AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 12 perc 49 másodperc
2022. április 14.

ESB-2022.1444.6 - UPDATE [Cisco] Cisco Products: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1444.6 Vulnerability in Spring Framework Affecting Cisco Products: March 2022 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Endpoint Clients and Client Software Network Management and Provisioning Voice and Unified Communications Devices Routing and Switching - Enterprise and Service Provider Video, Streaming, TelePresence, and Transcoding Devices Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-22965 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 Revision History: April 14 2022: Vendor updated vulnerable products April 13 2022: Updated the products under investigation, vulnerable products, and products confirmed not vulnerable. April 8 2022: Vendor updated vulnerable products and released patch for Cisco CX Cloud Agent Software April 6 2022: Vendor updated vulnerable products April 5 2022: Title update April 5 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Vulnerability in Spring Framework Affecting Cisco Products: March 2022 Priority: Critical Advisory ID: cisco-sa-java-spring-rce-Zx9GUc67 First Published: 2022 April 1 23:45 GMT Last Updated: 2022 April 13 16:54 GMT Version 1.7: Interim Workarounds: No workarounds available CVE Names: CVE-2022-22965 CWEs: CWE-120 CVSS Score: 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X Summary o On March 31, 2022, the following critical vulnerability in the Spring Framework affecting Spring MVC and Spring WebFlux applications running on JDK 9+ was released: CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ For a description of this vulnerability, see VMware Spring Framework Security Vulnerability Report . This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 Affected Products o Cisco is investigating its product line to determine which products may be affected by this vulnerability. As the investigation progresses, Cisco will update this advisory with information about affected products. The Vulnerable Products section will include Cisco bug IDs for each affected product. The bugs will be accessible through the Cisco Bug Search Tool and contain additional platform-specific information, including workarounds (if available) and fixed software releases. Any product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable. Because this is an ongoing investigation, be aware that products that are currently considered not vulnerable may subsequently be considered vulnerable as additional information becomes available. Products Under Investigation The following products are under active investigation to determine whether they are affected by the vulnerability that is described in this advisory. Network Management and Provisioning Cisco Extensible Network Controller (XNC) Cisco Network Change and Configuration Management Cisco Nexus Dashboard Data Broker, formerly Cisco Nexus Data Broker Cisco Nexus Dashboard, formerly Cisco Application Services Engine Routing and Switching - Enterprise and Service Provider Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) Cisco Network Convergence System 2000 Series Cisco ONS 15454 Series Multiservice Provisioning Platforms Wireless Cisco Ultra Cloud Core - Session Management Function Cisco Cloud Hosted Services Cisco IoT Control Center Cisco Umbrella Vulnerable Products Cisco is investigating its product line to determine which products may be affected by this vulnerability. This section will be updated as information is available. The following table lists Cisco products that are affected by the vulnerability that is described in this advisory. If a future release date is indicated for software, the date provided represents an estimate based on all information known to Cisco as of the Last Updated date at the top of the advisory. Availability dates are subject to change based on a number of factors, including satisfactory testing results and delivery of other priority features and fixes. If no version or date is listed for an affected component (indicated by a blank field and/or an advisory designation of Interim), Cisco is continuing to evaluate the fix and will update the advisory as additional information becomes available. After the advisory is marked Final, customers should refer to the associated Cisco bug(s) for further details. Product Cisco Bug Fixed Release ID Availability Endpoint Clients and Client Software Cisco CX Cloud Agent Software CSCwb41735 2.1.0 (20 Apr 2022) Network Management and Provisioning Cisco Automated Subsea Tuning CSCwb43658 2.1.0 (31 May 2022) Cisco Crosswork Network Controller CSCwb43703 3.0.2 (29 Apr 2022) 2.0.2 (29 Apr 2022) Cisco Crosswork Optimization Engine CSCwb43709 3.1.1 (1 May 2022) 2.1.1 (1 May 2022) Cisco Crosswork Zero Touch Provisioning CSCwb43706 3.0.2 (29 Apr 2022) (ZTP) 2.0.2 (20 Apr 2022) Cisco Evolved Programmable Network 6.0.1.1 (29 Apr 2022) Manager CSCwb43643 5.1.4.1 (29 Apr 2022) 5.0.2.3 (29 Apr 2022) Cisco Managed Services Accelerator (MSX) CSCwb43667 Cisco Optical Network Planner CSCwb43691 5.0 (30 Aug 2022) 7.5.2.1 (19 Apr 2022) Cisco WAN Automation Engine (WAE) Live CSCwb43708 7.4.0.2 (25 Apr 2022) 7.3.0.3 (29 Apr 2022) 7.5.2.1 (19 Apr 2022) Cisco WAN Automation Engine (WAE) CSCwb43708 7.4.0.2 (25 Apr 2022) 7.3.0.3 (29 Apr 2022) Data Center Network Manager (DCNM) CSCwb43637 12.1.1 (30 Jun 2022) Nexus Dashboard Fabric Controller (NDFC) CSCwb43637 12.1.1 (30 Jun 2022) Routing and Switching - Enterprise and Service Provider Cisco DNA Center CSCwb43648 Cisco Optical Network Controller CSCwb43692 2.0 (31 May 2022) Cisco Software-Defined AVC (SD-AVC) CSCwb43727 Voice and Unified Communications Devices 12.0 (30 May 2022) Cisco Enterprise Chat and Email CSCwb45202 12.5 (30 May 2022) 12.6 ES2 (15 May 2022) Video, Streaming, TelePresence, and Transcoding Devices 3.5.0 (30 Apr 2022) Cisco Meeting Server CSCwb43662 3.4.2 (31 May 2022) 3.3.3 (17 Jun 2022) Products Confirmed Not Vulnerable Cisco is investigating its product line to determine which products may be affected by this vulnerability. This section will be updated as information becomes available. Any product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable. Because this is an ongoing investigation, be aware that products that are currently considered not vulnerable may subsequently be considered vulnerable as additional information becomes available. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Cable Devices Cisco Continuous Deployment and Automation Framework Cisco Prime Cable Provisioning Collaboration and Social Media Cisco SocialMiner Cisco Webex Meetings Server Network Application, Service, and Acceleration Cisco Wide Area Application Services (WAAS) Network and Content Security Devices Cisco Adaptive Security Appliance (ASA) Software Cisco Firepower Device Manager (FDM) Cisco Firepower Management Center (FMC) Cisco Firepower System Software Cisco Identity Services Engine (ISE) Cisco Secure Email Gateway, formerly Email Security Appliance (ESA) Cisco Secure Email and Web Manager, formerly Cisco Content Security Management Appliance (SMA) Cisco Secure Network Analytics, formerly Cisco Stealthwatch Cisco Security Manager Network Management and Provisioning Cisco Business Process Automation Cisco CloudCenter Action Orchestrator Cisco CloudCenter Cost Optimizer Cisco CloudCenter Suite Admin Cisco CloudCenter Workload Manager Cisco CloudCenter Cisco Collaboration Audit and Assessments Cisco Common Services Platform Collector (CSPC) Cisco Connected Mobile Experiences Cisco Connected Pharma Cisco Crosswork Change Automation Cisco Crosswork Data Gateway Cisco Crosswork Network Automation Cisco Crosswork Situation Manager Cisco DNA Assurance Cisco Elastic Services Controller (ESC) Cisco Intelligent Node (iNode) Manager Cisco IoT Field Network Director, formerly Cisco Connected Grid Network Management System Cisco NCS 2000 Shelf Virtualization Orchestrator (SVO) Cisco Network Insights for Data Center Cisco Nexus Dashboard Cisco Nexus Insights Cisco Policy Suite for Mobile Cisco Policy Suite Cisco Prime Performance Manager Cisco Smart PHY Cisco ThousandEyes Endpoint Agent Cisco ThousandEyes Enterprise Agent Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM Routing and Switching - Enterprise and Service Provider Cisco ACI HTML5 vCenter Plug-in Cisco ASR 5000 Series Routers Cisco Enterprise NFV Infrastructure Software (NFVIS) Cisco GGSN Gateway GPRS Support Node Cisco IOx Fog Director Cisco IP Services Gateway (IPSG) Cisco MME Mobility Management Entity Cisco Mobility Unified Reporting and Analytics System Cisco PDSN/HA Packet Data Serving Node and Home Agent Cisco PGW Packet Data Network Gateway Cisco SD-WAN vManage Cisco System Architecture Evolution Gateway (SAEGW) Cisco Ultra Packet Core Cisco Ultra Services Platform Ultra Cloud Core - Redundancy Configuration Manager Routing and Switching - Small Business Cisco Business Dashboard Unified Computing Cisco HyperFlex Voice and Unified Communications Devices Cisco BroadWorks Cisco Cloud Connect Cisco Emergency Responder Cisco Unified Attendant Console Advanced Cisco Unified Attendant Console Business Edition Cisco Unified Attendant Console Department Edition Cisco Unified Attendant Console Enterprise Edition Cisco Unified Attendant Console Premium Edition Cisco Unified Communications Manager IM & Presence Service Cisco Unified Communications Manager Session Management Edition Cisco Unified Communications Manager Cisco Unified Contact Center Express Cisco Unified Customer Voice Portal Cisco Unified Intelligence Center Cisco Unity Connection Cisco Virtualized Voice Browser Video, Streaming, TelePresence, and Transcoding Devices Cisco Expressway Series Cisco TelePresence Integrator C Series Cisco TelePresence MX Series Cisco TelePresence Management Suite Provisioning Extensions Cisco TelePresence Management Suite Cisco TelePresence Precision Cameras Cisco TelePresence Profile Series Cisco TelePresence SX Series Cisco TelePresence System EX Series Cisco TelePresence Video Communication Server (VCS) Cisco Touch Cisco Video Surveillance Operations Manager Cisco Vision Dynamic Signage Director Cisco Webex Board Series Cisco Webex Desk Series Cisco Webex Room Navigator Cisco Webex Room Series Wireless Cisco Ultra Cloud Core - Access and Mobility Management Function Cisco Ultra Cloud Core - Network Repository Function Cisco Ultra Cloud Core - Policy Control Function Cisco Ultra Cloud Core - Redundancy Configuration Manager Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure Cisco Cloud Hosted Services Cisco BroadCloud Cisco Industrial Asset Vision Cisco IoT Operations Dashboard (IOTOC) Cisco Kinetic for Cities Cisco Registered Envelope Service Cisco Smart Collector - Lifecycle Management Cisco Unified Communications Manager Cloud Cisco Webex Cloud-Connected UC (CCUC) Workarounds o Any workarounds will be documented in the product-specific Cisco bugs, which are identified in the Vulnerable Products section of this advisory. Fixed Software o For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products section of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. Source o This vulnerability was publicly disclosed by VMware on March 31, 2022. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Action Links for This Advisory o Snort Rule 30790 Snort Rule 30791 Snort Rule 30792 Snort Rule 30793 Snort Rule 59416 URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 Revision History o +---------+----------------------------+----------+---------+-------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.7 | investigation, vulnerable | Affected | Interim | 2022-APR-13 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.6 | investigation, vulnerable | Affected | Interim | 2022-APR-12 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.5 | investigation, vulnerable | Affected | Interim | 2022-APR-11 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.4 | investigation, vulnerable | Affected | Interim | 2022-APR-07 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.3 | investigation, vulnerable | Affected | Interim | 2022-APR-06 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.2 | investigation, vulnerable | Affected | Interim | 2022-APR-05 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | | Updated the products under | | | | | 1.1 | investigation, vulnerable | Affected | Interim | 2022-APR-04 | | | products, and products | Products | | | | | confirmed not vulnerable. | | | | +---------+----------------------------+----------+---------+-------------+ | 1.0 | Initial public release. | - | Interim | 2022-APR-01 | +---------+----------------------------+----------+---------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldxTuNLKJtyKPYoAQhgqRAArZvkAPWlvsQWlTeGllpPXb5/5Mzu0xRp onZvp58LF4pMdftctVZeBRLlsEmUuD3/hROSdA7bz4Yv6/P3Tk5eDwkldKuObp+X V6XOdjvu2gJQpSFbym+FzUkDpMxhVVW8FswldwDo6IZA4llKc4Fxwfls8aEA3dn8 zBCi7X6EXQPRzhCm+8Q0UnlnUdEDzsZD46fOOPkRnsbEXNJ/uGaR+eE67dyzgVow YWHEajF/iCLR6WbmK8T60stT4slycLRanfKbq3xiQM64UXJz83hDp/pJ0X8Q/Fgs otU/QfzBpfji6Wfzpdk2bdExd0xC0KSMBJdKD9JgRP6WSvjHHa1G42waa2Ws9+Z6 29NHbjMb9PPwULth3paUJrN8506UhIyH6mUj03iG7OT9r6NoCgkFhZeIedGVCwMM SyMve7dcLnQL1LfI9F4Z/aw1aBAsAKtjWs5FREf7X4dfiuEXm+xDxOiOGlSrGiac DsVSgDkYv89Gc4u7eUysFX/8YbeDIgErn0LstPX0mjO2oK3bCAqkMxZCtJUhIVHp PWMg8h8L9r8MJ3ybK7Y6a4pM3r2q0IbzizWuVxd8rrXHGwCjOhe/XoepuufEdc4Y 5Ai/GkQNczPKHXABpsGsYAHNQ5piYC3REIsrdRrBCrd8f5uNRuyNI2VqL1bbxEjY 2U+D/Uihj+o= =euUH -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1633 - [Ubuntu] Gzip: CVSS (Max): 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1633 USN-5378-4: Gzip vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Gzip Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1271 Original Bulletin: https://ubuntu.com/security/notices/USN-5378-4 Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5378-4: Gzip vulnerability 13 April 2022 Gzip could be made to overwrite arbitrary files. Releases o Ubuntu 16.04 ESM o Ubuntu 14.04 ESM Packages o gzip - GNU compression utilities Details USN-5378-1 fixed a vulnerability in Gzip. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o gzip - 1.6-4ubuntu1+esm1 Available with UA Infra or UA Desktop Ubuntu 14.04 o gzip - 1.6-3ubuntu1+esm1 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2022-1271 Related notices o USN-5378-1 : gzip, gzip-win32 o USN-5378-2 : xzdec, liblzma5, liblzma-doc, liblzma-dev, xz-utils o USN-5378-3 : xzdec, liblzma5, liblzma-doc, liblzma-dev, xz-utils - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjT+NLKJtyKPYoAQhXcg//baFirTHeN5TwbS+vAKIxs7nywk0JXKgc Ed34LJadYHFWslSy5U+l+F3dQhy2e9+sadFAzigGKDYZH/c2fftGLCIdTBLSgPuv /YTbs2vlwB7o+3SrGISRvLj4rXo2ZuIOfzU55SQjV47UohD7r05tHRwMk4fcebxP vNvZ0/apFa8ILFaIhVxVmegRprNAIfkO2kBxRFnyQby1NGVBQXWaxO8WIw4P6i8B 7x7VVGWMmPKTinbWZ4woiB/+kAjTRJOStsKDWOhajZQzqegt++8UfyBdyHWBvaeZ KOLZ9d5EFC6NBAH9XDZCAIXGNvaESxUiFTy6s+/bpZOHolZrMwgOuWJYBc0hz9Ud 7A9p8C2jNMlYPsRBSpzXFKNO+UTI4agzabGauMu7ngWI7XJnsf4wYVkqlBJPd94F JZPOKlLhKoSEA0rdsB7Q7gnamIGWZc2viDZ4rjlrIHk7bfzI0lqNOnPRfJ8n/n66 ij/TMbjb+XieQy0wyiwZqJS1pooryAYZ5HZ+3llPzKiXAO1dgtHNpmD2xNzMVtTr 2rho3OVXEfwP/IL/5+OnXIW4nkYxKf51GTfrcVIBEquy95IbMLKf282R9C5Eoz3G 6GCAaBVISt/sddn5T1CWxZWrA7T/7SDuZxZvV+BOhQXQ8k9aNoI78utAYsRYXEDJ MOOfGhYggho= =zOu0 -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1632 - [Ubuntu] XZ Utils: CVSS (Max): 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1632 USN-5378-3: XZ Utils vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: XZ Utils Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1271 Original Bulletin: https://ubuntu.com/security/notices/USN-5378-3 Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5378-3: XZ Utils vulnerability 13 April 2022 XZ Utils could be made to overwrite arbitrary files. Releases o Ubuntu 16.04 ESM o Ubuntu 14.04 ESM Packages o xz-utils - XZ-format compression utilities Details USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o xz-utils - 5.1.1alpha+20120614-2ubuntu2.16.04.1+esm1 Available with UA Infra or UA Desktop Ubuntu 14.04 o xz-utils - 5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2022-1271 Related notices o USN-5378-1 : gzip, gzip-win32 o USN-5378-2 : xz-utils, liblzma5, liblzma-doc, liblzma-dev, xzdec o USN-5378-4 : gzip - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjRONLKJtyKPYoAQieQg/6ArAGFwKs9xoCgPVwyIcolHbFKMEFX5Bo vCFlUV2pgt9ukNkZeMDhqaxh8/e9a2Cz1taLqkxZ1SOhWj2AYEuBc2NOAXinNSFx 1ocyBeaUDlKuRyPS39N77LwcfWfMFHOA6fNUBRjP/m/JoLo9uIEtbcUZhbVe0QDw zD5COKhdu4uQZTCMxj96gLGq+50Xl3D6eqXhL3nnXW0dPbnpq/UnqU9wyUxa0qj6 LiKnrSJEU6wALLymh0Wg5l/6ekRAoCq8gO6UAck165S2yTq9zNt2cRJeFczcIlme nWn/9gEapoABDErgbXi8zTQc1gTzhjDPRYWDpKwb73fWDpvj3EXO02Po1Rb5fPHS xf6V3AZKv/FW37QOqb1ABTXwEI1IHVBceWioVqRym0PyztwzWBYWCqubgzpgzp2c yZjQfCRikHfZe+8s0NtbalECjEk3FewzMadhgHeL3in04s4v43BIdcSaFfLGdhNL t2rtDHzq9KROQaJSqLixxWIkNsCfhCLhft7lHeKMRpNizzFKJK9k5qKplVAK+WXp 1TccIoaKliT2StPVSJhB+4+HEa5Up6dLFIE2cLnxtmrBxo4Gwqp6u7gbx1r+Hr/e mGPWymJtxM4978r564ov9vPF2KsKBdbFxMKzVgag86OrqLmXqOdcTX0NC8HgTiH2 Y7pq6gFcLp0= =L7Qo -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1631 - [Ubuntu] XZ Utils: CVSS (Max): 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1631 USN-5378-2: XZ Utils vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: XZ Utils Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1271 Original Bulletin: https://ubuntu.com/security/notices/USN-5378-2 Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5378-2: XZ Utils vulnerability 13 April 2022 XZ Utils could be made to overwrite arbitrary files. Releases o Ubuntu 21.10 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o xz-utils - XZ-format compression utilities Details Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10 o xz-utils - 5.2.5-2ubuntu0.1 Ubuntu 20.04 o xz-utils - 5.2.4-1ubuntu1.1 Ubuntu 18.04 o xz-utils - 5.2.2-1.3ubuntu0.1 In general, a standard system update will make all the