alhfUtfeErv215wdGVz
Wjp+krIPGadN/vr63SxDBE3i+N2FwbG7ZAHEJ8hSLJed17mH82yhXfSggadrAtiP
USXL0G6hXbcjc/AGLLodOk1jaRKcnWjf/qbqW7onYplWi+quxpQYXx9D6bvbyDtp
CXPrey+nAmx9FQpzbxrl9xr0H3yakACK5MtpcYIN4BD8X0KOdqolBAjzI1rYbOqJ
9rjfLplAwCU3QtDUEg7RiKmSJvZfGb5fkl8RRMXSLQKBT93G0/MYeX6DgrL37Sf4
Wtw7TKjWzpW5fNpqqv3sbOHz01PddEVsfAdhXtZibL/yrAf7zJI=
=cKoF
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5DyuNLKJtyKPYoAQjcGA/+LakF1U7GitfxqyP+F9iMrBn1aGbxQ62I
PmLzVvTXeIQxMUpAGnPHZ2Xuw9cyqVWlNta7dTjZHWg3guhid6PIanqC1QeNUeU9
jGBzVIEMK0hJ06gWkLxwgYsQzTtLyd4FLXqO1EFDi6FJUt0FSh2WmV0HMBOymgFE
2KGmUPVjPOMqRvDmUI3OWmfApjW/QfZGG8pOIivg+IE1+EuJpvJ3yr3eLJMrzX0f
zR64UbwX+RpVykKudrxS5X4exNf8Cnmgc+BY72e4/cvdiZ0L85EJmQCMTF0vLH1Y
rCU5EPcIfP9SZygZXhA70UUwkECi/zh7/C/Jk7eLYDT1z/Rq9Y7MEBxTF8O/SLc2
6rkoGVqppZtrCASNiQeT96NrI26nDNm/y1EVEXK0FeOb75xoScp432mrdOgajbsH
JpJwrZ+a4OcZCkQkLCd1XvgHjO6g6Og8NMwZEQsTfIm9Xigg8vDPQSma7IrocI8I
dNKQDOM4XJnORHzz/kCNHxqWExHiYyNGRP8JdVnPTb4eg8nVzap2xxSZ0jGsgTZH
1p/QQYG4Zxkdy3RIDz9CHVmTYA//CTKtj9LMtSQKbdQwndtY2ZhuWb/3O6EmkK/D
HJLTXzCkLjCjjV9XUGdcJ12ra1THr2grAD9kNDGOPw0PSItHMstNjV39+DTqNNEe
WylMvtjBgow=
=vtyw
-----END PGP SIGNATURE-----
ESB-2022.1670 - [Debian] chromium: CVSS (Max): None
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1670
chromium security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: chromium
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1364
Original Bulletin:
http://www.debian.org/security/2022/dsa-5121
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5121-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 16, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : chromium
CVE ID : CVE-2022-1364
A security issue was discovered in Chromium, which could result in the
execution of arbitrary code.
For the stable distribution (bullseye), this problem has been fixed in
version 100.0.4896.127-1~deb11u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJbCq0ACgkQEMKTtsN8
Tjaluw/9F+ewXyA7cdv5IC4OcVtTZL/pvxkAMvSvpc1qMyx42efS0/oM2luE9V3x
uaA33nSHZUgQ9MpwADaTNz9+2A/pGS8sYh2oCY9gt+AcV6olSRIpIhiD8MXtN4Fb
ecNQmXbMtkp/001mbuIkuFYmwaylvnoUvoB1fQswjWwItddHy/BQFemUvk48bW+T
E98mhxzd+WA73xGo2SdhkixxAPqNIf1jZidt4xzmkCWTo/o3g2TIjONBqx9hLF+I
1CNX89wx2scdHdfhsIxzWMchYisQWwhe/EqsK0i4K5fs95zp0LJkiogegNkSIIN0
j2sZ8sKsRwEqUtDXpg2mQBSZ/Yic6grEANBJDhgPxoE5m+WA4AsiYpx2ZjewamRa
ZIgxfec2fpfaEsUXVJyXDMFFPBHw/21yGgiF76g37/D2xKu6kO6TM1KkMdhp8Pck
IFWgha4AjapgMFM8DFh0XielM9y3BcgvMUKcwl/LMF5oXx25lDFC1ek7yZM/DiyR
rGc6kN3GFSGXrsok+HyRKlD5+skEYVQuM4Ryup9YpKVcO7gsoQH9csnV3Aodwa6j
t4CYVyOrU3KVqUd4lkYrJ663EuTJV+pm4PmVfwxSUY3Ape9FP/7aKtCJPOqQy4EL
4vNPuxQ+IppPiBzJK0IvhoQYCX2D7f55kuzD4JT/UAvTEoxYOPQ=
=S9Zv
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5DuONLKJtyKPYoAQgDLQ/+JJksd1lm+f1fa9amir2AnYoqrT4qYMZ/
4iqTt7sEwAXyALCrUFfhfavcE5Bboh7IvSOqwWN8hqKJtXvo9wSlqFnFx0vH5Hle
dPWl3Ri7SBhX0le0D5m5SvyhHdBmoCVTUJoC7I6ApjoNYAXQq9zllo7AnBvAJIGk
7UohY0jVuScnTzVLfgphdo8U+vmpyNyBf/B3UD0x8vtU8lZOHrHOWlcmU1DP/Lpl
Jk4cmgA8whvjiZQA3nw3gthsDgf/oF13SdeDNnsMj/lSLXcpwBVHSX30QGWSrkCB
/tguzn756ThUHDir3b+jkBfTtiGToDLQo8Y6VtI6s5FE7zO4VtFMUanndqWvJVk+
jE+MeVWIw8/abeAwJCoNxmDkQzVTpAxXzSnQ8M1Efr41px4YjapSLA0LL/9uoYdp
quKJ7Rle63ygvWpP6o4Ye5oPvfbz3KOA+YAE/JcwOzgm+Nup3lnHPbhuUFOXYL5l
q9Hxn2fUJj/kvUFTX/ZZ7GbGXclngOQqGkHLpgw+kII7Sx51l3suBJnVKYx7svCj
flchAsfI99v0BwHeOsyeilXzQfo/rcGpaI20bkruI4O7pMRmEFrt11KHYTbuOBxU
wzqrfhfPjp8JhQ1VgAvUHc+vaMSvDbOUS0UxmQbbjY9Jb9Lcs3yOxxjALA8VAJf6
2TbyKVjC2/8=
=qPb0
-----END PGP SIGNATURE-----