necessary changes. References o CVE-2022-1271 Related notices o USN-5378-1 : gzip-win32, gzip o USN-5378-3 : xz-utils, xzdec, liblzma-dev, liblzma-doc, liblzma5 o USN-5378-4 : gzip - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjOuNLKJtyKPYoAQgelQ//RFYahLuxE6+T5/TzMZSeIMssmPE12Lpt XErtDIe8Yb1dqAY8tkE6po8muOdW+C2gpG2CiZOVYdXXi82kmbwzjfaXszb7bF3n KJCX58Ft1Z5PeN8e8SWVrRdpk7XyI2ydi31eL5sb+WA2r3RaCtcOMRZa+7pV6aA2 e4ioBAy6DqM3OrdwmaygFL8hEP1dO9iC+qkFfkBplpx+UN+1cpwj3vRBDwXwY7EL sAEBiK2i80giF/D+vfx7bF/de1y4aHp5CpWFM4FihWxQTjThuRlq+irl+wGS3XFf V6x6FILhKo+jaHkjfyxaOXxQyD9be0nGQD0ktIFA5frPVSCopfZC3/ULX3D83X2B qU1QsmvuFvANWgIIY+EqgNVYA8Xm2n7CbfBylP3iJtGqzTQjs4liSflfPrJd+Iwm RvRi6V04B7HL8QB+JRWdY2QeT90spOXocbuBE3bhprDfUpQZNGCFjAHUOwrKJgbK SCGm8WWk6NyYl3mB0HcO1t97j/JQHRwG1JcpZlX48E+YVpPHvCzS1jsxyA/PjgfW x13SkwqOlH2KGImHaTqhswZjsjtN5LN0hVm5m35LwGzYXM+S6ccszwBhO4dhZO2W 6/Fxj10NlH8cyB3YbP0eL7VTTU22bP6aqqjv0qdskypGluOkFclYSLuzz6APEsHl EjkpDReeJtI= =3UwC -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1630 - [Ubuntu] Gzip: CVSS (Max): 7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1630 USN-5378-1: Gzip vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Gzip Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1271 Original Bulletin: https://ubuntu.com/security/notices/USN-5378-1 Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5378-1: Gzip vulnerability 13 April 2022 Gzip could be made to overwrite arbitrary files. Releases o Ubuntu 21.10 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o gzip - GNU compression utilities Details Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10 o gzip - 1.10-4ubuntu1.1 Ubuntu 20.04 o gzip - 1.10-0ubuntu4.1 Ubuntu 18.04 o gzip - 1.6-5ubuntu1.2 In general, a standard system update will make all the necessary changes. References o CVE-2022-1271 Related notices o USN-5378-2 : xz-utils, liblzma-dev, liblzma5, liblzma-doc, xzdec o USN-5378-3 : xz-utils, liblzma-dev, liblzma5, liblzma-doc, xzdec o USN-5378-4 : gzip - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjLuNLKJtyKPYoAQgpNRAAkRKdKGwFTBoalxOAZMIvzd79HDRnA0PH k6wx4GjVDzfT2bjV6i4nf9cudfXu3W7Xxcxr3RShPV7KlO1Yl3I5Bucl5AOvfRWF 4PJeeYcFFY/kvscTqnGhcavoATbyBww5qFREca2yPsJVvgO5amrePv92iqN5tE01 5P9KUoUA9NFXRt6UOyxXexivLsK/RbCbv1n54ZevFZbRAIqnmTeP9ZZDR6lvyph7 4Lixfg4CETPym1bP9Jpf5Y4xpOIoYJNVZ3Ewu6l+ALrcdHlSgZsKlCeGSvHDhfhG CUMlsU5LitnH5b4zWgX8Y8K1Z7yPwBhWS/kr6LdMutsTQyk1o1TL69gWBpB3OWPM qaWepNftY+edOl5+eIeFSEYy0YqP3dwIvWDw1XVf8vFMLbh6+X8AQmy4tr0QBzcd rnQbrUHitnzXQd1QKXu3JrMogB4RHL9/vP29hlV5Y9QnoNMEEVtft5oE3IdYTeLf DFh0E4mcYpwIVMVZnsCuwuOxzdBNGAFvGhZ7dxv5iyFJhD5yzSmmxqUxvqhhMYcG KYsICMZp+TNJclBca8+4AuZA4k5eGW3HUf3wJFtAUyoZxf51IX3Up0ykbdadiDXi W11qw/oSO6/Wd3cs5F5XPS8/iSrAPy/E41cVj4VWzh+Klj6tNDb4h0fzAT30V9as izt9KVoCCAI= =vjQj -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1629 - [Ubuntu] Linux Kernel (BlueField): CVSS (Max): 8.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1629 USN-5377-1: Linux kernel (BlueField) vulnerabilities 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel (BlueField) Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-27666 CVE-2022-1055 CVE-2022-0492 CVE-2022-0435 CVE-2021-45480 CVE-2021-45469 CVE-2021-45095 CVE-2021-44733 CVE-2021-43976 CVE-2021-28715 CVE-2021-28714 CVE-2021-28713 CVE-2021-28712 CVE-2021-28711 CVE-2021-4135 Original Bulletin: https://ubuntu.com/security/notices/USN-5377-1 Comment: CVSS (Max): 8.8 CVE-2022-0435 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5377-1: Linux kernel (BlueField) vulnerabilities 13 April 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 20.04 LTS Packages o linux-bluefield - Linux kernel for NVIDIA BlueField platforms Details It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-1055 ) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. ( CVE-2022-0492 ) Jurgen Gross discovered that the Xen subsystem within the Linux kernel did not adequately limit the number of events driver domains (unprivileged PV backends) could send to other guest VMs. An attacker in a driver domain could use this to cause a denial of service in other guest VMs. ( CVE-2021-28711 , CVE-2021-28712 , CVE-2021-28713 ) Jurgen Gross discovered that the Xen network backend driver in the Linux kernel did not adequately limit the amount of queued packets when a guest did not process them. An attacker in a guest VM can use this to cause a denial of service (excessive kernel memory consumption) in the network backend domain. ( CVE-2021-28714 , CVE-2021-28715 ) It was discovered that the simulated networking device driver for the Linux kernel did not properly initialize memory in certain situations. A local attacker could use this to expose sensitive information (kernel memory). ( CVE-2021-4135 ) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). ( CVE-2021-43976 ) It was discovered that the ARM Trusted Execution Environment (TEE) subsystem in the Linux kernel contained a race condition leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. ( CVE-2021-44733 ) It was discovered that the Phone Network protocol (PhoNet) implementation in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). ( CVE-2021-45095 ) Wenqing Liu discovered that the f2fs file system in the Linux kernel did not properly validate the last xattr entry in an inode. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2021-45469 ) It was discovered that the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). ( CVE-2021-45480 ) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. ( CVE-2022-0435 ) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-27666 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 o linux-image-bluefield - 5.4.0.1032.33 o linux-image-5.4.0-1032-bluefield - 5.4.0-1032.35 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2021-45095 o CVE-2021-28714 o CVE-2021-28715 o CVE-2021-28713 o CVE-2021-45469 o CVE-2022-0492 o CVE-2021-44733 o CVE-2021-43976 o CVE-2021-45480 o CVE-2021-4135 o CVE-2022-0435 o CVE-2021-28712 o CVE-2022-1055 o CVE-2021-28711 o CVE-2022-27666 Related notices o USN-5278-1 : linux-oem-20.04d, linux-oem-5.14-tools-host, linux-headers-5.14.0-1022-oem, linux-buildinfo-5.14.0-1022-oem, linux-oem-5.14-headers-5.14.0-1022, linux-tools-5.14.0-1022-oem, linux-image-unsigned-5.14.0-1022-oem, linux-modules-5.14.0-1022-oem, linux-tools-oem-20.04d, linux-oem-5.14-tools-5.14.0-1022, linux-headers-oem-20.04d, linux-image-5.14.0-1022-oem, linux-image-oem-20.04d, linux-oem-5.14 o USN-5337-1 : linux-cloud-tools-5.13.0-37-generic, linux-image-unsigned-5.13.0-1023-oracle, linux-gcp-headers-5.13.0-1021, linux-aws-headers-5.13.0-1019, linux-tools-5.13.0-1022-raspi-nolpae, linux-headers-5.13.0-1021-gcp, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-gke, linux-image-5.13.0-1019-aws, linux-headers-gke, linux-image-generic-64k, linux-headers-5.13.0-37-generic-64k, linux-modules-5.13.0-1023-oracle, linux-tools-5.13.0-37-lowlatency, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-gcp-edge, linux-modules-extra-5.13.0-1019-aws, linux-image-raspi-nolpae, linux-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-kvm-headers-5.13.0-1018, linux-crashdump, linux-gcp-5.13, linux-modules-5.13.0-37-generic-64k, linux-tools-common, linux-aws-cloud-tools-5.13.0-1019, linux-image-5.13.0-1018-kvm, linux-virtual-hwe-20.04, linux-gcp-tools-5.13.0-1021, linux-buildinfo-5.13.0-1021-gcp, linux-generic-64k, linux-image-raspi, linux-tools-virtual, linux-modules-extra-aws, linux-modules-extra-raspi, linux-tools-generic-64k-hwe-20.04, linux-tools-5.13.0-1021-gcp, linux-modules-extra-raspi-nolpae, linux-cloud-tools-lowlatency, linux-tools-lowlatency-hwe-20.04-edge, linux-tools-aws-edge, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-oem-20.04, linux-headers-raspi-nolpae, linux-headers-raspi, linux-image-5.13.0-37-generic-64k, linux-kvm, linux-virtual-hwe-20.04-edge, linux-buildinfo-5.13.0-1022-raspi-nolpae, linux-cloud-tools-5.13.0-1019-aws, linux-image-generic-64k-hwe-20.04, linux-gke, linux-image-5.13.0-1023-oracle, linux-image-5.13.0-1022-raspi-nolpae, linux-buildinfo-5.13.0-37-generic, linux-image-unsigned-5.13.0-37-lowlatency, linux-virtual, linux-buildinfo-5.13.0-37-generic-64k, linux-cloud-tools-5.13.0-37, linux-cloud-tools-lowlatency-hwe-20.04, linux-image-5.13.0-1022-raspi, linux-headers-kvm, linux-tools-generic-hwe-20.04, linux-tools-lowlatency, linux-headers-virtual, linux-image-generic-hwe-20.04-edge, linux-tools-5.13.0-37-generic, linux-image-gcp, linux-tools-virtual-hwe-20.04-edge, linux-image-kvm, linux-headers-lowlatency-hwe-20.04-edge, linux-hwe-5.13-tools-5.13.0-37, linux-cloud-tools-virtual, linux-image-generic-lpae, linux-headers-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04-edge, linux-tools-5.13.0-1019-aws, linux-tools-generic-64k-hwe-20.04-edge, linux-cloud-tools-5.13.0-37-lowlatency, linux-tools-gke, linux-source, linux-tools-5.13.0-37-generic-lpae, linux-buildinfo-5.13.0-1023-oracle, linux-headers-lowlatency-hwe-20.04, linux-image-aws, linux-modules-5.13.0-1022-raspi-nolpae, linux-headers-generic-hwe-20.04-edge, linux-modules-5.13.0-37-generic-lpae, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-hwe-5.13, linux-tools-oracle, linux-aws-tools-5.13.0-1019, linux-aws-5.13-headers-5.13.0-1019, linux-modules-5.13.0-1021-gcp, linux-headers-5.13.0-1022-raspi, linux-image-unsigned-5.13.0-1018-kvm, linux-image-oracle, linux-headers-5.13.0-1018-kvm, linux-headers-aws-edge, linux-image-generic-hwe-20.04, linux-oracle-tools-5.13.0-1023, linux-image-generic-lpae-hwe-20.04, linux-hwe-5.13-cloud-tools-5.13.0-37, linux-image-5.13.0-1021-gcp, linux-doc, linux-tools-generic-hwe-20.04-edge, linux-image-extra-virtual-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-generic-hwe-20.04, linux-modules-5.13.0-37-lowlatency, linux-raspi-tools-5.13.0-1022, linux-modules-extra-5.13.0-1021-gcp, linux-tools-kvm, linux-aws-5.13, linux-headers-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-source-5.13.0, linux-image-virtual-hwe-20.04, linux-raspi, linux-buildinfo-5.13.0-1019-aws, linux-tools-5.13.0-1023-oracle, linux-tools-generic-lpae-hwe-20.04, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-buildinfo-5.13.0-37-lowlatency, linux-image-5.13.0-37-lowlatency, linux-image-extra-virtual-hwe-20.04-edge, linux-modules-5.13.0-1022-raspi, linux-image-unsigned-5.13.0-1019-aws, linux-modules-5.13.0-37-generic, linux-oracle-headers-5.13.0-1023, linux-aws-5.13-tools-5.13.0-1019, linux-tools-host, linux-image-aws-edge, linux-oem-20.04, linux-cloud-tools-virtual-hwe-20.04, linux-image-5.13.0-37-generic, linux-hwe-5.13-tools-host, linux-tools-virtual-hwe-20.04, linux-image-unsigned-5.13.0-37-generic-64k, linux-modules-5.13.0-1018-kvm, linux-buildinfo-5.13.0-37-generic-lpae, linux-headers-5.13.0-37-generic-lpae, linux-tools-generic-lpae, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-raspi, linux-tools-generic, linux-tools-5.13.0-1022-raspi, linux-headers-5.13.0-37, linux-gcp-5.13-headers-5.13.0-1021, linux-modules-extra-5.13.0-37-generic, linux-cloud-tools-virtual-hwe-20.04-edge, linux-image-unsigned-5.13.0-1021-gcp, linux-gcp, linux-headers-gcp-edge, linux-aws-edge, linux-image-virtual-hwe-20.04-edge, linux-headers-generic-64k, linux-tools-raspi-nolpae, linux-raspi-nolpae, linux-tools-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge, linux-image-generic, linux-generic-lpae-hwe-20.04, linux-headers-5.13.0-1022-raspi-nolpae, linux-hwe-5.13-tools-common, linux-headers-virtual-hwe-20.04-edge, linux-generic-lpae, linux-headers-oracle, linux-headers-gcp, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-modules-extra-aws-edge, linux-tools-gcp-edge, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-oem-20.04, linux, linux-headers-generic-hwe-20.04, linux-modules-5.13.0-1019-aws, linux-raspi-headers-5.13.0-1022, linux-buildinfo-5.13.0-1018-kvm, linux-headers-lowlatency, linux-headers-5.13.0-1019-aws, linux-buildinfo-5.13.0-1022-raspi, linux-cloud-tools-generic, linux-headers-5.13.0-1023-oracle, linux-modules-extra-5.13.0-1022-raspi, linux-image-5.13.0-37-generic-lpae, linux-tools-5.13.0-37-generic-64k, linux-headers-generic-lpae, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-source-5.13.0, linux-gcp-5.13-tools-5.13.0-1021, linux-image-unsigned-5.13.0-37-generic, linux-libc-dev, linux-tools-aws, linux-oracle, linux-tools-5.13.0-37, linux-modules-extra-gke, linux-kvm-tools-5.13.0-1018, linux-headers-aws, linux-image-oem-20.04, linux-headers-5.13.0-37-generic, linux-aws, linux-tools-5.13.0-1018-kvm, linux-modules-extra-5.13.0-1023-oracle, linux-aws-5.13-cloud-tools-5.13.0-1019, linux-hwe-5.13-headers-5.13.0-37, linux-image-virtual, linux-image-gcp-edge, linux-modules-extra-5.13.0-1022-raspi-nolpae, linux-hwe-5.13-cloud-tools-common, linux-headers-5.13.0-37-lowlatency o USN-5338-1 : linux-modules-extra-azure-lts-20.04, linux-tools-generic-hwe-18.04, linux-image-5.4.0-1018-ibm, linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge, linux-modules-extra-oracle, linux-headers-gke, linux-image-aws-lts-20.04, linux-cloud-tools-common, linux-lowlatency, linux-image-oracle-edge, linux-tools-common, linux-image-unsigned-5.4.0-105-generic, linux-image-gkeop-5.4, linux-headers-5.4.0-1066-gke, linux-image-azure-fde, linux-oracle-headers-5.4.0-1067, linux-generic-hwe-18.04-edge, linux-aws-5.4-headers-5.4.0-1069, linux-image-5.4.0-1073-azure-fde, linux-headers-azure-edge, linux-cloud-tools-lowlatency, linux-image-5.4.0-105-generic, linux-headers-5.4.0-1069-aws, linux-headers-raspi-hwe-18.04-edge, linux-oem, linux-tools-oracle-lts-20.04, linux-aws-cloud-tools-5.4.0-1069, linux-cloud-tools-5.4.0-105-lowlatency, linux-headers-5.4.0-105-lowlatency, linux-tools-5.4.0-1073-azure, linux-headers-virtual, linux-hwe-5.4-cloud-tools-common, linux-oracle-lts-20.04, linux-ibm-cloud-tools-common, linux-aws-tools-5.4.0-1069, linux-headers-generic-lpae-hwe-18.04, linux-cloud-tools-5.4.0-105, linux-snapdragon-hwe-18.04, linux-raspi-headers-5.4.0-1056, linux-image-5.4.0-105-lowlatency, linux-image-aws, linux-buildinfo-5.4.0-105-generic-lpae, linux-image-unsigned-5.4.0-1073-azure, linux-tools-gcp, linux-generic, linux-headers-5.4.0-1073-azure, linux-modules-extra-5.4.0-1018-ibm, linux-headers-aws-edge, linux-doc, linux-buildinfo-5.4.0-1068-gcp, linux-image-unsigned-5.4.0-1067-oracle, linux-tools-5.4.0-105, linux-azure-headers-5.4.0-1073, linux-image-azure, linux-raspi-5.4-headers-5.4.0-1056, linux-image-oracle-lts-20.04, linux-modules-5.4.0-1066-gke, linux-headers-5.4.0-1059-kvm, linux-aws-headers-5.4.0-1069, linux-tools-ibm-lts-20.04, linux-azure-fde, linux-image-extra-virtual, linux-signed-image-oracle-edge, linux-headers-azure-lts-20.04, linux-aws-5.4-cloud-tools-5.4.0-1069, linux-modules-5.4.0-105-lowlatency, linux-cloud-tools-azure, linux-headers-oracle-lts-20.04, linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04, linux-ibm, linux-generic-lpae-hwe-18.04-edge, linux-modules-extra-5.4.0-1068-gcp, linux-raspi-5.4, linux-image-gkeop, linux-hwe-5.4-source-5.4.0, linux-ibm-lts-20.04, linux-generic-lpae, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-headers-generic-hwe-18.04-edge, linux-headers-gcp, linux-aws-lts-20.04, linux-raspi2, linux-headers-raspi2-hwe-18.04-edge, linux-modules-extra-oracle-edge, linux-gkeop-headers-5.4.0-1037, linux-gcp-5.4, linux-headers-generic-lpae, linux-image-oem-osp1, linux-modules-5.4.0-1068-gcp, linux-lowlatency-hwe-18.04, linux-tools-azure-edge, linux-modules-extra-5.4.0-1037-gkeop, linux-oem-osp1, linux-libc-dev, linux-buildinfo-5.4.0-105-lowlatency, linux-image-virtual-hwe-18.04-edge, linux-buildinfo-5.4.0-1018-ibm, linux-headers-5.4.0-105-generic, linux-buildinfo-5.4.0-1067-oracle, linux-ibm-5.4-cloud-tools-common, linux-gkeop-5.4-source-5.4.0, linux-ibm-tools-common, linux-image-5.4.0-1066-gke, linux-tools-5.4.0-1018-ibm, linux-oracle-edge, linux-cloud-tools-gkeop, linux-gke-5.4-headers-5.4.0-1066, linux-azure-5.4-headers-5.4.0-1073, linux-tools-5.4.0-1067-oracle, linux-tools-lowlatency-hwe-18.04-edge, linux-image-raspi2-hwe-18.04-edge, linux-buildinfo-5.4.0-1037-gkeop, linux-headers-5.4.0-1068-gcp, linux-tools-lowlatency-hwe-18.04, linux-buildinfo-5.4.0-1073-azure, linux-tools-azure-lts-20.04, linux-image-azure-lts-20.04, linux-modules-extra-5.4.0-105-generic, linux-ibm-source-5.4.0, linux-headers-5.4.0-1067-oracle, linux-tools-virtual, linux-azure-cloud-tools-5.4.0-1073, linux-signed-azure-edge, linux-tools-gcp-lts-20.04, linux-modules-extra-aws, linux-headers-ibm, linux-modules-5.4.0-1018-ibm, linux-image-unsigned-5.4.0-1066-gke, linux-headers-virtual-hwe-18.04, linux-headers-5.4.0-1037-gkeop, linux-gke, linux-tools-lowlatency, linux-raspi2-hwe-18.04, linux-tools-ibm-edge, linux-image-5.4.0-1037-gkeop, linux-tools-5.4.0-1056-raspi, linux-image-gcp, linux-image-ibm-lts-20.04, linux-headers-oem, linux-modules-extra-gkeop-5.4, linux-tools-generic-hwe-18.04-edge, linux-headers-ibm-edge, linux-gke-headers-5.4.0-1066, linux-image-5.4.0-1056-raspi, linux-source-5.4.0, linux-tools-oracle, linux-image-raspi2-hwe-18.04, linux-image-oracle, linux-gkeop-cloud-tools-5.4.0-1037, linux-tools-azure, linux-image-raspi-hwe-18.04-edge, linux-signed-image-azure, linux-modules-5.4.0-1073-azure, linux-image-unsigned-5.4.0-1037-gkeop, linux-ibm-5.4-tools-common, linux-raspi, linux-headers-raspi2, linux-image-oem, linux-image-unsigned-5.4.0-1018-ibm, linux-headers-lowlatency-hwe-18.04, linux-image-aws-edge, linux-modules-5.4.0-1067-oracle, linux-image-generic-lpae-hwe-18.04, linux-tools-raspi, linux-azure-5.4-tools-5.4.0-1073, linux-tools-generic, linux-image-gke-5.4, linux-oem-tools-host, linux-cloud-tools-azure-edge, linux-ibm-5.4-headers-5.4.0-1018, linux-image-unsigned-5.4.0-1069-aws, linux-ibm-edge, linux-headers-oracle, linux-raspi-5.4-tools-5.4.0-1056, linux-buildinfo-5.4.0-1066-gke, linux-image-extra-virtual-hwe-18.04-edge, linux-modules-extra-aws-edge, linux-modules-extra-gke-5.4, linux-tools-gcp-edge, linux-modules-extra-gcp, linux-buildinfo-5.4.0-1056-raspi, linux-headers-5.4.0-105-generic-lpae, linux-azure-tools-5.4.0-1073, linux-image-lowlatency-hwe-18.04, linux-modules-extra-ibm, linux-tools-gkeop, linux-modules-extra-ibm-lts-20.04, linux-modules-extra-gke, linux-buildinfo-5.4.0-1069-aws, linux-modules-extra-5.4.0-1067-oracle, linux-headers-azure-fde, linux-modules-5.4.0-1059-kvm, linux-tools-snapdragon-hwe-18.04, linux-image-unsigned-5.4.0-105-lowlatency, linux-headers-5.4.0-1056-raspi, linux-oracle-5.4-tools-5.4.0-1067, linux-tools-5.4.0-1066-gke, linux-gcp-edge, linux-tools-5.4.0-1037-gkeop, linux-tools-oracle-edge, linux-cloud-tools-gkeop-5.4, linux-tools-azure-fde, linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4, linux-kvm-tools-5.4.0-1059, linux-headers-raspi, linux-image-virtual-hwe-18.04, linux-kvm, linux-gkeop-source-5.4.0, linux-modules-extra-virtual-hwe-18.04, linux-headers-gcp-lts-20.04, linux-headers-5.4.0-105, linux-headers-kvm, linux-image-5.4.0-1073-azure, linux-gcp-tools-5.4.0-1068, linux-image-kvm, linux-image-generic-lpae, linux-tools-gke, linux-gke-tools-5.4.0-1066, linux-source, linux-tools-virtual-hwe-18.04-edge, linux-tools-ibm, linux-cloud-tools-5.4.0-1037-gkeop, linux-tools-raspi2-hwe-18.04, linux-signed-oracle, linux-headers-oracle-edge, linux-headers-aws-lts-20.04, linux-modules-5.4.0-1069-aws, linux-tools-raspi-hwe-18.04, linux-azure, linux-tools-kvm, linux-image-5.4.0-105-generic-lpae, linux-image-raspi-hwe-18.04, linux-tools-gkeop-5.4, linux-hwe-5.4-tools-5.4.0-105, linux-raspi-hwe-18.04, linux-ibm-tools-5.4.0-1018, linux-tools-host, linux-image-extra-virtual-hwe-18.04, linux-ibm-headers-5.4.0-1018, linux-gkeop-5.4-cloud-tools-5.4.0-1037, linux-headers-generic, linux-headers-raspi2-hwe-18.04, linux-aws-5.4, linux-gcp, linux-headers-gkeop, linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04, linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge, linux-hwe-5.4-cloud-tools-5.4.0-105, linux-cloud-tools-virtual-hwe-18.04-edge, linux-modules-5.4.0-1056-raspi, linux-signed-image-azure-edge, linux-image-snapdragon-hwe-18.04-edge, linux-image-5.4.0-1068-gcp, linux-headers-lowlatency-hwe-18.04-edge, linux-modules-5.4.0-1037-gkeop, linux-signed-image-oracle, linux-cloud-tools-generic-hwe-18.04-edge, linux-modules-extra-5.4.0-1069-aws, linux-image-unsigned-5.4.0-1073-azure-fde, linux-gke-5.4, linux-headers-generic-hwe-18.04, linux-tools-aws, linux-raspi-tools-5.4.0-1056, linux-image-gcp-lts-20.04, linux-cloud-tools-azure-lts-20.04, linux-aws, linux-cloud-tools-azure-fde, linux-modules-extra-gcp-lts-20.04, linux-image-virtual, linux-modules-extra-azure, linux-image-gcp-edge, linux-tools-5.4.0-1068-gcp, linux-cloud-tools-5.4.0-1069-aws, linux-tools-5.4.0-1069-aws, linux-image-5.4.0-1069-aws, linux-tools-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04-edge, linux-azure-5.4-cloud-tools-5.4.0-1073, linux-tools-5.4.0-105-lowlatency, linux-image-gke, linux-buildinfo-5.4.0-1059-kvm, linux-cloud-tools-5.4.0-105-generic, linux-ibm-5.4-tools-5.4.0-1018, linux-azure-edge, linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump, linux-virtual-hwe-18.04, linux-oracle-5.4-headers-5.4.0-1067, linux-image-generic-hwe-18.04, linux-modules-extra-azure-fde, linux-image-raspi, linux-kvm-headers-5.4.0-1059, linux-image-ibm-edge, linux-buildinfo-5.4.0-105-generic, linux-tools-oem-osp1, linux-tools-5.4.0-1059-kvm, linux-gkeop-5.4, linux-gcp-5.4-headers-5.4.0-1068, linux-tools-aws-edge, linux-modules-5.4.0-105-generic, linux-image-raspi2, linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-gcp-lts-20.04, linux-snapdragon-hwe-18.04-edge, linux-headers-gkeop-5.4, linux-virtual, linux-aws-5.4-tools-5.4.0-1069, linux-image-generic-lpae-hwe-18.04-edge, linux-azure-lts-20.04, linux-headers-5.4.0-1018-ibm, linux-ibm-5.4, linux-cloud-tools-virtual, linux-modules-extra-azure-edge, linux-tools-5.4.0-105-generic, linux-gkeop, linux-headers-ibm-lts-20.04, linux-gkeop-5.4-tools-5.4.0-1037, linux-lowlatency-hwe-18.04-edge, linux-headers-generic-lpae-hwe-18.04-edge, linux-tools-raspi-hwe-18.04-edge, linux-modules-extra-5.4.0-1066-gke, linux-tools-aws-lts-20.04, linux-headers-gke-5.4, linux-image-5.4.0-1059-kvm, linux-gcp-headers-5.4.0-1068, linux-modules-extra-ibm-edge, linux-cloud-tools-virtual-hwe-18.04, linux-raspi2-hwe-18.04-edge, linux-image-unsigned-5.4.0-1068-gcp, linux-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04, linux-azure-5.4, linux-image-ibm, linux-raspi-hwe-18.04-edge, linux-hwe-5.4-headers-5.4.0-105, linux-modules-extra-gkeop, linux-gkeop-tools-5.4.0-1037, linux-signed-oracle-edge, linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge, linux-modules-5.4.0-105-generic-lpae, linux-tools-gke-5.4, linux-headers-azure, linux-signed-azure, linux-headers-gcp-edge, linux-aws-edge, linux-cloud-tools-lowlatency-hwe-18.04, linux-tools-raspi2-hwe-18.04-edge, linux-oem-osp1-tools-host, linux-gke-5.4-tools-5.4.0-1066, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-generic-hwe-18.04, linux-tools-5.4.0-105-generic-lpae, linux-ibm-5.4-source-5.4.0, linux-modules-extra-5.4.0-1073-azure, linux, linux-headers-lowlatency, linux-headers-raspi-hwe-18.04, linux-cloud-tools-generic, linux-image-generic-hwe-18.04-edge, linux-tools-oem, linux-oracle-tools-5.4.0-1067, linux-hwe-5.4-tools-common, linux-image-unsigned-5.4.0-1059-kvm, linux-gcp-5.4-tools-5.4.0-1068, linux-oracle, linux-image-azure-edge, linux-headers-aws, linux-gkeop-5.4-headers-5.4.0-1037, linux-cloud-tools-5.4.0-1073-azure, linux-image-5.4.0-1067-oracle, linux-tools-raspi2 o USN-5339-1 : linux-cloud-tools-4.15.0-173, linux-signed-generic, linux-tools-gcp-lts-18.04, linux-azure-4.15-tools-4.15.0-1134, linux-image-virtual-hwe-16.04, linux-modules-4.15.0-173-lowlatency, linux-signed-image-lowlatency-hwe-16.04-edge, linux-tools-generic-hwe-16.04, linux-gcp-lts-18.04, linux-image-unsigned-4.15.0-1134-azure, linux-modules-4.15.0-1134-azure, linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-image-gke, linux-headers-gke, linux-azure-4.15-headers-4.15.0-1134, linux-tools-virtual-hwe-16.04-edge, linux-cloud-tools-4.15.0-1134-azure, linux-cloud-tools-common, linux-virtual-hwe-16.04, linux-headers-4.15.0-173, linux-tools-azure-lts-18.04, linux-image-unsigned-4.15.0-1119-gcp, linux-image-4.15.0-1119-gcp, linux-cloud-tools-virtual-hwe-16.04, linux-azure-edge, linux-aws-hwe-cloud-tools-4.15.0-1124, linux-lowlatency, linux-image-4.15.0-1124-aws-hwe, linux-raspi2-tools-4.15.0-1106, linux-cloud-tools-4.15.0-173-generic, linux-modules-4.15.0-1119-gcp, linux-crashdump, linux-tools-common, linux-modules-extra-azure-lts-18.04, linux-headers-4.15.0-1123-snapdragon, linux-azure-tools-4.15.0-1134, linux-headers-gcp-lts-18.04, linux-buildinfo-4.15.0-1038-dell300x, linux-signed-azure-lts-18.04, linux-tools-4.15.0-1124-aws, linux-tools-4.15.0-173-generic, linux-signed-image-lowlatency, linux-tools-virtual, linux-signed-azure-edge, linux-image-aws-hwe, linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04, linux-image-generic-lpae-hwe-16.04, linux-signed-oem, linux-modules-4.15.0-1110-kvm, linux-modules-4.15.0-1090-oracle, linux-headers-azure-edge, linux-tools-4.15.0-1110-kvm, linux-modules-4.15.0-1124-aws, linux-cloud-tools-lowlatency, linux-image-4.15.0-173-generic-lpae, linux-modules-extra-aws-hwe, linux-tools-virtual-hwe-16.04, linux-image-raspi2, linux-headers-4.15.0-1038-dell300x, linux-kvm, linux-headers-generic-hwe-16.04, linux-tools-4.15.0-1123-snapdragon, linux-image-azure-lts-18.04, linux-headers-4.15.0-173-lowlatency, linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-oem, linux-image-4.15.0-173-generic, linux-raspi2-headers-4.15.0-1106, linux-buildinfo-4.15.0-1106-raspi2, linux-azure-lts-18.04, linux-buildinfo-4.15.0-1119-gcp, linux-virtual, linux-tools-lowlatency, linux-headers-kvm, linux-image-generic-hwe-16.04, linux-headers-virtual, linux-tools-4.15.0-173, linux-headers-4.15.0-1134-azure, linux-aws-cloud-tools-4.15.0-1124, linux-image-gcp, linux-image-4.15.0-1134-azure, linux-image-lowlatency-hwe-16.04-edge, linux-cloud-tools-virtual-hwe-16.04-edge, linux-buildinfo-4.15.0-1090-oracle, linux-headers-oem, linux-headers-4.15.0-1106-raspi2, linux-oracle-headers-4.15.0-1090, linux-image-kvm, linux-aws-tools-4.15.0-1124, linux-cloud-tools-virtual, linux-image-generic-lpae, linux-modules-extra-azure-edge, linux-tools-gke, linux-generic-hwe-16.04-edge, linux-source, linux-headers-4.15.0-1124-aws, linux-tools-4.15.0-1090-oracle, linux-image-4.15.0-1106-raspi2, linux-tools-gcp, linux-generic, linux-cloud-tools-4.15.0-173-lowlatency, linux-cloud-tools-azure-lts-18.04, linux-tools-oracle, linux-aws-lts-18.04, linux-image-unsigned-4.15.0-173-lowlatency, linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04, linux-headers-lowlatency-hwe-16.04, linux-signed-image-oracle-lts-18.04, linux-image-oracle, linux-signed-oracle, linux-headers-oracle-lts-18.04, linux-tools-lowlatency-hwe-16.04-edge, linux-cloud-tools-generic-hwe-16.04, linux-doc, linux-lowlatency-hwe-16.04, linux-tools-azure, linux-headers-virtual-hwe-16.04-edge, linux-tools-4.15.0-173-generic-lpae, linux-tools-dell300x, linux-modules-4.15.0-1106-raspi2, linux-image-4.15.0-1124-aws, linux-image-4.15.0-1090-oracle, linux-image-4.15.0-173-lowlatency, linux-image-azure, linux-signed-image-azure, linux-azure, linux-tools-kvm, linux-tools-generic-lpae-hwe-16.04-edge, linux-headers-lowlatency-hwe-16.04-edge, linux-signed-lowlatency-hwe-16.04, linux-headers-azure-lts-18.04, linux-headers-generic-hwe-16.04-edge, linux-modules-extra-4.15.0-1134-azure, linux-generic-lpae-hwe-16.04-edge, linux-headers-raspi2, linux-image-extra-virtual, linux-image-oem, linux-snapdragon, linux-tools-aws-lts-18.04, linux-buildinfo-4.15.0-173-generic-lpae, linux-image-4.15.0-1123-snapdragon, linux-azure-headers-4.15.0-1134, linux-modules-4.15.0-173-generic-lpae, linux-headers-dell300x, linux-signed-image-lowlatency-hwe-16.04, linux-gcp-4.15, linux-modules-4.15.0-173-generic, linux-headers-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1038-dell300x, linux-tools-host, linux-buildinfo-4.15.0-173-lowlatency, linux-dell300x-headers-4.15.0-1038, linux-modules-extra-gcp-lts-18.04, linux-signed-image-azure-lts-18.04, linux-gcp-tools-4.15.0-1119, linux-tools-snapdragon, linux-image-unsigned-4.15.0-1090-oracle, linux-tools-generic-lpae-hwe-16.04, linux-buildinfo-4.15.0-1134-azure, linux-cloud-tools-generic-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04, linux-azure-cloud-tools-4.15.0-1134, linux-tools-generic-lpae, linux-headers-generic, linux-oracle-tools-4.15.0-1090, linux-signed-image-oem, linux-tools-generic, linux-signed-image-generic-hwe-16.04, linux-headers-4.15.0-173-generic-lpae, linux-hwe-tools-4.15.0-173, linux-tools-lowlatency-hwe-16.04, linux-aws-headers-4.15.0-1124, linux-dell300x-tools-4.15.0-1038, linux-headers-azure, linux-hwe-cloud-tools-4.15.0-173, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-image-snapdragon, linux-aws-edge, linux-image-unsigned-4.15.0-173-generic, linux-signed-azure, linux-source-4.15.0, linux-tools-generic-hwe-16.04-edge, linux-headers-4.15.0-1090-oracle, linux-oracle-lts-18.04, linux-generic-hwe-16.04, linux-headers-4.15.0-1110-kvm, linux-image-virtual-hwe-16.04-edge, linux-modules-extra-4.15.0-173-generic, linux-image-generic-lpae-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-buildinfo-4.15.0-173-generic, linux-image-generic, linux-signed-oracle-lts-18.04, linux-tools-4.15.0-1038-dell300x, linux-tools-4.15.0-1119-gcp, linux-tools-oracle-lts-18.04, linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x, linux-headers-oracle, linux-virtual-hwe-16.04-edge, linux-tools-4.15.0-1106-raspi2, linux-headers-gcp, linux-image-lowlatency, linux-signed-image-azure-edge, linux-cloud-tools-4.15.0-1124-aws, linux-image-dell300x, linux-image-generic-hwe-16.04-edge, linux-modules-extra-4.15.0-1119-gcp, linux-raspi2, linux-image-extra-virtual-hwe-16.04, linux-modules-extra-gcp, linux-tools-4.15.0-173-lowlatency, linux-kvm-headers-4.15.0-1110, linux-modules-extra-4.15.0-1124-aws, linux, linux-signed-image-oracle, linux-headers-generic-lpae-hwe-16.04, linux-headers-lowlatency, linux-headers-snapdragon, linux-image-unsigned-4.15.0-1038-dell300x, linux-modules-4.15.0-1123-snapdragon, linux-cloud-tools-generic, linux-gcp-4.15-headers-4.15.0-1119, linux-signed-generic-hwe-16.04-edge, linux-azure-4.15-cloud-tools-4.15.0-1134, linux-headers-4.15.0-173-generic, linux-kvm-tools-4.15.0-1110, linux-cloud-tools-lowlatency-hwe-16.04, linux-buildinfo-4.15.0-1110-kvm, linux-headers-generic-lpae, linux-aws-hwe-tools-4.15.0-1124, linux-signed-lowlatency, linux-snapdragon-tools-4.15.0-1123, linux-tools-oem, linux-tools-4.15.0-1134-azure, linux-modules-4.15.0-1038-dell300x, linux-tools-azure-edge, linux-azure-4.15, linux-image-unsigned-4.15.0-1124-aws, linux-aws-hwe, linux-modules-extra-4.15.0-1090-oracle, linux-libc-dev, linux-headers-aws-hwe, linux-hwe, linux-lowlatency-hwe-16.04-edge, linux-buildinfo-4.15.0-1123-snapdragon, linux-buildinfo-4.15.0-1124-aws, linux-oracle, linux-signed-lowlatency-hwe-16.04-edge, linux-headers-4.15.0-1119-gcp, linux-headers-virtual-hwe-16.04, linux-modules-extra-gke, linux-image-azure-edge, linux-snapdragon-headers-4.15.0-1123, linux-gcp-headers-4.15.0-1119, linux-aws, linux-image-extra-virtual-hwe-16.04-edge, linux-image-oracle-lts-18.04, linux-gcp-4.15-tools-4.15.0-1119, linux-image-virtual, linux-modules-extra-azure, linux-image-4.15.0-1110-kvm, linux-tools-raspi2 o USN-5343-1 : linux-signed-generic, linux-tools-virtual-lts-wily, linux-kvm-headers-4.4.0-1103, linux-headers-lowlatency-lts-vivid, linux-signed-generic-lts-utopic, linux-tools-4.4.0-1102-aws, linux-cloud-tools-4.4.0-1102-aws, linux-headers-virtual-lts-vivid, linux-signed-generic-lts-wily, linux-signed-image-generic, linux-cloud-tools-lowlatency-lts-vivid, linux-cloud-tools-common, linux-image-virtual-lts-wily, linux-lowlatency, linux-modules-extra-4.4.0-1138-aws, linux-tools-virtual-lts-utopic, linux-tools-4.4.0-1138-aws, linux-crashdump, linux-tools-common, linux-headers-generic-lts-vivid, linux-signed-image-lowlatency, linux-tools-virtual, linux-modules-extra-aws, linux-virtual-lts-vivid, linux-cloud-tools-lowlatency-lts-wily, linux-image-4.4.0-1138-aws, linux-headers-4.4.0-1102-aws, linux-cloud-tools-4.4.0-222-generic, linux-buildinfo-4.4.0-222-generic, linux-cloud-tools-generic-lts-vivid, linux-image-lowlatency-lts-wily, linux-signed-image-lowlatency-lts-xenial, linux-image-4.4.0-222-lowlatency, linux-cloud-tools-lowlatency, linux-hwe-generic-trusty, linux-lowlatency-lts-xenial, linux-buildinfo-4.4.0-1103-kvm, linux-cloud-tools-4.4.0-222-lowlatency, linux-kvm, linux-image-generic-lts-xenial, linux-headers-virtual-lts-xenial, linux-buildinfo-4.4.0-1138-aws, linux-tools-4.4.0-222-generic, linux-cloud-tools-4.4.0-1103-kvm, linux-buildinfo-4.4.0-222-lowlatency, linux-modules-4.4.0-222-generic, linux-virtual, linux-generic-lts-xenial, linux-tools-generic-lts-vivid, linux-tools-lowlatency, linux-headers-4.4.0-222-lowlatency, linux-headers-kvm, linux-signed-image-generic-lts-vivid, linux-tools-virtual-lts-vivid, linux-headers-virtual, linux-image-kvm, linux-virtual-lts-wily, linux-cloud-tools-virtual-lts-utopic, linux-cloud-tools-virtual, linux-image-extra-virtual-lts-wily, linux-headers-generic-lts-wily, linux-source, linux-image-lowlatency-lts-vivid, linux-image-aws, linux-cloud-tools-generic-lts-wily, linux-generic, linux-image-4.4.0-1103-kvm, linux-aws-headers-4.4.0-1102, linux-image-generic-lts-utopic, linux-image-4.4.0-222-generic, linux-modules-4.4.0-222-lowlatency, linux-source-4.4.0, linux-generic-lts-vivid, linux-tools-4.4.0-222, linux-image-virtual-lts-xenial, linux-headers-4.4.0-1138-aws, linux-cloud-tools-virtual-lts-wily, linux-doc, linux-headers-generic-lts-xenial, linux-tools-generic-lts-xenial, linux-headers-4.4.0-222, linux-aws-headers-4.4.0-1138, linux-cloud-tools-lowlatency-lts-xenial, linux-modules-4.4.0-1138-aws, linux-image-extra-virtual-lts-xenial, linux-headers-virtual-lts-utopic, linux-headers-4.4.0-1103-kvm, linux-aws-tools-4.4.0-1102, linux-tools-kvm, linux-headers-generic-lts-utopic, linux-tools-lts-utopic, linux-image-hwe-generic-trusty, linux-image-lowlatency-lts-xenial, linux-image-virtual-lts-utopic, linux-image-hwe-virtual-trusty, linux-cloud-tools-generic-lts-xenial, linux-signed-generic-lts-vivid, linux-tools-virtual-lts-xenial, linux-tools-4.4.0-222-lowlatency, linux-aws-tools-4.4.0-1138, linux-image-extra-virtual, linux-lowlatency-lts-vivid, linux-signed-image-generic-lts-xenial, linux-image-extra-virtual-lts-utopic, linux-lowlatency-lts-utopic, linux-cloud-tools-4.4.0-1138-aws, linux-tools-host, linux-headers-lowlatency-lts-wily, linux-image-generic-lts-vivid, linux-tools-lowlatency-lts-vivid, linux-aws-cloud-tools-4.4.0-1138, linux-cloud-tools-lowlatency-lts-utopic, linux-headers-generic, linux-signed-image-generic-lts-utopic, linux-tools-generic, linux-image-unsigned-4.4.0-222-lowlatency, linux-modules-extra-4.4.0-222-generic, linux-modules-4.4.0-1103-kvm, linux-signed-image-generic-lts-wily, linux-image-generic, linux-signed-lowlatency-lts-wily, linux-image-extra-virtual-lts-vivid, linux-virtual-lts-utopic, linux-tools-generic-lts-utopic, linux-lts-xenial-tools-4.4.0-222, linux-kvm-cloud-tools-4.4.0-1103, linux-image-lowlatency, linux-tools-lowlatency-lts-utopic, linux-image-generic-lts-wily, linux-headers-lowlatency-lts-utopic, linux-tools-lowlatency-lts-xenial, linux, linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-xenial, linux-cloud-tools-virtual-lts-vivid, linux-generic-lts-wily, linux-headers-4.4.0-222-generic, linux-headers-lowlatency, linux-aws-cloud-tools-4.4.0-1102, linux-cloud-tools-generic-lts-utopic, linux-cloud-tools-generic, linux-signed-generic-lts-xenial, linux-signed-lowlatency-lts-xenial, linux-tools-generic-lts-wily, linux-signed-lowlatency, linux-cloud-tools-4.4.0-222, linux-kvm-tools-4.4.0-1103, linux-hwe-virtual-trusty, linux-libc-dev, linux-lts-xenial, linux-image-4.4.0-1102-aws, linux-tools-aws, linux-tools-lowlatency-lts-wily, linux-buildinfo-4.4.0-1102-aws, linux-headers-aws, linux-aws, linux-image-virtual-lts-vivid, linux-virtual-lts-xenial, linux-signed-image-lowlatency-lts-wily, linux-tools-4.4.0-1103-kvm, linux-headers-virtual-lts-wily, linux-lts-xenial-cloud-tools-4.4.0-222, linux-image-virtual, linux-lowlatency-lts-wily, linux-cloud-tools-virtual-lts-xenial, linux-generic-lts-utopic, linux-modules-4.4.0-1102-aws, linux-image-unsigned-4.4.0-222-generic o USN-5368-1 : linux-tools-5.13.0-1025-oracle, linux-image-azure, linux-azure, linux-oracle-edge, linux-headers-oracle, linux-azure-5.13-tools-5.13.0-1021, linux-cloud-tools-5.13.0-1021-azure, linux-modules-5.13.0-1021-azure, linux-image-unsigned-5.13.0-1025-oracle, linux-modules-extra-5.13.0-1021-azure, linux-modules-extra-azure-edge, linux-oracle-5.13-headers-5.13.0-1025, linux-buildinfo-5.13.0-1021-azure, linux-modules-5.13.0-1025-oracle, linux-azure-edge, linux-image-oracle-edge, linux-image-unsigned-5.13.0-1021-azure, linux-azure-5.13-headers-5.13.0-1021, linux-oracle-5.13-tools-5.13.0-1025, linux-tools-azure-edge, linux-tools-5.13.0-1021-azure, linux-tools-oracle, linux-tools-oracle-edge, linux-oracle, linux-oracle-5.13, linux-image-oracle, linux-modules-extra-5.13.0-1025-oracle, linux-headers-oracle-edge, linux-headers-azure, linux-image-azure-edge, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-headers-azure-edge, linux-tools-azure, linux-headers-5.13.0-1021-azure, linux-image-5.13.0-1025-oracle, linux-headers-5.13.0-1025-oracle, linux-azure-5.13, linux-modules-extra-azure, linux-buildinfo-5.13.0-1025-oracle, linux-image-5.13.0-1021-azure, linux-azure-5.13-cloud-tools-5.13.0-1021 o USN-5298-1 : linux-tools-4.15.0-1121-aws, linux-signed-generic, linux-tools-gcp-lts-18.04, linux-image-virtual-hwe-16.04, linux-signed-image-lowlatency-hwe-16.04-edge, linux-tools-generic-hwe-16.04, linux-tools-4.15.0-1116-gcp, linux-gcp-lts-18.04, linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-buildinfo-4.15.0-1120-aws, linux-image-gke, linux-cloud-tools-4.15.0-1131-azure, linux-headers-4.15.0-1087-oracle, linux-headers-gke, linux-tools-virtual-hwe-16.04-edge, linux-gcp-4.15-headers-4.15.0-1116, linux-cloud-tools-common, linux-modules-extra-4.15.0-1116-gcp, linux-modules-4.15.0-1116-gcp, linux-modules-extra-4.15.0-1120-aws, linux-modules-extra-4.15.0-1131-azure, linux-tools-azure-lts-18.04, linux-buildinfo-4.15.0-169-generic-lpae, linux-cloud-tools-virtual-hwe-16.04, linux-azure-edge, linux-lowlatency, linux-virtual-hwe-16.04, linux-crashdump, linux-image-4.15.0-1035-dell300x, linux-modules-4.15.0-1103-raspi2, linux-azure-4.15-cloud-tools-4.15.0-1131, linux-tools-common, linux-oracle-tools-4.15.0-1087, linux-headers-4.15.0-1120-snapdragon, linux-modules-extra-azure-lts-18.04, linux-raspi2-headers-4.15.0-1103, linux-cloud-tools-4.15.0-169-lowlatency, linux-headers-gcp-lts-18.04, linux-signed-azure-lts-18.04, linux-azure-tools-4.15.0-1131, linux-signed-image-lowlatency, linux-headers-4.15.0-169-lowlatency, linux-azure-4.15-headers-4.15.0-1131, linux-tools-virtual, linux-signed-azure-edge, linux-cloud-tools-4.15.0-1121-aws, linux-image-aws-hwe, linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04, linux-image-generic-lpae-hwe-16.04, linux-headers-4.15.0-169, linux-signed-oem, linux-aws-headers-4.15.0-1120, linux-cloud-tools-4.15.0-1120-aws, linux-headers-azure-edge, linux-modules-4.15.0-1035-dell300x, linux-snapdragon-tools-4.15.0-1120, linux-cloud-tools-lowlatency, linux-modules-extra-aws-hwe, linux-tools-virtual-hwe-16.04, linux-image-raspi2, linux-azure-headers-4.15.0-1131, linux-modules-4.15.0-1087-oracle, linux-kvm, linux-headers-generic-hwe-16.04, linux-buildinfo-4.15.0-169-lowlatency, linux-image-azure-lts-18.04, linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-oem, linux-tools-4.15.0-1120-aws, linux-buildinfo-4.15.0-1035-dell300x, linux-azure-lts-18.04, linux-buildinfo-4.15.0-1120-snapdragon, linux-image-4.15.0-169-generic-lpae, linux-virtual, linux-tools-lowlatency, linux-headers-kvm, linux-image-generic-hwe-16.04, linux-modules-extra-4.15.0-1121-aws, linux-headers-virtual, linux-dell300x-tools-4.15.0-1035, linux-image-lowlatency-hwe-16.04-edge, linux-image-gcp, linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-oem, linux-image-kvm, linux-headers-4.15.0-1121-aws, linux-tools-4.15.0-1035-dell300x, linux-kvm-tools-4.15.0-1107, linux-tools-4.15.0-1131-azure, linux-image-4.15.0-1087-oracle, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-modules-extra-azure-edge, linux-tools-4.15.0-169-generic, linux-headers-4.15.0-169-generic-lpae, linux-tools-gke, linux-generic-hwe-16.04-edge, linux-source, linux-modules-4.15.0-1107-kvm, linux-hwe-tools-4.15.0-169, linux-tools-gcp, linux-generic, linux-headers-4.15.0-1035-dell300x, linux-cloud-tools-azure-lts-18.04, linux-aws-cloud-tools-4.15.0-1121, linux-tools-oracle, linux-aws-lts-18.04, linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04, linux-headers-lowlatency-hwe-16.04, linux-signed-image-oracle-lts-18.04, linux-image-oracle, linux-modules-4.15.0-1120-snapdragon, linux-headers-4.15.0-1107-kvm, linux-signed-oracle, linux-hwe-cloud-tools-4.15.0-169, linux-headers-oracle-lts-18.04, linux-tools-lowlatency-hwe-16.04-edge, linux-cloud-tools-generic-hwe-16.04, linux-doc, linux-lowlatency-hwe-16.04, linux-modules-extra-4.15.0-1087-oracle, linux-tools-4.15.0-169, linux-headers-virtual-hwe-16.04-edge, linux-tools-azure, linux-buildinfo-4.15.0-1121-aws, linux-tools-dell300x, linux-aws-hwe-cloud-tools-4.15.0-1120, linux-image-unsigned-4.15.0-169-lowlatency, linux-image-4.15.0-1120-snapdragon, linux-image-unsigned-4.15.0-1131-azure, linux-image-azure, linux-cloud-tools-4.15.0-169, linux-azure, linux-image-4.15.0-169-generic, linux-signed-image-azure, linux-headers-lowlatency-hwe-16.04-edge, linux-headers-4.15.0-1120-aws, linux-tools-generic-lpae-hwe-16.04-edge, linux-tools-kvm, linux-signed-lowlatency-hwe-16.04, linux-image-4.15.0-1103-raspi2, linux-headers-azure-lts-18.04, linux-image-unsigned-4.15.0-1035-dell300x, linux-modules-4.15.0-169-lowlatency, linux-headers-generic-hwe-16.04-edge, linux-generic-lpae-hwe-16.04-edge, linux-headers-raspi2, linux-image-extra-virtual, linux-image-oem, linux-image-unsigned-4.15.0-1121-aws, linux-buildinfo-4.15.0-1116-gcp, linux-buildinfo-4.15.0-1131-azure, linux-modules-4.15.0-1120-aws, linux-buildinfo-4.15.0-1087-oracle, linux-snapdragon, linux-tools-4.15.0-1120-snapdragon, linux-headers-dell300x, linux-signed-image-lowlatency-hwe-16.04, linux-tools-aws-lts-18.04, linux-gcp-4.15, linux-headers-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1131-azure, linux-tools-host, linux-modules-extra-gcp-lts-18.04, linux-signed-image-azure-lts-18.04, linux-tools-snapdragon, linux-tools-generic-lpae-hwe-16.04, linux-cloud-tools-generic-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04, linux-tools-4.15.0-1103-raspi2, linux-tools-generic-lpae, linux-headers-generic, linux-signed-image-oem, linux-tools-generic, linux-snapdragon-headers-4.15.0-1120, linux-modules-4.15.0-169-generic, linux-signed-image-generic-hwe-16.04, linux-aws-hwe-tools-4.15.0-1120, linux-modules-4.15.0-1121-aws, linux-modules-4.15.0-169-generic-lpae, linux-tools-lowlatency-hwe-16.04, linux-headers-azure, linux-image-snapdragon, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-oracle-headers-4.15.0-1087, linux-aws-edge, linux-signed-azure, linux-source-4.15.0, linux-tools-generic-hwe-16.04-edge, linux-aws-tools-4.15.0-1121, linux-oracle-lts-18.04, linux-buildinfo-4.15.0-1107-kvm, linux-generic-hwe-16.04, linux-image-unsigned-4.15.0-1120-aws, linux-image-virtual-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-aws-headers-4.15.0-1121, linux-headers-4.15.0-1116-gcp, linux-headers-4.15.0-1103-raspi2, linux-image-generic-lpae-hwe-16.04-edge, linux-image-generic, linux-signed-oracle-lts-18.04, linux-tools-4.15.0-169-generic-lpae, linux-tools-oracle-lts-18.04, linux-tools-4.15.0-169-lowlatency, linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x, linux-headers-oracle, linux-virtual-hwe-16.04-edge, linux-tools-4.15.0-1087-oracle, linux-headers-gcp, linux-gcp-tools-4.15.0-1116, linux-image-lowlatency, linux-raspi2-tools-4.15.0-1103, linux-signed-image-azure-edge, linux-dell300x-headers-4.15.0-1035, linux-image-dell300x, linux-image-generic-hwe-16.04-edge, linux-modules-4.15.0-1131-azure, linux-raspi2, linux-image-extra-virtual-hwe-16.04, linux-modules-extra-gcp, linux-azure-cloud-tools-4.15.0-1131, linux, linux-signed-image-oracle, linux-headers-generic-lpae-hwe-16.04, linux-headers-lowlatency, linux-headers-snapdragon, linux-image-4.15.0-169-lowlatency, linux-cloud-tools-generic, linux-signed-generic-hwe-16.04-edge, linux-headers-4.15.0-169-generic, linux-signed-lowlatency, linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-generic-lpae, linux-tools-oem, linux-cloud-tools-4.15.0-169-generic, linux-image-unsigned-4.15.0-169-generic, linux-tools-azure-edge, linux-azure-4.15, linux-buildinfo-4.15.0-1103-raspi2, linux-aws-hwe, linux-image-unsigned-4.15.0-1116-gcp, linux-headers-4.15.0-1131-azure, linux-kvm-headers-4.15.0-1107, linux-gcp-headers-4.15.0-1116, linux-image-unsigned-4.15.0-1087-oracle, linux-headers-aws-hwe, linux-hwe, linux-libc-dev, linux-lowlatency-hwe-16.04-edge, linux-oracle, linux-signed-lowlatency-hwe-16.04-edge, linux-tools-4.15.0-1107-kvm, linux-headers-virtual-hwe-16.04, linux-modules-extra-gke, linux-image-azure-edge, linux-image-4.15.0-1116-gcp, linux-buildinfo-4.15.0-169-generic, linux-aws, linux-image-4.15.0-1107-kvm, linux-image-extra-virtual-hwe-16.04-edge, linux-modules-extra-4.15.0-169-generic, linux-gcp-4.15-tools-4.15.0-1116, linux-image-oracle-lts-18.04, linux-image-virtual, linux-modules-extra-azure, linux-azure-4.15-tools-4.15.0-1131, linux-tools-raspi2 o USN-5302-1 : linux-oem-5.14-tools-5.14.0-1024, linux-headers-oem-20.04d, linux-tools-oem-20.04, linux-oem-20.04d, linux-modules-5.14.0-1024-oem, linux-oem-5.14-tools-host, linux-image-oem-20.04b, linux-headers-5.14.0-1024-oem, linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d, linux-oem-20.04, linux-image-oem-20.04d, linux-image-5.14.0-1024-oem, linux-oem-20.04b, linux-tools-oem-20.04b, linux-tools-5.14.0-1024-oem, linux-image-unsigned-5.14.0-1024-oem, linux-headers-oem-20.04b, linux-buildinfo-5.14.0-1024-oem, linux-image-oem-20.04, linux-oem-5.14, linux-oem-5.14-headers-5.14.0-1024, linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c o LSN-0085-1 : ibm-5.4, gkeop, gkeop-5.4, gke-4.15, azure-4.15, lowlatency-4.15, generic-5.4, gke, gke-5.4, oem, azure, aws, lowlatency-5.4, ibm, generic-4.4, lowlatency-4.4, generic-4.15, gcp o USN-5362-1 : linux-headers-5.13.0-1010-intel, linux-intel-5.13-tools-host, linux-modules-extra-5.13.0-1010-intel, linux-image-intel, linux-buildinfo-5.13.0-1010-intel, linux-headers-intel, linux-intel-5.13-headers-5.13.0-1010, linux-image-5.13.0-1010-intel, linux-intel-5.13-tools-common, linux-intel-5.13-tools-5.13.0-1010, linux-intel-5.13-cloud-tools-5.13.0-1010, linux-image-unsigned-5.13.0-1010-intel, linux-intel-5.13-source-5.13.0, linux-intel-5.13, linux-intel-5.13-cloud-tools-common, linux-tools-intel, linux-intel, linux-cloud-tools-intel, linux-modules-5.13.0-1010-intel, linux-cloud-tools-5.13.0-1010-intel, linux-tools-5.13.0-1010-intel o USN-5361-1 : linux-signed-generic, linux-tools-virtual-lts-wily, linux-headers-4.4.0-1104-kvm, linux-headers-lowlatency-lts-vivid, linux-signed-generic-lts-utopic, linux-kvm-headers-4.4.0-1104, linux-headers-virtual-lts-vivid, linux-signed-generic-lts-wily, linux-signed-image-generic, linux-cloud-tools-lowlatency-lts-vivid, linux-cloud-tools-common, linux-image-virtual-lts-wily, linux-lowlatency, linux-tools-virtual-lts-utopic, linux-crashdump, linux-tools-common, linux-image-4.4.0-1104-kvm, linux-headers-generic-lts-vivid, linux-signed-image-lowlatency, linux-tools-virtual, linux-modules-extra-aws, linux-virtual-lts-vivid, linux-cloud-tools-lowlatency-lts-wily, linux-aws-headers-4.4.0-1139, linux-cloud-tools-generic-lts-vivid, linux-image-lowlatency-lts-wily, linux-kvm-tools-4.4.0-1104, linux-signed-image-lowlatency-lts-xenial, linux-cloud-tools-lowlatency, linux-hwe-generic-trusty, linux-lowlatency-lts-xenial, linux-modules-4.4.0-1104-kvm, linux-kvm, linux-image-generic-lts-xenial, linux-headers-virtual-lts-xenial, linux-cloud-tools-4.4.0-223-generic, linux-aws-cloud-tools-4.4.0-1139, linux-virtual, linux-generic-lts-xenial, linux-tools-generic-lts-vivid, linux-tools-lowlatency, linux-headers-kvm, linux-signed-image-generic-lts-vivid, linux-tools-virtual-lts-vivid, linux-headers-virtual, linux-image-kvm, linux-tools-4.4.0-1104-kvm, linux-virtual-lts-wily, linux-cloud-tools-virtual-lts-utopic, linux-cloud-tools-virtual, linux-headers-4.4.0-1139-aws, linux-modules-4.4.0-223-generic, linux-image-extra-virtual-lts-wily, linux-cloud-tools-4.4.0-1104-kvm, linux-tools-4.4.0-223, linux-headers-generic-lts-wily, linux-source, linux-modules-4.4.0-1103-aws, linux-image-lowlatency-lts-vivid, linux-image-aws, linux-cloud-tools-4.4.0-1139-aws, linux-cloud-tools-generic-lts-wily, linux-generic, linux-buildinfo-4.4.0-223-generic, linux-image-generic-lts-utopic, linux-source-4.4.0, linux-modules-4.4.0-1139-aws, linux-image-4.4.0-223-generic, linux-generic-lts-vivid, linux-tools-4.4.0-1139-aws, linux-image-virtual-lts-xenial, linux-buildinfo-4.4.0-1104-kvm, linux-cloud-tools-virtual-lts-wily, linux-doc, linux-headers-generic-lts-xenial, linux-tools-generic-lts-xenial, linux-tools-4.4.0-223-generic, linux-cloud-tools-lowlatency-lts-xenial, linux-image-extra-virtual-lts-xenial, linux-aws-headers-4.4.0-1103, linux-headers-virtual-lts-utopic, linux-tools-kvm, linux-headers-generic-lts-utopic, linux-tools-lts-utopic, linux-headers-4.4.0-223, linux-image-hwe-generic-trusty, linux-image-lowlatency-lts-xenial, linux-kvm-cloud-tools-4.4.0-1104, linux-image-virtual-lts-utopic, linux-image-hwe-virtual-trusty, linux-cloud-tools-generic-lts-xenial, linux-signed-generic-lts-vivid, linux-tools-virtual-lts-xenial, linux-headers-4.4.0-1103-aws, linux-image-extra-virtual, linux-lowlatency-lts-vivid, linux-headers-4.4.0-223-generic, linux-signed-image-generic-lts-xenial, linux-image-extra-virtual-lts-utopic, linux-lowlatency-lts-utopic, linux-image-4.4.0-223-lowlatency, linux-tools-host, linux-buildinfo-4.4.0-1139-aws, linux-headers-lowlatency-lts-wily, linux-image-generic-lts-vivid, linux-headers-4.4.0-223-lowlatency, linux-tools-lowlatency-lts-vivid, linux-cloud-tools-4.4.0-1103-aws, linux-cloud-tools-lowlatency-lts-utopic, linux-headers-generic, linux-signed-image-generic-lts-utopic, linux-tools-generic, linux-aws-tools-4.4.0-1139, linux-image-unsigned-4.4.0-223-lowlatency, linux-aws-cloud-tools-4.4.0-1103, linux-signed-image-generic-lts-wily, linux-image-4.4.0-1139-aws, linux-image-4.4.0-1103-aws, linux-image-generic, linux-buildinfo-4.4.0-1103-aws, linux-image-unsigned-4.4.0-223-generic, linux-signed-lowlatency-lts-wily, linux-image-extra-virtual-lts-vivid, linux-virtual-lts-utopic, linux-tools-generic-lts-utopic, linux-image-lowlatency, linux-tools-lowlatency-lts-utopic, linux-image-generic-lts-wily, linux-lts-xenial-cloud-tools-4.4.0-223, linux-aws-tools-4.4.0-1103, linux-cloud-tools-4.4.0-223, linux-headers-lowlatency-lts-utopic, linux-tools-lowlatency-lts-xenial, linux, linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-xenial, linux-cloud-tools-virtual-lts-vivid, linux-buildinfo-4.4.0-223-lowlatency, linux-generic-lts-wily, linux-headers-lowlatency, linux-signed-generic-lts-xenial, linux-signed-lowlatency-lts-xenial, linux-cloud-tools-generic-lts-utopic, linux-cloud-tools-generic, linux-tools-4.4.0-1103-aws, linux-tools-generic-lts-wily, linux-signed-lowlatency, linux-modules-4.4.0-223-lowlatency, linux-modules-extra-4.4.0-1139-aws, linux-hwe-virtual-trusty, linux-tools-4.4.0-223-lowlatency, linux-libc-dev, linux-lts-xenial, linux-tools-aws, linux-tools-lowlatency-lts-wily, linux-modules-extra-4.4.0-223-generic, linux-cloud-tools-4.4.0-223-lowlatency, linux-headers-aws, linux-aws, linux-image-virtual-lts-vivid, linux-lts-xenial-tools-4.4.0-223, linux-virtual-lts-xenial, linux-signed-image-lowlatency-lts-wily, linux-headers-virtual-lts-wily, linux-image-virtual, linux-lowlatency-lts-wily, linux-cloud-tools-virtual-lts-xenial, linux-generic-lts-utopic o USN-5358-1 : linux-modules-extra-azure-lts-20.04, linux-headers-5.13.0-39-generic-lpae, linux-tools-generic-hwe-18.04, linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge, linux-modules-extra-oracle, linux-headers-gke, linux-azure-headers-5.4.0-1074, linux-cloud-tools-common, linux-image-aws-lts-20.04, linux-tools-5.4.0-1061-kvm, linux-lowlatency, linux-image-oracle-edge, linux-tools-common, linux-cloud-tools-5.4.0-107-generic, linux-generic-64k, linux-generic-hwe-18.04-edge, linux-image-5.13.0-1020-kvm, linux-cloud-tools-lowlatency, linux-headers-oem-20.04, linux-image-generic-64k-hwe-20.04, linux-oem, linux-tools-oracle-lts-20.04, linux-gcp-headers-5.13.0-1023, linux-image-5.13.0-39-generic-64k, linux-headers-virtual, linux-hwe-5.4-cloud-tools-common, linux-oracle-lts-20.04, linux-image-generic-hwe-20.04-edge, linux-hwe-5.13-tools-5.13.0-39, linux-headers-generic-lpae-hwe-18.04, linux-snapdragon-hwe-18.04, linux-modules-5.4.0-1069-oracle, linux-headers-5.13.0-1021-aws, linux-image-5.4.0-1069-oracle, linux-image-aws, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-hwe-5.13, linux-modules-5.13.0-1021-aws, linux-tools-5.13.0-1023-gcp, linux-doc, linux-tools-generic-hwe-20.04-edge, linux-image-extra-virtual-hwe-20.04, linux-kvm-headers-5.13.0-1020, linux-tools-5.4.0-1069-oracle, linux-image-unsigned-5.4.0-1061-kvm, linux-headers-5.13.0-39, linux-buildinfo-5.13.0-1023-gcp, linux-image-oracle-lts-20.04, linux-buildinfo-5.4.0-1069-oracle, linux-tools-generic-lpae-hwe-20.04, linux-image-extra-virtual, linux-signed-image-oracle-edge, linux-oem-20.04, linux-headers-azure-lts-20.04, linux-modules-5.4.0-1061-kvm, linux-image-5.13.0-1023-gcp, linux-tools-5.13.0-1021-aws, linux-headers-5.4.0-107-generic-lpae, linux-headers-oracle-lts-20.04, linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04, linux-headers-generic-64k, linux-generic-lpae-hwe-18.04-edge, linux-modules-5.13.0-39-generic, linux-modules-5.4.0-107-lowlatency, linux-hwe-5.4-source-5.4.0, linux-generic-lpae, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-headers-generic-hwe-18.04-edge, linux-headers-gcp, linux-image-unsigned-5.13.0-39-generic-64k, linux-modules-extra-5.13.0-1021-aws, linux-aws-lts-20.04, linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-oracle-edge, linux-buildinfo-5.13.0-39-lowlatency, linux-headers-generic-lpae, linux-image-oem-osp1, linux-lowlatency-hwe-18.04, linux-cloud-tools-5.13.0-39, linux-source-5.13.0, linux-oem-osp1, linux-libc-dev, linux-image-virtual-hwe-18.04-edge, linux-image-unsigned-5.13.0-1021-aws, linux-oracle-headers-5.4.0-1069, linux-modules-5.13.0-39-generic-lpae, linux-tools-5.13.0-1025-oracle, linux-oracle-edge, linux-cloud-tools-5.13.0-39-lowlatency, linux-buildinfo-5.13.0-39-generic, linux-image-5.4.0-1061-kvm, linux-tools-lowlatency-hwe-18.04-edge, linux-gcp-tools-5.13.0-1023, linux-tools-lowlatency-hwe-18.04, linux-tools-azure-lts-20.04, linux-image-azure-lts-20.04, linux-aws-cloud-tools-5.4.0-1071, linux-tools-virtual, linux-buildinfo-5.13.0-1021-aws, linux-modules-extra-aws, linux-tools-generic-64k-hwe-20.04, linux-hwe-5.13-headers-5.13.0-39, linux-headers-virtual-hwe-18.04, linux-cloud-tools-generic-hwe-20.04-edge, linux-gke, linux-oracle-5.4-headers-5.4.0-1069, linux-tools-lowlatency, linux-aws-headers-5.4.0-1071, linux-headers-5.4.0-1069-oracle, linux-image-gcp, linux-headers-oem, linux-image-5.13.0-39-lowlatency, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-18.04-edge, linux-image-5.4.0-107-lowlatency, linux-headers-generic-hwe-20.04-edge, linux-source-5.4.0, linux-tools-oracle, linux-modules-extra-5.13.0-1023-gcp, linux-headers-5.13.0-1020-kvm, linux-headers-5.4.0-107-generic, linux-image-oracle, linux-buildinfo-5.4.0-1074-azure, linux-modules-5.4.0-107-generic-lpae, linux-image-generic-lpae-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-headers-generic-lpae-hwe-20.04-edge, linux-aws-tools-5.13.0-1021, linux-headers-virtual-hwe-20.04, linux-image-oem, linux-headers-lowlatency-hwe-18.04, linux-cloud-tools-5.13.0-1021-aws, linux-image-unsigned-5.4.0-107-lowlatency, linux-cloud-tools-virtual-hwe-20.04, linux-hwe-5.13-tools-host, linux-image-generic-lpae-hwe-18.04, linux-modules-extra-5.4.0-1074-azure, linux-tools-generic, linux-tools-5.13.0-39-generic-lpae, linux-oem-tools-host, linux-modules-extra-5.4.0-1069-oracle, linux-buildinfo-5.13.0-39-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-tools-common, linux-headers-virtual-hwe-20.04-edge, linux-modules-5.13.0-39-lowlatency, linux-headers-oracle, linux-cloud-tools-5.4.0-1071-aws, linux-buildinfo-5.4.0-107-generic-lpae, linux-image-extra-virtual-hwe-18.04-edge, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-image-5.13.0-1021-aws, linux-tools-5.4.0-107-lowlatency, linux-image-unsigned-5.4.0-1074-azure, linux-kvm-tools-5.13.0-1020, linux-image-lowlatency-hwe-18.04, linux-aws-headers-5.13.0-1021, linux-modules-extra-gke, linux-cloud-tools-5.4.0-107, linux-headers-5.13.0-1025-oracle, linux-tools-snapdragon-hwe-18.04, linux-headers-5.4.0-107-lowlatency, linux-headers-5.4.0-1071-aws, linux-hwe-5.13-cloud-tools-common, linux-buildinfo-5.13.0-39-generic-lpae, linux-image-5.4.0-1074-azure, linux-oracle-5.4-tools-5.4.0-1069, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-unsigned-5.13.0-1025-oracle, linux-azure-cloud-tools-5.4.0-1074, linux-image-generic-64k-hwe-20.04-edge, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-hwe-5.13-cloud-tools-5.13.0-39, linux-oracle-headers-5.13.0-1025, linux-tools-oracle-edge, linux-oracle-tools-5.4.0-1069, linux-image-unsigned-5.4.0-1069-oracle, linux-tools-5.4.0-1071-aws, linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4, linux-image-unsigned-5.13.0-39-generic, linux-buildinfo-5.13.0-1025-oracle, linux-image-virtual-hwe-18.04, linux-kvm, linux-hwe-5.4-cloud-tools-5.4.0-107, linux-modules-extra-virtual-hwe-18.04, linux-headers-kvm, linux-tools-5.13.0-1020-kvm, linux-tools-virtual-hwe-20.04-edge, linux-buildinfo-5.4.0-1061-kvm, linux-image-kvm, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-headers-generic-64k-hwe-20.04, linux-tools-gke, linux-modules-5.13.0-1023-gcp, linux-source, linux-headers-lowlatency-hwe-20.04, linux-modules-5.4.0-1074-azure, linux-kvm-tools-5.4.0-1061, linux-tools-virtual-hwe-18.04-edge, linux-cloud-tools-5.4.0-1074-azure, linux-signed-oracle, linux-cloud-tools-5.13.0-39-generic, linux-headers-oracle-edge, linux-image-generic-hwe-20.04, linux-buildinfo-5.4.0-1071-aws, linux-headers-aws-lts-20.04, linux-image-5.4.0-107-generic, linux-generic-hwe-20.04, linux-cloud-tools-5.4.0-107-lowlatency, linux-azure, linux-tools-kvm, linux-image-virtual-hwe-20.04, linux-tools-5.4.0-107, linux-tools-host, linux-image-unsigned-5.4.0-1071-aws, linux-tools-virtual-hwe-20.04, linux-hwe-5.4-headers-5.4.0-107, linux-image-extra-virtual-hwe-18.04, linux-headers-5.4.0-1061-kvm, linux-tools-5.13.0-39, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-aws-cloud-tools-5.13.0-1021, linux-cloud-tools-virtual-hwe-20.04-edge, linux-gcp, linux-buildinfo-5.4.0-107-lowlatency, linux-tools-5.4.0-1074-azure, linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04, linux-tools-generic-64k, linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge, linux-buildinfo-5.4.0-107-generic, linux-tools-5.13.0-39-lowlatency, linux-cloud-tools-virtual-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04-edge, linux-headers-lowlatency-hwe-18.04-edge, linux-signed-image-oracle, linux-headers-generic-hwe-20.04, linux-cloud-tools-generic-hwe-18.04-edge, linux-tools-5.4.0-107-generic-lpae, linux-generic-64k-hwe-20.04, linux-headers-generic-hwe-18.04, linux-tools-aws, linux-image-oem-20.04, linux-cloud-tools-azure-lts-20.04, linux-aws, linux-modules-5.4.0-107-generic, linux-image-5.4.0-1071-aws, linux-image-virtual, linux-tools-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04-edge, linux-image-5.4.0-107-generic-lpae, linux-image-gke, linux-image-generic-64k, linux-headers-5.13.0-1023-gcp, linux-tools-5.13.0-39-generic-64k, linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump, linux-virtual-hwe-20.04, linux-virtual-hwe-18.04, linux-modules-extra-5.13.0-39-generic, linux-image-generic-hwe-18.04, linux-buildinfo-5.13.0-1020-kvm, linux-aws-tools-5.4.0-1071, linux-modules-extra-5.4.0-107-generic, linux-headers-5.13.0-39-generic-64k, linux-tools-oem-osp1, linux-image-5.13.0-1025-oracle, linux-tools-lowlatency-hwe-20.04-edge, linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-virtual-hwe-20.04-edge, linux-snapdragon-hwe-18.04-edge, linux-image-5.13.0-39-generic-lpae, linux-cloud-tools-lowlatency-hwe-20.04, linux-hwe-5.4-tools-5.4.0-107, linux-tools-generic-hwe-20.04, linux-virtual, linux-image-generic-lpae-hwe-18.04-edge, linux-azure-lts-20.04, linux-lowlatency-hwe-20.04-edge, linux-cloud-tools-virtual, linux-lowlatency-hwe-18.04-edge, linux-headers-generic-lpae-hwe-18.04-edge, linux-tools-aws-lts-20.04, linux-tools-5.4.0-107-generic, linux-modules-5.13.0-39-generic-64k, linux-cloud-tools-virtual-hwe-18.04, linux-hwe-5.13-source-5.13.0, linux-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04, linux-image-unsigned-5.13.0-39-lowlatency, linux-azure-tools-5.4.0-1074, linux-image-extra-virtual-hwe-20.04-edge, linux-modules-5.13.0-1025-oracle, linux-headers-5.13.0-39-generic, linux-signed-oracle-edge, linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge, linux-image-unsigned-5.4.0-107-generic, linux-image-5.13.0-39-generic, linux-image-virtual-hwe-20.04-edge, linux-cloud-tools-lowlatency-hwe-18.04, linux-oracle-tools-5.13.0-1025, linux-modules-extra-5.4.0-1071-aws, linux-modules-extra-5.13.0-1025-oracle, linux-generic-lpae-hwe-20.04, linux-modules-5.4.0-1071-aws, linux-modules-5.13.0-1020-kvm, linux-oem-osp1-tools-host, linux-kvm-headers-5.4.0-1061, linux-image-lowlatency, linux-generic-hwe-18.04, linux-headers-5.4.0-107, linux, linux-headers-lowlatency, linux-cloud-tools-generic, linux-image-unsigned-5.13.0-1020-kvm, linux-headers-5.13.0-39-lowlatency, linux-image-generic-hwe-18.04-edge, linux-image-unsigned-5.13.0-1023-gcp, linux-tools-oem, linux-lowlatency-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-hwe-5.4-tools-common, linux-oracle, linux-headers-5.4.0-1074-azure, linux-headers-aws, linux-tools-5.13.0-39-generic o USN-5358-2 : linux-cloud-tools-gkeop, linux-image-5.4.0-1074-azure, linux-gcp-5.4-tools-5.4.0-1069, linux-buildinfo-5.4.0-1058-raspi, linux-image-raspi2-hwe-18.04-edge, linux-image-gke, linux-azure-5.4-headers-5.4.0-1074, linux-headers-gke, linux-modules-extra-5.13.0-1021-azure, linux-headers-5.13.0-1023-gcp, linux-gcp-edge, linux-image-5.13.0-1024-raspi-nolpae, linux-buildinfo-5.4.0-1019-ibm, linux-image-raspi-nolpae, linux-azure-edge, linux-gkeop-5.4-cloud-tools-5.4.0-1038, linux-gcp-5.13, linux-ibm-source-5.4.0, linux-raspi-5.4-headers-5.4.0-1058, linux-tools-5.13.0-1024-raspi, linux-image-gkeop-5.4, linux-headers-5.4.0-1067-gke, linux-modules-5.4.0-1067-gke, linux-image-5.4.0-1058-raspi, linux-modules-extra-azure-fde, linux-modules-5.4.0-1038-gkeop, linux-image-raspi, linux-modules-extra-5.13.0-1024-raspi, linux-buildinfo-5.13.0-1021-aws, linux-azure-cloud-tools-5.13.0-1021, linux-image-azure-fde, linux-signed-azure-edge, linux-tools-gcp-lts-20.04, linux-cloud-tools-gkeop-5.4, linux-modules-extra-aws, linux-modules-extra-5.4.0-1069-gcp, linux-modules-extra-raspi, linux-image-ibm-edge, linux-azure-headers-5.13.0-1021, linux-raspi-tools-5.4.0-1058, linux-tools-azure-fde, linux-headers-ibm, linux-headers-5.4.0-1019-ibm, linux-headers-azure-edge, linux-modules-extra-raspi-nolpae, linux-gkeop-5.4, linux-tools-5.4.0-1071-aws, linux-tools-aws-edge, linux-image-raspi2, linux-headers-raspi-nolpae, linux-headers-raspi, linux-buildinfo-5.4.0-1038-gkeop, linux-modules-5.13.0-1021-azure, linux-buildinfo-5.4.0-1067-gke, linux-gke, linux-gkeop-5.4-headers-5.4.0-1038, linux-gcp-lts-20.04, linux-gkeop-source-5.4.0, linux-headers-raspi-hwe-18.04-edge, linux-image-5.4.0-1019-ibm, linux-image-5.4.0-1067-gke, linux-headers-gkeop-5.4, linux-headers-gcp-lts-20.04, linux-cloud-tools-5.13.0-1021-azure, linux-raspi2-hwe-18.04, linux-tools-ibm-edge, linux-ibm-cloud-tools-common, linux-image-gcp, linux-image-ibm-lts-20.04, linux-modules-5.13.0-1024-raspi-nolpae, linux-modules-extra-gkeop-5.4, linux-ibm-tools-5.4.0-1019, linux-raspi-headers-5.4.0-1058, linux-ibm-5.4, linux-gkeop-headers-5.4.0-1038, linux-modules-extra-azure-edge, linux-image-unsigned-5.4.0-1069-gcp, linux-tools-gke, linux-modules-5.13.0-1024-raspi, linux-gcp-5.13-headers-5.13.0-1023, linux-headers-ibm-edge, linux-modules-5.13.0-1023-gcp, linux-headers-5.13.0-1021-aws, linux-modules-extra-5.4.0-1038-gkeop, linux-aws-5.4-headers-5.4.0-1071, linux-image-aws, linux-modules-5.4.0-1074-azure, linux-headers-5.4.0-1058-raspi, linux-gcp-5.13-tools-5.13.0-1023, linux-tools-gcp, linux-tools-5.13.0-1021-azure, linux-aws-5.13-tools-5.13.0-1021, linux-image-raspi2-hwe-18.04, linux-tools-ibm, linux-modules-extra-5.13.0-1023-gcp, linux-cloud-tools-5.4.0-1074-azure, linux-modules-5.13.0-1021-aws, linux-tools-raspi2-hwe-18.04, linux-gkeop, linux-headers-ibm-lts-20.04, linux-cloud-tools-5.4.0-1038-gkeop, linux-buildinfo-5.4.0-1074-azure, linux-headers-aws-edge, linux-tools-5.13.0-1023-gcp, linux-image-5.4.0-1074-azure-fde, linux-tools-raspi-hwe-18.04-edge, linux-buildinfo-5.4.0-1071-aws, linux-headers-gke-5.4, linux-tools-azure, linux-azure-5.4-cloud-tools-5.4.0-1074, linux-tools-raspi-hwe-18.04, linux-image-5.13.0-1021-azure, linux-image-raspi-hwe-18.04-edge, linux-modules-extra-ibm-edge, linux-image-unsigned-5.4.0-1019-ibm, linux-signed-image-azure, linux-image-azure, linux-aws-5.13-cloud-tools-5.13.0-1021, linux-azure, linux-raspi2-hwe-18.04-edge, linux-aws-5.13, linux-buildinfo-5.13.0-1023-gcp, linux-ibm-5.4-tools-common, linux-raspi, linux-image-raspi-hwe-18.04, linux-tools-ibm-lts-20.04, linux-azure-5.4, linux-azure-fde, linux-azure-tools-5.13.0-1021, linux-headers-raspi2, linux-image-ibm, linux-tools-5.4.0-1058-raspi, linux-image-unsigned-5.4.0-1038-gkeop, linux-tools-gkeop-5.4, linux-raspi-hwe-18.04, linux-cloud-tools-5.13.0-1021-aws, linux-buildinfo-5.13.0-1021-azure, linux-gkeop-5.4-tools-5.4.0-1038, linux-headers-5.13.0-1024-raspi, linux-image-aws-edge, linux-image-unsigned-5.4.0-1071-aws, linux-raspi-hwe-18.04-edge, linux-gke-headers-5.4.0-1067, linux-modules-extra-gkeop, linux-ibm-5.4-headers-5.4.0-1019, linux-modules-extra-5.4.0-1074-azure, linux-tools-raspi, linux-tools-5.4.0-1069-gcp, linux-tools-5.4.0-1038-gkeop, linux-image-5.13.0-1023-gcp, linux-headers-raspi2-hwe-18.04, linux-tools-5.13.0-1021-aws, linux-tools-gke-5.4, linux-headers-azure, linux-image-gke-5.4, linux-aws-5.4, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-aws-edge, linux-gke-5.4-headers-5.4.0-1067, linux-headers-gcp-edge, linux-gkeop-cloud-tools-5.4.0-1038, linux-headers-gkeop, linux-headers-5.4.0-1038-gkeop, linux-ibm, linux-signed-azure, linux-headers-5.13.0-1021-azure, linux-tools-5.4.0-1074-azure, linux-modules-extra-5.4.0-1071-aws, linux-tools-raspi-nolpae, linux-tools-raspi2-hwe-18.04-edge, linux-raspi-nolpae, linux-modules-extra-5.13.0-1024-raspi-nolpae, linux-ibm-edge, linux-raspi-5.4, linux-buildinfo-5.4.0-1069-gcp, linux-raspi-tools-5.13.0-1024, linux-image-gkeop, linux-ibm-lts-20.04, linux-modules-5.4.0-1071-aws, linux-gcp-headers-5.4.0-1069, linux-image-gcp-edge, linux-headers-5.4.0-1069-gcp, linux-cloud-tools-5.4.0-1071-aws, linux-image-5.4.0-1069-gcp, linux-gke-tools-5.4.0-1067, linux-image-unsigned-5.4.0-1074-azure-fde, linux-modules-extra-5.13.0-1021-aws, linux-headers-gcp, linux-modules-extra-5.4.0-1067-gke, linux-tools-5.4.0-1067-gke, linux-modules-extra-gcp-edge, linux-signed-image-azure-edge, linux-modules-extra-aws-edge, linux-modules-extra-gke-5.4, linux-tools-gcp-edge, linux-buildinfo-5.13.0-1024-raspi, linux-headers-raspi2-hwe-18.04-edge, linux-raspi2, linux-ibm-headers-5.4.0-1019, linux-modules-extra-gcp, linux-ibm-5.4-source-5.4.0, linux-image-5.13.0-1021-aws, linux-modules-extra-5.4.0-1019-ibm, linux-aws-5.13-headers-5.13.0-1021, linux-modules-5.4.0-1019-ibm, linux-image-unsigned-5.4.0-1074-azure, linux-headers-raspi-hwe-18.04, linux-image-unsigned-5.13.0-1023-gcp, linux-gcp-5.4, linux-image-unsigned-5.13.0-1021-azure, linux-gcp-tools-5.4.0-1069, linux-aws-5.4-cloud-tools-5.4.0-1071, linux-gkeop-tools-5.4.0-1038, linux-modules-5.4.0-1069-gcp, linux-gke-5.4-tools-5.4.0-1067, linux-modules-extra-ibm, linux-tools-azure-edge, linux-image-5.13.0-1024-raspi, linux-buildinfo-5.13.0-1024-raspi-nolpae, linux-tools-gkeop, linux-gke-5.4, linux-image-unsigned-5.4.0-1067-gke, linux-modules-extra-ibm-lts-20.04, linux-tools-aws, linux-ibm-5.4-tools-5.4.0-1019, linux-azure-5.4-tools-5.4.0-1074, linux-modules-extra-gke, linux-headers-5.4.0-1074-azure, linux-image-azure-edge, linux-aws-5.4-tools-5.4.0-1071, linux-headers-aws, linux-image-5.4.0-1038-gkeop, linux-image-gcp-lts-20.04, linux-aws, linux-cloud-tools-azure-fde, linux-ibm-5.4-cloud-tools-common, linux-headers-azure-fde, linux-gcp-5.4-headers-5.4.0-1069, linux-gkeop-5.4-source-5.4.0, linux-image-5.4.0-1071-aws, linux-modules-extra-gcp-lts-20.04, linux-ibm-tools-common, linux-modules-extra-azure, linux-raspi-5.4-tools-5.4.0-1058, linux-tools-5.13.0-1024-raspi-nolpae, linux-headers-5.13.0-1024-raspi-nolpae, linux-headers-5.4.0-1071-aws, linux-raspi-headers-5.13.0-1024, linux-image-unsigned-5.13.0-1021-aws, linux-modules-5.4.0-1058-raspi, linux-tools-5.4.0-1019-ibm, linux-tools-raspi2 o USN-5353-1 : linux-headers-5.14.0-1031-oem, linux-oem-5.14-tools-5.14.0-1031, linux-buildinfo-5.14.0-1031-oem, linux-image-5.14.0-1031-oem, linux-headers-oem-20.04d, linux-tools-oem-20.04, linux-oem-20.04d, linux-oem-5.14-tools-host, linux-image-oem-20.04b, linux-tools-5.14.0-1031-oem, linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d, linux-oem-20.04, linux-image-unsigned-5.14.0-1031-oem, linux-image-oem-20.04d, linux-modules-5.14.0-1031-oem, linux-oem-20.04b, linux-tools-oem-20.04b, linux-oem-5.14-headers-5.14.0-1031, linux-headers-oem-20.04b, linux-oem-5.14, linux-image-oem-20.04, linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c o USN-5357-1 : linux-tools-4.15.0-175-generic-lpae, linux-signed-generic, linux-image-virtual-hwe-16.04, linux-image-4.15.0-175-generic, linux-image-4.15.0-175-lowlatency, linux-signed-image-lowlatency-hwe-16.04-edge, linux-tools-generic-hwe-16.04, linux-tools-4.15.0-1125-snapdragon, linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-tools-virtual-hwe-16.04-edge, linux-buildinfo-4.15.0-175-lowlatency, linux-cloud-tools-common, linux-virtual-hwe-16.04, linux-tools-azure-lts-18.04, linux-aws-headers-4.15.0-1126, linux-cloud-tools-virtual-hwe-16.04, linux-lowlatency, linux-image-unsigned-4.15.0-1136-azure, linux-headers-4.15.0-1136-azure, linux-tools-4.15.0-1136-azure, linux-crashdump, linux-image-4.15.0-1040-dell300x, linux-tools-common, linux-modules-extra-azure-lts-18.04, linux-azure-4.15-tools-4.15.0-1136, linux-buildinfo-4.15.0-175-generic, linux-tools-4.15.0-175-generic, linux-signed-azure-lts-18.04, linux-modules-4.15.0-175-generic-lpae, linux-headers-4.15.0-175-generic-lpae, linux-signed-image-lowlatency, linux-tools-virtual, linux-cloud-tools-4.15.0-1136-azure, linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04, linux-image-generic-lpae-hwe-16.04, linux-signed-oem, linux-image-unsigned-4.15.0-175-lowlatency, linux-tools-4.15.0-1040-dell300x, linux-cloud-tools-lowlatency, linux-headers-4.15.0-175, linux-tools-virtual-hwe-16.04, linux-kvm, linux-headers-generic-hwe-16.04, linux-image-azure-lts-18.04, linux-tools-4.15.0-1126-aws, linux-dell300x-tools-4.15.0-1040, linux-oem, linux-azure-lts-18.04, linux-cloud-tools-4.15.0-1126-aws, linux-virtual, linux-buildinfo-4.15.0-175-generic-lpae, linux-tools-lowlatency, linux-headers-kvm, linux-image-4.15.0-1136-azure, linux-image-generic-hwe-16.04, linux-headers-virtual, linux-modules-4.15.0-1112-kvm, linux-image-lowlatency-hwe-16.04-edge, linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-oem, linux-snapdragon-tools-4.15.0-1125, linux-image-kvm, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-generic-hwe-16.04-edge, linux-modules-extra-4.15.0-1136-azure, linux-snapdragon-headers-4.15.0-1125, linux-cloud-tools-4.15.0-175, linux-source, linux-headers-4.15.0-175-generic, linux-tools-4.15.0-175, linux-generic, linux-cloud-tools-azure-lts-18.04, linux-hwe-tools-4.15.0-175, linux-buildinfo-4.15.0-1136-azure, linux-aws-lts-18.04, linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04, linux-headers-lowlatency-hwe-16.04, linux-buildinfo-4.15.0-1125-snapdragon, linux-headers-4.15.0-1040-dell300x, linux-tools-lowlatency-hwe-16.04-edge, linux-headers-4.15.0-1125-snapdragon, linux-cloud-tools-generic-hwe-16.04, linux-doc, linux-lowlatency-hwe-16.04, linux-headers-virtual-hwe-16.04-edge, linux-modules-4.15.0-175-lowlatency, linux-tools-dell300x, linux-image-4.15.0-1126-aws, linux-hwe-cloud-tools-4.15.0-175, linux-modules-4.15.0-1136-azure, linux-aws-tools-4.15.0-1126, linux-tools-kvm, linux-tools-generic-lpae-hwe-16.04-edge, linux-headers-lowlatency-hwe-16.04-edge, linux-cloud-tools-4.15.0-175-generic, linux-modules-4.15.0-1126-aws, linux-signed-lowlatency-hwe-16.04, linux-kvm-tools-4.15.0-1112, linux-headers-azure-lts-18.04, linux-headers-generic-hwe-16.04-edge, linux-aws-cloud-tools-4.15.0-1126, linux-image-unsigned-4.15.0-175-generic, linux-generic-lpae-hwe-16.04-edge, linux-image-extra-virtual, linux-image-oem, linux-snapdragon, linux-tools-aws-lts-18.04, linux-headers-dell300x, linux-signed-image-lowlatency-hwe-16.04, linux-buildinfo-4.15.0-1126-aws, linux-headers-generic-lpae-hwe-16.04-edge, linux-tools-host, linux-signed-image-azure-lts-18.04, linux-modules-4.15.0-175-generic, linux-modules-4.15.0-1040-dell300x, linux-tools-snapdragon, linux-tools-generic-lpae-hwe-16.04, linux-azure-4.15-headers-4.15.0-1136, linux-cloud-tools-generic-hwe-16.04-edge, linux-image-4.15.0-175-generic-lpae, linux-image-lowlatency-hwe-16.04, linux-tools-generic-lpae, linux-headers-generic, linux-signed-image-oem, linux-tools-generic, linux-signed-image-generic-hwe-16.04, linux-tools-lowlatency-hwe-16.04, linux-image-snapdragon, linux-headers-4.15.0-1112-kvm, linux-source-4.15.0, linux-tools-generic-hwe-16.04-edge, linux-cloud-tools-4.15.0-175-lowlatency, linux-generic-hwe-16.04, linux-image-virtual-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-image-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1112-kvm, linux-image-generic, linux-tools-4.15.0-1112-kvm, linux-kvm-headers-4.15.0-1112, linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x, linux-virtual-hwe-16.04-edge, linux-image-lowlatency, linux-buildinfo-4.15.0-1040-dell300x, linux-image-dell300x, linux-image-generic-hwe-16.04-edge, linux-tools-4.15.0-175-lowlatency, linux-image-extra-virtual-hwe-16.04, linux-headers-4.15.0-175-lowlatency, linux-image-4.15.0-1125-snapdragon, linux-image-unsigned-4.15.0-1040-dell300x, linux, linux-headers-generic-lpae-hwe-16.04, linux-headers-4.15.0-1126-aws, linux-headers-lowlatency, linux-headers-snapdragon, linux-cloud-tools-generic, linux-signed-generic-hwe-16.04-edge, linux-dell300x-headers-4.15.0-1040, linux-signed-lowlatency, linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-generic-lpae, linux-tools-oem, linux-azure-4.15, linux-modules-4.15.0-1125-snapdragon, linux-azure-4.15-cloud-tools-4.15.0-1136, linux-libc-dev, linux-hwe, linux-signed-lowlatency-hwe-16.04-edge, linux-lowlatency-hwe-16.04-edge, linux-headers-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1126-aws, linux-modules-extra-4.15.0-175-generic, linux-aws, linux-image-extra-virtual-hwe-16.04-edge, linux-image-virtual, linux-modules-extra-4.15.0-1126-aws, linux-buildinfo-4.15.0-1112-kvm o USN-5357-2 : linux-tools-gcp-lts-18.04, linux-raspi2-tools-4.15.0-1107, linux-modules-4.15.0-1091-oracle, linux-gcp-lts-18.04, linux-image-gke, linux-headers-gke, linux-image-4.15.0-1126-aws-hwe, linux-aws-headers-4.15.0-1126, linux-azure-edge, linux-image-unsigned-4.15.0-1120-gcp, linux-image-unsigned-4.15.0-1136-azure, linux-headers-4.15.0-1136-azure, linux-aws-hwe-cloud-tools-4.15.0-1126, linux-tools-4.15.0-1136-azure, linux-aws-hwe-tools-4.15.0-1126, linux-buildinfo-4.15.0-1120-gcp, linux-buildinfo-4.15.0-1107-raspi2, linux-tools-4.15.0-1107-raspi2, linux-headers-gcp-lts-18.04, linux-cloud-tools-4.15.0-1136-azure, linux-signed-azure-edge, linux-image-aws-hwe, linux-headers-azure-edge, linux-modules-extra-aws-hwe, linux-image-raspi2, linux-image-4.15.0-1120-gcp, linux-tools-4.15.0-1126-aws, linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-gcp-4.15-headers-4.15.0-1120, linux-cloud-tools-4.15.0-1126-aws, linux-image-4.15.0-1136-azure, linux-image-gcp, linux-buildinfo-4.15.0-1091-oracle, linux-tools-4.15.0-1091-oracle, linux-modules-extra-azure-edge, linux-tools-gke, linux-modules-extra-4.15.0-1136-azure, linux-tools-gcp, linux-azure-tools-4.15.0-1136, linux-tools-oracle, linux-buildinfo-4.15.0-1136-azure, linux-signed-image-oracle-lts-18.04, linux-headers-4.15.0-1120-gcp, linux-image-oracle, linux-signed-oracle, linux-headers-oracle-lts-18.04, linux-image-4.15.0-1091-oracle, linux-tools-azure, linux-azure-cloud-tools-4.15.0-1136, linux-modules-4.15.0-1136-azure, linux-signed-image-azure, linux-image-azure, linux-azure, linux-oracle-headers-4.15.0-1091, linux-modules-4.15.0-1126-aws, linux-image-unsigned-4.15.0-1091-oracle, linux-headers-raspi2, linux-oracle-tools-4.15.0-1091, linux-gcp-4.15, linux-buildinfo-4.15.0-1126-aws, linux-modules-extra-gcp-lts-18.04, linux-headers-4.15.0-1091-oracle, linux-gcp-headers-4.15.0-1120, linux-headers-azure, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-signed-azure, linux-aws-edge, linux-modules-4.15.0-1107-raspi2, linux-oracle-lts-18.04, linux-signed-oracle-lts-18.04, linux-modules-extra-4.15.0-1120-gcp, linux-tools-oracle-lts-18.04, linux-gcp-4.15-tools-4.15.0-1120, linux-headers-oracle, linux-modules-extra-4.15.0-1091-oracle, linux-headers-gcp, linux-signed-image-azure-edge, linux-raspi2, linux-modules-extra-gcp, linux-signed-image-oracle, linux-headers-4.15.0-1126-aws, linux-raspi2-headers-4.15.0-1107, linux-headers-4.15.0-1107-raspi2, linux-azure-headers-4.15.0-1136, linux-tools-azure-edge, linux-aws-hwe, linux-headers-aws-hwe, linux-modules-4.15.0-1120-gcp, linux-oracle, linux-modules-extra-gke, linux-image-azure-edge, linux-image-unsigned-4.15.0-1126-aws, linux-tools-4.15.0-1120-gcp, linux-image-4.15.0-1107-raspi2, linux-gcp-tools-4.15.0-1120, linux-image-oracle-lts-18.04, linux-modules-extra-azure, linux-modules-extra-4.15.0-1126-aws, linux-tools-raspi2 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjJONLKJtyKPYoAQj75g/8C2xOH4/NCxw1f3omNrODuwca/NvbJ10g JY+5kkU/5K/fj/gIxf8wnz0+v7XwZnS4bJcPhu1FqDgd7S1T1f30UWxwxFhrRkH2 +6wOXRLQJECpAysV6jJJdg8h2FbzhLupOZUExPeKP7MgIPx4/XMgPhbFLpfvPzh+ Fw+FSgR2v1mBuOE4+CdqyV0KVfv+z3ioxbXOPTJ47l8AkpEyH/JEF/QCG5qjo1RC KtQhUII+tYcq4xjY86iFKmzmyAMQPg8AsCgzEe3ayxh72KuyWN32XgR9Afrf/44l 6ZaqFRPuS70/Z+rk7+SWUzj1hPwA/qC7Er8aHG4iBlnFG4S14CYW8fE3zaEWKQSe f26MpFI6Lw7lPN9VPUiB6EhzR60IjMsmVUBSRUeSg+0uXHy4rF0iz4KxbhDpUupg 3WPdtSFXTFN9EEAzNaW38dnta2KzkH/r3reyV1mbYASMmWq3e1+RsNMxX1WxEuDN ed+FCAvLcoCNfB1PfbSnx/MCzzG3rGsUzKLdpFe4+T7RfrZHy4vH85mwPEj/2AV4 BHCe3djNz24OjMyMAzx8vjTGE8DI7z0unFwld/3CM8h1YeEvVOGR8w0fL9qxiIDa D4GrnNxyVaLzgrDXitVnENp1YuCgCj7Q4gflGfK3pyVICzG49vWp3mZ6GYyVQxqu vpb2kho2oXE= =KrMX -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1628 - [Ubuntu] nginx: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1628 USN-5371-1: nginx vulnerabilities 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nginx Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2021-3618 CVE-2020-36309 CVE-2020-11724 Original Bulletin: https://ubuntu.com/security/notices/USN-5371-1 Comment: CVSS (Max): 7.5 CVE-2020-11724 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5371-1: nginx vulnerabilities 12 April 2022 Several security issues were fixed in nginx. Releases o Ubuntu 21.10 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS o Ubuntu 16.04 ESM Packages o nginx - small, powerful, scalable web/proxy server Details It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. ( CVE-2020-11724 ) It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. ( CVE-2020-36309 ) It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains. ( CVE-2021-3618 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10 o nginx-light - 1.18.0-6ubuntu11.1 o nginx-extras - 1.18.0-6ubuntu11.1 o nginx-core - 1.18.0-6ubuntu11.1 Ubuntu 20.04 o nginx-light - 1.18.0-0ubuntu1.3 o nginx-extras - 1.18.0-0ubuntu1.3 o libnginx-mod-http-lua - 1.18.0-0ubuntu1.3 o nginx-core - 1.18.0-0ubuntu1.3 o nginx-full - 1.18.0-0ubuntu1.3 Ubuntu 18.04 o nginx-light - 1.14.0-0ubuntu1.10 o nginx-extras - 1.14.0-0ubuntu1.10 o libnginx-mod-http-lua - 1.14.0-0ubuntu1.10 o nginx-core - 1.14.0-0ubuntu1.10 o nginx-full - 1.14.0-0ubuntu1.10 Ubuntu 16.04 o nginx-extras - 1.10.3-0ubuntu0.16.04.5+esm3 Available with UA Infra or UA Desktop o nginx-core - 1.10.3-0ubuntu0.16.04.5+esm3 Available with UA Infra or UA Desktop o nginx-light - 1.10.3-0ubuntu0.16.04.5+esm3 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2020-36309 o CVE-2021-3618 o CVE-2020-11724 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjFeNLKJtyKPYoAQg6TBAAsuDmhScmqASrDcyqT/leeRS4zTFu98zj 3cMJeKxzUTnNmXf9XH4/hQfe9caG+dIlaT9SYzu4ZHNY7WWOeoBLnUr7LiRnbLTo 4z7ya853uhBTMmctlxkWhuzZ9EmHY59m14ZxY4Tnr2wxmT6qUeNyjeNUqjc4H3pW Wfsm3zFhUEcIYEQIPr5B66CLyUR03JZUgMzZaI8eZkscNviA+EZDwLkoGJJvlNlo eEOy1C7JnBGFVBE+GCioqCyjBlcwhc/nA/eUraTNgEV1bAHb/4KB8YpA2coMkgAC GUVREGVtSdhvqtrnLYxu1CTPcEEb15EfHhRnTJKlQ42I4V31JZ3BJVfVVev+w4To fck0qAqAUxtTwuhryIEP77o3SA9mCfmG94H/YWYPjZzRcYwJifG8GDcU9QNvT8TZ sgsfUZrrLI79n2lDh5DjxP/1TH3DtcsJ0IrOftm6quSUOOqWeyCGhIm7YDCkZUB3 6mNF3IYnY5GVZHK7mDcYm+PnG9OxrPc10td/VZotJFbsS8CmHbgeoKiEieiKRRZx YKuyU8z1M3XIGYKJVOz+tAglbyqQXJMkuwe6gy8VV/kR8SVJBRv3OFb4Bbt5pwf5 dSasLEWK9W0M01bbH7tB9wa/yolTZEqDrOTe4K6+VqixB43OllYYirgBVkOSZPUU LhuSvMLs+uE= =BM8E -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1627 - [SUSE] Linux Kernel: CVSS (Max): 7.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1627 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1) 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-27666 CVE-2022-22942 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221172-1 Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1172-1 Rating: important References: #1195951 #1197133 Cross-References: CVE-2022-22942 CVE-2022-27666 Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP1 SUSE Linux Enterprise Module for Live Patching 15-SP1 SUSE Linux Enterprise Server 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.12.14-197_102 fixes several issues. The following security issues were fixed: o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462) o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc# 1195065) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Module for Live Patching 15-SP1: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1172=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-1173=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-1174=1 Package List: o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64): kernel-livepatch-4_12_14-197_102-default-6-150100.2.1 kernel-livepatch-4_12_14-197_105-default-3-150100.2.1 kernel-livepatch-4_12_14-197_108-default-2-150100.2.1 References: o https://www.suse.com/security/cve/CVE-2022-22942.html o https://www.suse.com/security/cve/CVE-2022-27666.html o https://bugzilla.suse.com/1195951 o https://bugzilla.suse.com/1197133 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjDONLKJtyKPYoAQin/g//UtcFA03g8FnEJ320zhfgM5qYsMxXkOl9 WgspPzcPcpaP4dF/PoFRWFl+kOlMtUP4RMcUE3D60VboLc5vU6/iAtL/xRZV1IDe Gm1R7YJei9Ks4MFwMxr7dZFy4OnVUsLkgoTKV7lyl/wWiA8Fcjt7RX/ZLp4LctJa CQWN2wORBsqZ7DsG70BeN4Rxzb90XaNq/0W7mjyoge2zKeaI3rRRhOeQO6J0ZdOg y9oiLnJa2HB4eUQrFYm/TLagngAmPQVhle5qJR0R4GTpNC0vpQ6MEEDatxKE0zAo RRwByNnRwIgaDgEfa9vUIB9pjbmqQ7wieU63DoANotZPzavCz7Yty0obU8NmlhpG qt+S9gaMFmAISQAEOiyxG0mf9/8UYZRJDtLY0bc+7hehoqGKuZARxG+JPovF+7QB blcJuuncVSF6sNMO4AtHZ/0LL7YpnOSQfOV7qqY8XKDCLJ3rop9KijVUZLO+IDCa vQaCVF9Xf/Jk68yRcSEQd0WauQ9c7L8hznNnfCZc41I8FaVHA8XSULXsL9KNLrQ/ wKR8j4SkbJ8WRRbnXLWqHZgZEyLepHc2cRViM3pdCf71rdz6kNgZKGJqfnTaoRmU HJGqvUZgJRgRL01GmqFMV2Rd9EQO38iBKumqPgNYZUeSSqCxRUYlFsbWi5RuXmST mos9O5nH9+A= =Jk7J -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1626 - [SUSE] libexif: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1626 Security update for libexif 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libexif Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2020-0452 CVE-2020-0198 CVE-2020-0181 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221168-1 Comment: CVSS (Max): 7.5 CVE-2020-0452 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for libexif ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1168-1 Rating: important References: #1172768 #1172802 #1178479 Cross-References: CVE-2020-0181 CVE-2020-0198 CVE-2020-0452 Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for libexif fixes the following issues: o CVE-2020-0181: Fixed an integer overflow that could lead to denial of service (bsc#1172802). o CVE-2020-0198: Fixed and unsigned integer overflow that could lead to denial of service (bsc#1172768). o CVE-2020-0452: Fixed a buffer overflow check that could be optimized away by the compiler (bsc#1178479). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1168=1 o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-1168=1 o SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1168=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-1168=1 o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1168=1 o SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1168=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-1168=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1168=1 o SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1168=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-1168=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-1168=1 o SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1168=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2022-1168=1 Package List: o SUSE OpenStack Cloud Crowbar 9 (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE OpenStack Cloud Crowbar 8 (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE OpenStack Cloud 9 (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE OpenStack Cloud 8 (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libexif-debugsource-0.6.22-8.13.1 libexif-devel-0.6.22-8.13.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 o HPE Helion Openstack 8 (x86_64): libexif-debugsource-0.6.22-8.13.1 libexif12-0.6.22-8.13.1 libexif12-32bit-0.6.22-8.13.1 libexif12-debuginfo-0.6.22-8.13.1 libexif12-debuginfo-32bit-0.6.22-8.13.1 References: o https://www.suse.com/security/cve/CVE-2020-0181.html o https://www.suse.com/security/cve/CVE-2020-0198.html o https://www.suse.com/security/cve/CVE-2020-0452.html o https://bugzilla.suse.com/1172768 o https://bugzilla.suse.com/1172802 o https://bugzilla.suse.com/1178479 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldjAuNLKJtyKPYoAQhUjRAAssrpv6Wh8SPHG/lj2DDAjNmHAqjVd8dK rmyB1MI47gTg6JkLo92lbVztXTX+SLDzrhiliBMxm7LGd7iz0cML38VUF7Gd0+ud OiA3lAlAfzmii1GtoVZx3LkAmbn92USNTKsg/XW19Y9gP0aQtfHCB7vcczu3sZud Yz18CSQh/RFpKCbkKuxe81FKVZ4MQHVNr2O2GvfUAgSttVz2Ppmf4UVeCrge9arZ gNhHcIQZceY4z+ca+jnafHZp8FJmWzTJslFB9K9Lg9t9sgMNltswrLas2j8Ipp4w K8qEFq/doV9rwHmjxfEHS0sj1DeZEBqDdMULFwSiw7oQtbisTc3DIwUzpRcbFxI+ mlsM4SVmERrEYzTb1vTR3egF7FOGGHJqVrRbUqKmmhsf4ipkuhxU058MXegJ3uSW hrvRIjhw4lzQ7xRGsI+mQlxcDI8UcJLaCimnz/OgXBl9JNG/ojNYQGimCoDeV0vx ejC9X4SuwCWAHGfzXc1oLiiDnNvImJq8tT7GdKzenZLA/gcPnVPAKUQvCBGOHRU+ wY8TIOzM2oStRqOaDRhqHQqtmzWGUVtUJdAHzpS0F+QL+Uchy34ts4NxTzCjwRoU tV7zcwTNCjcg9VevnIGo3a1VZmJDt35iFiGipJVWNSWCkBC+ztw6sZZ/TjQJHwXC SihHuEo78CE= =JUad -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1625 - [SUSE] go1.17: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1625 Security update for go1.17 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: go1.17 Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-24921 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221167-1 Comment: CVSS (Max): 7.5 CVE-2022-24921 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for go1.17 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1167-1 Rating: important References: #1183043 #1190649 #1196732 Cross-References: CVE-2022-24921 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP4 SUSE Linux Enterprise Realtime Extension 15-SP2 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for go1.17 fixes the following issues: Update to version 1.17.8 (bsc#1190649): - CVE-2022-24921: Fixed a potential denial of service via large regular expressions (bsc#1196732). Non-security fixes: - Fixed an issue with v2 modules (go#51332). - Fixed an issue when building source in riscv64 (go#51199). - Increased compatibility for the DNS protocol in the net module (go#51162). - Fixed an issue with histograms in the runtime/metrics module (go#50734). - Fixed an issue when parsing x509 certificates (go#51000). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1167=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1167=1 o SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1167=1 o SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1167=1 o SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1167=1 o SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1167=1 o SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1167=1 o SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1167=1 o SUSE Linux Enterprise Realtime Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1167=1 o SUSE Linux Enterprise Module for Development Tools 15-SP4: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1167=1 o SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1167=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1167=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1167=1 o SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1167=1 Package List: o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o openSUSE Leap 15.4 (aarch64 x86_64): go1.17-race-1.17.8-150000.1.25.1 o openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o openSUSE Leap 15.3 (aarch64 x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Manager Server 4.1 (ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o SUSE Manager Server 4.1 (x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Manager Retail Branch Server 4.1 (x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Manager Proxy 4.1 (x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64): go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 o SUSE Enterprise Storage 7 (aarch64 x86_64): go1.17-1.17.8-150000.1.25.1 go1.17-doc-1.17.8-150000.1.25.1 go1.17-race-1.17.8-150000.1.25.1 References: o https://www.suse.com/security/cve/CVE-2022-24921.html o https://bugzilla.suse.com/1183043 o https://bugzilla.suse.com/1190649 o https://bugzilla.suse.com/1196732 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldi+eNLKJtyKPYoAQjnYA/+IVW+GBmZX6kUQyLFLCRcSrGRgVmSQnnr pSI6SLVW4dAictZA0nq6N9OOCwpbPtWsnI3sJmX2uXLFgWxSHdfTL4isE4y0L6mW FhAu2YT+Q4sjK19/3CjBjSvG0mRtXJ2FEBmO4KvNgpzV88fayzaLHLnsRrFH/ojf ATyXZ7lOyrBzRw0vwK7AeKZj8BOXYBjxtoOqMJ9OsG646tkfozS73ux3zEsNxtTz zoleMv+J3ug1Vk4JaKKlpY/xj/PuhgGtztNUDCkC4PaGs6zbJ3Zi3hJQg3WQTCyd g/JymG5dQ9FnYUV9frDHr/BetTgcv8JgaToZ4dFA02BPfpVqKqzRodC24a+mA8Ji 85BdsZpgRzlrDS5BrltC9vEdibj1eltAtcarVXCnB86P30egPf8DFGMTL9EKQxy5 flQF6WPrr/XVZ9FaRjIVly4Ts6yaUSpjDeiPlanEUUgbU9QUyutgYOlj4KymfLNE RuCCAtL5D8RaQb5lYEVP3xwASAjELBxUkYt56/Ap84Mm9wwE+hT1rLhEkzJdcnQP U7dzna8bMa9L58UmKWRj2TU1kIjL0yO7jXfu2e6/steL053zIiZX/aMO8Goz47QX c87jTQUh7EXBA/r4lc8V6VddeDvFCtp2JJqLaDMAUP2geNV9JGIXSBDJg/XtRQ7Z az7jJ9wAlfk= =aYWy -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1624 - [SUSE] Mozilla Thunderbird: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1624 Security update for MozillaThunderbird 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mozilla Thunderbird Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-28289 CVE-2022-28286 CVE-2022-28285 CVE-2022-28282 CVE-2022-28281 CVE-2022-24713 CVE-2022-1197 CVE-2022-1196 CVE-2022-1097 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221176-1 Comment: CVSS (Max): 7.5 CVE-2022-28289 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for MozillaThunderbird ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1176-1 Rating: important References: #1197903 Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Workstation Extension 15-SP3 SUSE Linux Enterprise Workstation Extension 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for MozillaThunderbird fixes the following issues: o Updated to version 91.8 (bsc#1197903): - CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects. - CVE-2022-28281: Fixed a memory corruption issue due to unexpected WebAuthN Extensions. - CVE-2022-1197: Fixed an issue where OpenPGP revocation information was ignored. - CVE-2022-1196: Fixed a memory corruption issue after VR process destruction. - CVE-2022-28282: Fixed a memory corruption issue in document translation. - CVE-2022-28285: Fixed a memory corruption issue in JIT code generation. - CVE-2022-28286: Fixed an iframe layout issue that could have been exploited to stage spoofing attacks. - CVE-2022-24713: Fixed a potential denial of service via complex regular expressions. - CVE-2022-28289: Fixed multiple memory corruption issues. Non-security fixes: o Changed Google accounts using password authentication to use OAuth2. o Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be imported into GnuPG. o Fixed an issue where exporting multiple public PGP keys from Thunderbird was not possible. o Fixed an issue where replying to a newsgroup message erroneously displayed a "No-reply" popup warning. o Fixed an issue with opening older address books. o Fixed an issue where LDAP directories would be lost when switching to "Offline" mode. o Fixed an issue when importing webcals. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1176=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1176=1 o SUSE Linux Enterprise Workstation Extension 15-SP4: zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1176=1 o SUSE Linux Enterprise Workstation Extension 15-SP3: zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1176=1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1176= 1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1176= 1 Package List: o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 o SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 o SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x): MozillaThunderbird-91.8.0-150200.8.65.1 MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1 MozillaThunderbird-debugsource-91.8.0-150200.8.65.1 MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 References: o https://www.suse.com/security/cve/CVE-2022-1097.html o https://www.suse.com/security/cve/CVE-2022-1196.html o https://www.suse.com/security/cve/CVE-2022-1197.html o https://www.suse.com/security/cve/CVE-2022-24713.html o https://www.suse.com/security/cve/CVE-2022-28281.html o https://www.suse.com/security/cve/CVE-2022-28282.html o https://www.suse.com/security/cve/CVE-2022-28285.html o https://www.suse.com/security/cve/CVE-2022-28286.html o https://www.suse.com/security/cve/CVE-2022-28289.html o https://bugzilla.suse.com/1197903 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldi5uNLKJtyKPYoAQjAHA/+JXsQoix/eyw6qQm0Iq1FXQjD7O8mapdr yp/gr7SQNuAy0sYmH5Y2MH+dtaDtIHKni4wE+7zYcx8PTqpuPdmvxLc/uzx+8mKz 5aA1XnYtsCK3dpOVsDQTwSCpuaiCvo5MlP0s/smuVAebcnJEDCzh8o28DqwZYv6a LcyXvfL4hHXPt2bNbcv3DNzanzy1f9K19QXVe3MGm9aa7J575Oo5wSaSzfQ9BNjI E41WP/dH8m+rmVaTv1YYkMGyCaELXUa0oCTsVOBiNDfW7vTeLbdBPnfp6/0GzaA6 C6VYpFjl0jawFr4BF9F3qwzDV4uqnSQRw20CgpV6a3RZ8MjiUPtIVYblNIkdy8/v ynUuIaGZa188YmsKvgGCDMEk5OhUoKc0tv7jMevAxtNLgZbKaw3dllNpCTOxVvS1 yeV7w9H0W73j+Rv3mTPvbMV5zX3qByJdD4zvmTP6Jp0H34DS1wpDISiwR97sSThc +qUTIr/uB3IAH8iz1UR70R1fda8tlJ3hxkxh8JIuMCZBMLUZn9aTNdnXKO2o3s6O 5wSHhKXWmZmctDN4Sn4O6Tde9zsp0YfEZvGivOjulMBaer4UAmsCVyi9k4JGmEYf DpTuvjI91PELKpmzQULTI2O55fZXl5gzmJJ/XcfJOkHY9H+GxBqIyVVBSC4PALge iO6B2pt7V3U= =2TCJ -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1623 - ALERT [Cisco] Cisco Wireless LAN Controller: CVSS (Max): 10.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1623 Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Wireless LAN Controller Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20695 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF Comment: CVSS (Max): 10.0 CVE-2022-20695 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability Priority: Critical Advisory ID: cisco-sa-wlc-auth-bypass-JRNhV4fF First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: Yes Cisco Bug IDs: CSCwa43249 CVE Names: CVE-2022-20695 CWEs: CWE-303 Summary o A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running Cisco WLC Software Release 8.10.151.0 or Release 8.10.162.0 and have macfilter radius compatibility configured as Other : 3504 Wireless Controller 5520 Wireless Controller 8540 Wireless Controller Mobility Express Virtual Wireless Controller (vWLC) Note: The vulnerable releases noted above are available in the Software Center on Cisco.com. In addition, specific customers have been given the following vulnerable escalation builds that are not in the Software Center: 8.10.151.4 to 8.10.151.10 8.10.162.1 to 8.10.162.14 Determine the Configuration To determine whether the Cisco WLC configuration is vulnerable, issue the show macfilter summary CLI command. If RADIUS compatibility mode is other , as shown in the following example, the device is considered vulnerable: wlc > show macfilter summary MAC Filter RADIUS Compatibility mode............. Other MAC Filter Delimiter............................. Single-Hyphen MAC Filter Entries............................... 0 Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches Catalyst 9800 Series Wireless Controllers Catalyst 9800 Wireless Controller for Cloud Embedded Wireless Controller on Catalyst Access Points Wireless LAN Controller (WLC) AireOS products not listed in the Vulnerable Products section Workarounds o There are workarounds that addresses this vulnerability. Choose one of the following based on the environment: Option 1: No Macfilters in the Environment Customers who do not use macfilters can reset the macfilter radius compatibility mode to the default value using the following CLI command: wlc > config macfilter radius-compat cisco Option 2: Macfilters in the Environment Customers who use macfilters and who are able to change the radius server configuration to match other possible compatibility modes can modify the macfilter compatibility to either cisco or free using one of the following CLI commands: wlc > config macfilter radius-compat cisco wlc > config macfilter radius-compat free For more information about the different macfilter compatibility modes, see Cisco Wireless Controller Command Reference . While these workarounds have been deployed and were proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases In the following table(s), the left column lists Cisco software releases. The right column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. Customers are advised to upgrade to an appropriate fixed software release as indicated in this section. Cisco Wireless LAN Controller Release First Fixed Release 8.9 and earlier Not vulnerable 8.10.142.0 and earlier Not vulnerable 8.10.151.0 and later 8.10.171.0 To download the software from the Software Center on Cisco.com, do the following: 1. Click Browse all . 2. Choose Wireless > Wireless LAN Controller > Standalone Controllers . 3. Choose a specific product from the right pane of the product selector. 4. Choose a hardware platform from the left pane of the software page. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank a security researcher with Bispok for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldi0ONLKJtyKPYoAQhx5g//VcXOe7hecT/qOZS0jD/dCHqaHnywFN7n tTsplxJ5pRhtWl0zPxRLwujzid3Mkqvx2rllRHlA262wwCJJntxP/k3P7dfge3Ep Geuq0LzsRnN8jbyWjCldrotWEd9xXy77DIqEe69FsGy2wKlX8m6uXnfuzgvRjv1X rbp/njWOU3/XjhCxzCQnIOjetLsxV0ycwHlibDBtz7UULfpHpe04WENmIfvmXBMO /lEO7P4nHDpjMWYM7+RlD8oX0+nWudEkJsgTW3F69yR9YlQiLrXrxbel9b5qSw+I DE9YZQYPMO5JjNZeYsOf9ipHq9S/T/g4wdsrky+MJIa2eSumXiPgvScWuQJxZ4mr jTsxj80D7uVQG8ykhh+gX65/zqjPt1IDjZvVvgnvbXmQq0CjMcTgijRs+bJODVeB /MYYI+lwtoIzKifdCP3/PXwgp6UrzaD3wa9k4gCYVMpqSJFDjywe3zIkdcs3vday gqQotOCQhTdzezFA+HIYiqwnLU4zTPpji9i4a0nYeYawStr7aFjBgEitxeYbO+FH 6iPRIEls9XhfmXuzxfLYnEE+g6tVQHO1WPD17ofgc34js9QHmfJ618WF6/PiSZ7S ryLOi5HnkV8lIhDxtngy9WW9Nc9WpINJvPP4R6Map/0W3Tu4wF9wFvByj8CaK5hE BuAIsZA/BC0= =0dpl -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1622 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1622 Cisco SD-WAN vManage Software Privilege Escalation Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco SD-WAN vManage Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20739 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL Comment: CVSS (Max): 7.3 CVE-2022-20739 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco SD-WAN vManage Software Privilege Escalation Vulnerability Priority: High Advisory ID: cisco-sa-sdwan-privesc-vman-tEJFpBSL First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvt11537 CVE Names: CVE-2022-20739 CWEs: CWE-269 Summary o A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to exploit this vulnerability. This vulnerability exists because a file leveraged by a root user is executed when a low-privileged user runs specific commands on an affected system. An attacker could exploit this vulnerability by injecting arbitrary commands to a specific file as a lower-privileged user and then waiting until an admin user executes specific commands. The commands would then be executed on the device by the root user. A successful exploit could allow the attacker to escalate their privileges on the affected system from a low-privileged user to the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL Affected Products o Vulnerable Products This vulnerability affects Cisco SD-WAN vManage Software. For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: Cisco IOS XE SD-WAN Software Cisco SD-WAN vEdge Series Routers Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases In the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the Critical or High SIR vulnerabilities described in this collection of advisories and which release includes fixes for those vulnerabilities. Customers are advised to upgrade to an appropriate fixed software release as indicated in the following table(s). To ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories: cisco-sa-sd-wan-file-access-VW36d28P Cisco SD-WAN Solution Improper Access Control Vulnerability cisco-sa-sdwan-privesc-vman-tEJFpBSL Cisco SD-WAN vManage Privilege Escalation Vulnerability Cisco First Fixed Release First Fixed Release for All SD-WAN for This Vulnerabilities Described in the Release Vulnerability Collection of Advisories 18.3 and Migrate to a fixed Migrate to a fixed release. earlier release. 18.4 18.4.6 Migrate to a fixed release. 19.2 19.2.3 Migrate to a fixed release. 20.1 20.1.2 Migrate to a fixed release. 20.3 20.3.1 Migrate to a fixed release. 20.4 20.4.1 Migrate to a fixed release. 20.5 20.5.1 Migrate to a fixed release. 20.6 20.6.1 20.6.1 20.7 20.7.1 20.7.1 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing by Andrew Kim of the Cisco Advanced Security Initiatives Group (ASIG). Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldiweNLKJtyKPYoAQgBnw//beChEgmKfrH9JZ0FfisXns5coqSkjjX4 tnoWllFacccolc/jziIIphHJ8AougYMeGN4PQGosKssz/g3p0XKGcOZvu0Dssl5p 91hSoypdVgBjuQZTM8000NeptwhGNPxX6j6J23A4rwyIfOhl8NpJAaXPYYDRN53b kd+ApKwnSxlQkqOK8Uj8Xk0g9+6id6jx3QPhbr3lDyl8/n3zv2VTidGLCnCsFxnk 6qlSjGwLz0sN4045FOuqaITNsD+g5hbgOiIag2iZ/i50+G+XP4uScWdEt1tO6kg0 ahWiLWmppG0uZbPjMV/XL3cscfML7rQwlUDHWnwyVTqBNOgA8h5fstwEaQd4K8mu PU5H4lVxZvxYm3beENILx9JIcayxx7vGSyd/Pi11Qpn4V21zTP1CogJl5DnlAd47 13jxpxEqoL0Uhyo1RNdrX7vW6ieKdIMKvAj+HwfLgLZxInbINZBeaV0wXN66mXM+ X4bopOMI3iqreTzv+SNCENXQGbSnKPFfV5TV3wqYWcW34q3brk84Zgsnw/ODnLXD 26T4KfVTgXeabM3FtxMwj43UXVAETRO0BlHoTc1KSIorz3rc2PSiGnbK6l3sA1UW R8FM+HuLDJhR2vYaCvkVZzdAalevZbfRK6tkQHVMad07fLj1lineh8ohKgZgYSwq eJqzv2a4/DM= =0Akq -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1621 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 6.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1621 Cisco SD-WAN vManage Software Information Disclosure Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco SD-WAN vManage Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20747 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq Comment: CVSS (Max): 6.5 CVE-2022-20747 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco SD-WAN vManage Software Information Disclosure Vulnerability Priority: Medium Advisory ID: cisco-sa-sdwan-vman-infodis-73sHJNEq First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvy67842 CVE Names: CVE-2022-20747 CWEs: CWE-202 Summary o A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating system. An attacker could exploit this vulnerability by sending a crafted API request to Cisco vManage as a lower-privileged user and gaining access to sensitive information that they would not normally be authorized to access. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco SD-WAN vManage Software. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Cisco SD-WAN Release First Fixed Release 18.3 and earlier Migrate to a fixed release. 18.4 Migrate to a fixed release. 19.2 Migrate to a fixed release. 20.1 Migrate to a fixed release. 20.3 Migrate to a fixed release. 20.4 Migrate to a fixed release. 20.5 Migrate to a fixed release. 20.6 20.6.1 20.7 20.7.1 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during the resolution of a Cisco TAC support case. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldiruNLKJtyKPYoAQgDLxAAqJbcejTIiMXzh0DoW6a+ehPaE+KD9R1W tepNznkb2HafoweNUYFqGXEW2Qp4u6RLLnzgq51qmZALHcAHZZv0LHYU2LF/l7n/ soA/cg7kKarhIqUdZIz4wfssE8zvrz2sB3OqXDSDvfAXFkz9OuCqM4lcYq/xdKxs GhAUDZnbtfW6Bn1pskRkVAaYmHA2Fj4dyMpWYKCblznf6eOhOCAgguaBiygRievv V+zqj/PAtERoiBUXlzSJWlU3nJ5xCT1ZbT9udJMOHqAhSPBHh/a55AuB3P0CkRzC vXNaepklkZqEGAPJFx6XMzl8djUoi6f+2hhZU1BwQgTUJTxbrI2YpcgSOZ0bFydA JQ70nei6NXc2rV8XSo2bkBxu7Xf/V5kH3mXvh7uncD043ZsXP6TyYYk3R5AKm+68 Zcr7ZYZvV2sa6dU29Wr+7Rhx5FnbevBJZ/f+J7703fI7BNqctpbsnOEZEmkbYkuR +RborQWsAjqwjkYLeXjxMKkCZA1ugWjF6Bt3KOyoB4OXpaXXhbVBeqg6UIXNtgWf LzZqWMVPZSX/B6b0pSeoCql0ZvJn4iMA8janZU25ax2HvOm79sAOxv86K/K9IFkl wzkYkq9ByowjisQlhf8M+KHzx/kSd1SafPy9YchRzwlW0+1dhye3YNudNKURQEk7 NNh14hvOw8I= =b8vm -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1620 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 6.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1620 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco SD-WAN vManage Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20735 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR Comment: CVSS (Max): 6.5 CVE-2022-20735 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability Priority: Medium Advisory ID: cisco-sa-sdwan-vmanage-csrf-rxQL4tXR First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvu28364 CVE Names: CVE-2022-20735 CWEs: CWE-352 Summary o A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. These actions could include modifying the system configuration and deleting accounts. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco SD-WAN vManage Software. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability. Cisco SD-WAN vManage Software Release First Fixed Release Earlier than 20.6 Migrate to a fixed release. 20.6 20.6.1 20.7 20.7.1 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing by Alex Lumsden of the Cisco Advanced Security Initiatives Group (ASIG). Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldipONLKJtyKPYoAQjBARAAro0LcY58bInP9R1SHaeYpSilS5ryvhq9 FbVPcYlMsGtWJl7LSCRzYbhpd6xzpnV+Q3jZlOMGWGdZ61KOkUfNgXHpVEz9XC0D /bhgLxaRs1T7J6mvslKxzXJjGVPqLi1R9Ay8I0WS81I7dqb8DdsWYbKZE+IUlwJF Jf4i7wgj/3gP77YhxVWPk0DGQ3h+YZbbRqAai4R5Fh5GyN6CSbPLxJVifW2VlYOj OHpC0LDfivKucQzfgVtScXEMuNxyDDGFVqB1kc/kFk5Azp0tFV+Qxffe5mjuCgoY lXTm/mbWo6sG4Wpkyp1w4eBOgleFqGeOUxHjMiESc5U1kq8zd1AfHsKDH7qRom2Q oevXviDV1cm9uTkvK48t+q4S5fe96qFfEK9Nd2QA6Vlww4uopGL8IdD8Ys7fTgSp ddMSQuOlQp8M9UvMDs2ba0/l3qQmmG4LdXWSTw8XCy/Z8WnPtrmajnOC1VmxUhQH 0+xyQvQqN32dgTGAYpKGFQ8OsKZir/3WWoKtcdcCeop1x0643fti4de1r4OgNRCM lqkgM4LDBB6zCEw+0TMljijcIkibp/uvlnir32MdlxO6d9bKY02kXuS4OF7T+rwu Jd7uY3pOxwF+00o32xRMHxNwIiVdferTtduyaURxVzSI2AAYWGlPf/pwkZQ3QEYw hWXQ7uwpft8= =MTj8 -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1619 - [Cisco] Cisco SD-WAN vEdge Routers: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1619 Cisco SD-WAN vEdge Routers Denial of Service Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco SD-WAN vEdge Routers Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20717 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB Comment: CVSS (Max): 5.5 CVE-2022-20717 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco SD-WAN vEdge Routers Denial of Service Vulnerability Priority: Medium Advisory ID: cisco-sa-sdwan-vedge-dos-jerVm4bB First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvt55609 CVE Names: CVE-2022-20717 CWEs: CWE-789 CVSS Score: 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X Summary o A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB Affected Products o Vulnerable Products At the time of publication, this vulnerability affected the following Cisco products if they were running a vulnerable release of Cisco SD-WAN vEdge Software: 1100 Series Integrated Services Routers (ISRs) SD-WAN vEdge 100 Series Routers SD-WAN vEdge 1000 Series Routers SD-WAN vEdge 2000 Series Routers SD-WAN vEdge 5000 Series Routers For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: 5000 Series Enterprise Network Compute System (ENCS) platforms that are running Cisco IOS XE SD-WAN Software Cloud Services Router (CSR) 1000V Series images ISRs that are running Cisco IOS XE SD-WAN Software vEdge Cloud Router images Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability. Cisco SD-WAN vEdge Software Release First Fixed Release Earlier than 20.6 Migrate to a fixed release. 20.6 20.6.1 20.7 20.7.1 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldimONLKJtyKPYoAQiVnA/9F+YBKpKWF4mzGCSEzQ/3yVuRlC6+Lf1M D3ISNzYjNTphsg1RwEEyYW+/GTrzTpiMxZkWQn9SaLaaos+nY22BVYydP3X875+n ExXREsYLsCLOHSkr5u+nCoy1OyPWJx7dgwtFmKFL4E1c+/RFYAOCCrdEtNC64eQs a5IHWaxAQzKpG/92FdnZPjd/Kb8H/K5gdZdEMK9h+dk7E4Y3uyiR3zTywCv2+L4L 4ksbLdayKgCXz+bHXb8JU6a8/uHApNs5Mp2A2pX3dyYHY+3WCBtDAp4MYbk1L9tz xm9rp0+fZS0tT4wKWpI4tMlsxsjmL15cb7lXO/843QJaJZe/qi3zcz59rdpBhA1/ 1Jnn1i4dy1EwRHYmtJODS4JcAcBYGi2JVBiu/i+3Yxyehwf7vrdq15cJ7kcmuxAX k0iggKjoAUCS561mrpnx/iW6xtKGlTBNftpCs79TCIuENNRL0lkn6zxi3WxfByg8 ankkEDwC9m9i9ISl4vQ2GTopsXvHrVLvhAO0bNa5tBCOvMia0jyXbMfqPfxZuQdn DBkZC+RN01gHYHDdgEU08LoFIKn/ed4Cxjm9MF97QJmF9jyEAl5OQoGaRk43FDgN 2kKOQvm9x3/OAT0hxK+pNbTUhz14QcLejyO9njSlY+iduNVFdEgqXi7+L5s6ZX+k 6h+vk5Vdzeg= =/sFh -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1618 - [Cisco] Cisco SD-WAN: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1618 Cisco SD-WAN Solution Improper Access Control Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco SD-WAN Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20716 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P Comment: CVSS (Max): 7.8 CVE-2022-20716 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco SD-WAN Solution Improper Access Control Vulnerability Priority: High Advisory ID: cisco-sa-sd-wan-file-access-VW36d28P First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvy11382 CVE Names: CVE-2022-20716 CWEs: CWE-284 Summary o A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P Affected Products o Vulnerable Products This vulnerability affects the following Cisco products: SD-WAN vBond Orchestrator Software SD-WAN vEdge Cloud Routers SD-WAN vEdge Routers SD-WAN vManage Software SD-WAN vSmart Controller Software For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect Cisco IOS XE SD-WAN Software. Indicators of Compromise o The Cisco Security Indicators of Compromise Reference Guide lists commonly observed Indicators of Compromise (IoCs), which can help identify devices that may have been impacted by the vulnerability disclosed in this Cisco security advisory. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases In the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the Critical or High SIR vulnerabilities described in this collection of advisories and which release includes fixes for those vulnerabilities. Customers are advised to upgrade to an appropriate fixed software release as indicated in the following table(s). To ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories: cisco-sa-sd-wan-file-access-VW36d28P Cisco SD-WAN Solution Improper Access Control Vulnerability cisco-sa-sdwan-privesc-vman-tEJFpBSL Cisco SD-WAN vManage Privilege Escalation Vulnerability Cisco SD-WAN First Fixed Release First Fixed Release for All Software for This Vulnerabilities Described in the Release Vulnerability Collection of Advisories 18.4 Migrate to a fixed Migrate to a fixed release. release. 19.2 Migrate to a fixed Migrate to a fixed release. release. 20.3 Migrate to a fixed Migrate to a fixed release. release. 20.4 Migrate to a fixed Migrate to a fixed release. release. 20.5 Migrate to a fixed Migrate to a fixed release. release. 20.6 20.6.1 20.6.1 20.7 20.7.1 20.7.1 Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank Joris Oversteyns for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldijeNLKJtyKPYoAQiaDQ//c88dbWrdRGzvP6xL6PQ0+RygOcb/oFjQ Q9KM3rT5kguEgT+whIcHajMo230hp08ULZsxKYfvkQYt3y3YxrJkh317/NZUFj4Y c4cI8ku/IJRbQu45h35w0wBWYk+cHVBHr4SJuOGE72ia5pI91Ud+/wT1ObJc0zfR QSRB4mFwyWSC1fhefGngVXzwwJFA7cuG5ogLiTYkCX5oyRQC3R8bXGfJC/m1uOhq qBM8bppeMFFp9FropnKMkm5el8VKeb+h3T9IIy/qZqX8d0ZNadtushtziWmgJZIN hxWE8CFNU90OHZ1D/E2GASNo3JkLAZJrnObJTx/qFpmo+xCNHCaf5o3LAee0R9pZ qoX4/T/CVM4zec3W4aneKgupzHywqQxJpDIc7QSpjO3VvQ0tHYA4YKMp2XcyGaAc or+phmm65KQ+jVCHenBgPNvkriUmnCbVq3XCS7/hKXdzDVI76RDxOF05/xUili90 4suGyZUqf5HwlKgQMoC0GdcgIQkgx4Vuk0Xf0QCesQ8Z5eZVfIyROFEfYG0hmwEX SQtlYu5FBcYv7RpkjCRAFad9gXVNPaCtZNqGm4H4O5lf87aGLnlZw8q/pTGJoomR IViCzYuk3u5rQLxUMKOXDUw6zljz5gb3Jg1CrXrfZQSulBO6fdb1ro4vdHHVJTnV jl3DKPpbB6w= =04US -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1617 - [Cisco] Cisco IOx Application Hosting Environment: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1617 Cisco IOx Application Hosting Environment Vulnerabilities 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOx Application Hosting Environment Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20727 CVE-2022-20726 CVE-2022-20725 CVE-2022-20724 CVE-2022-20723 CVE-2022-20722 CVE-2022-20721 CVE-2022-20720 CVE-2022-20719 CVE-2022-20718 CVE-2022-20677 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj Comment: CVSS (Max): 5.5 CVE-2022-20719 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco IOx Application Hosting Environment Vulnerabilities Priority: Medium Advisory ID: cisco-sa-iox-yuXQ6hFj First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvx27640 CSCvy16608 CSCvy30903 CSCvy30957 CSCvy35913 CSCvy35914 CSCvy86583 CSCvy86598 CSCvy86602 CSCvy86603 CSCvy86604 CSCvy86608 CVE Names: CVE-2022-20677 CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20726 CVE-2022-20727 CWEs: CWE-22 CWE-250 CWE-77 Summary o Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj This advisory is part of the April 2022 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Affected Products o Vulnerable Products At the time of publication, one of more of these vulnerabilities affected the following Cisco products if they were running a vulnerable software release: 800 Series Industrial Integrated Services Routers (Industrial ISRs) 800 Series Integrated Services Routers (ISRs) 1000 Series Connected Grid Router (CGR1000) Compute Modules IC3000 Industrial Compute Gateways Industrial Ethernet (IE) 4000 Series Switches IOS XE-based devices configured with IOx IR510 WPAN Industrial Routers For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect the following Cisco products: IOS XR Software Meraki products NX-OS Software Details o The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities. Details about the vulnerabilities are as follows: CVE-2022-20718: Cisco IOx Application Hosting Environment Parameter Injection Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute a parameter injection using the Cisco IOx API. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy35913 CVE ID: CVE-2022-20718 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20719: Cisco IOx Application Hosting Environment Parameter Injection Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute a parameter injection using the Cisco IOx API. This vulnerability is due to incomplete sanitization of parameters that are passed in as part of the IOx package descriptor. An attacker could exploit this vulnerability by crafting an IOx package descriptor file and then building and deploying an application in the Cisco IOx application hosting environment. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86583 CVE ID: CVE-2022-20719 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20720: Cisco IOx Application Hosting Environment Path Traversal Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read or write arbitrary data on the underlying host operating system. This vulnerability exists because a real path check is not performed on the requested data. An attacker could exploit this vulnerability by creating a symbolic link within the deployed application and requesting data using the API. A successful exploit could allow the attacker to read or execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy30957 CVE ID: CVE-2022-20720 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20723: Cisco IOx Application Hosting Environment Arbitrary Code Execution Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute arbitrary code on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86603 CVE ID: CVE-2022-20723 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20725: Cisco IOx Application Hosting Environment Cross-Site Scripting Vulnerability A vulnerability in the web-based Local Manager interface of the Cisco IOx application hosting environment could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. This vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86608 CVE ID: CVE-2022-20725 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N CVE-2022-20724: Cisco IOx Application Hosting Environment User Impersonation Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to bypass authentication and impersonate another authenticated user session. This vulnerability is due to a race condition for allocation of the token. An attacker could exploit this vulnerability by constantly trying a call to the upload API, and if the calls occur at the same time as an authorized administrator deploying an application, the attacker may race the token and be given the ability to bypass authentication. A successful exploit could allow the attacker to bypass authentication. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86604 CVE ID: CVE-2022-20724 Security Impact Rating (SIR): Medium CVSS Base Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-20726: Cisco IOx Application Hosting Environment Denial of Service Vulnerability A vulnerability in the Cisco IOx application hosting environment of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Modules, and Cisco IC3000 Industrial Compute Gateways could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling of socket operations. An attacker could exploit this vulnerability by sending a sustained rate of crated TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvx27640 CVE ID: CVE-2022-20726 Security Impact Rating (SIR): Medium CVSS Base Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-20677: Cisco IOS XE Software Privilege Escalation Vulnerability A vulnerability in the Cisco IOx application hosting environment in Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges from privilege level 15 to root on an affected device. This vulnerability is due to incomplete file protection for the Cisco IOx application hosting environment. An attacker could exploit this vulnerability by modifying the file system with a crafted payload. A successful exploit could allow the attacker to execute arbitrary commands as root . Bug ID(s): CSCvy30903 CSCvy16608 CVE ID: CVE-2022-20677 Security Impact Rating (SIR): Medium CVSS Base Score: 5.1 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20727: Cisco IOx Application Hosting Environment Privilege Escalation A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper input validation when loading Cisco IOx applications. An attacker could exploit this vulnerability by modifying application content while a Cisco IOx application is loading. A successful exploit could allow the attacker to gain privileges equivalent to the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy35914 CVE ID: CVE-2022-20727 Security Impact Rating (SIR): Medium CVSS Base Score: 5.1 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20721: Cisco IOx Application Hosting Environment Arbitrary File Read Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability is due to insufficient path validation of command arguments within the Cisco IOx API. An attacker could exploit this vulnerability by sending a crafted command request using the API. A successful exploit could allow the attacker to read the contents of any file that is located on the host device filesystem. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86598 CVE ID: CVE-2022-20721 Security Impact Rating (SIR): Medium CVSS Base Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2022-20722: Cisco IOx Application Hosting Environment Path Traversal Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read arbitrary files from the underlying host filesystem. This vulnerability is due to insufficient path validation of command arguments within the Cisco IOx API. An attacker could exploit this vulnerability by sending a crafted command request using the API. A successful exploit could allow the attacker to read the contents of any file that is located on the underlying host filesystem. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86602 CVE ID: CVE-2022-20722 Security Impact Rating (SIR): Medium CVSS Base Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Workarounds o There are no workarounds that address these vulnerabilities. However, there is a mitigation. Customers who do not want to use the Cisco IOx application hosting environment can disable IOx permanently on the device by using the no iox configuration command. While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Cisco Platform First Fixed Release 800 Series Industrial ISRs Cisco IOS Software Release 15.9(3)M5 and later. 800 Series ISRs Not fixed; IOx has reached end of life on Cisco 800 Series ISRs. CGR1000 Compute Modules IOx image for CGR1000 Compute Module 1.15.0.1 IC3000 Industrial Compute Industrial Compute Gateway Software Release Gateways 1.4.1 IE 4000 Series Switches Not fixed; IOx has reached end of life on the Cisco IE 4000 Series Switches. IOS XE devices: o 1000 Series ISRs Cisco IOS XE Software releases: o 4000 Series ISRs o ASR 1000 Series o 16.12(7) (All but CSCvy16608 are resolved Aggregation Services in 16.12(6)) Routers o 17.3(5) o Catalyst 9x00 Series o 17.6(2) Switches o 17.7(1) and later o Catalyst IE3400 Rugged Series Switches For more information, see the Cisco IOS and IOS o Embedded Services 3300 XE Software Checker section below. Series Switches IR510 WPAN Industrial TBD. Fix planned for the next IR510 operating Routers system release. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker to identify any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory ("First Fixed"). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified ("Combined First Fixed"). Customers can use the Cisco Software Checker to search advisories in the following ways: Choose the software and one or more releases Upload a .txt file that includes a list of specific releases Enter the output of the show version command After initiating a search, customers can customize the search to include all Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication. By default, the Cisco Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, customers can use the Cisco Software Checker on Cisco.com and check the Medium check box in the drop-down list under Impact Rating when customizing a search. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. Source o Cisco would like to thank Cyrille CHATRAS of Orange group for reporting the following vulnerabilities: CVE-2022-20718, CVE-2022-20719, CVE-2022-20720, CVE-2022-20721, CVE-2022-20722, CVE-2022-20723, CVE-2022-20724, CVE-2022-20725. CVE-2022-20718 and CVE-2022-20720: These vulnerabilities were also found during internal security testing by X.B. of the Cisco Advanced Security Initiatives Group (ASIG). CVE-2022-20677: This vulnerability was found during internal security testing by X.B. of the Cisco ASIG. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldifeNLKJtyKPYoAQiWuhAAsFMzRdKECpVcgTFA/MycVfKW6Iu3eEh3 tGh7DtbUCLTqrWglCWXrTNvaq1kaYwtGpP72e1O2BKzmbzK+qNk01XkgTw+BOQqO DZ9MGhWEfoqtyuWmJZrg6rUrm3BGXcsMF8VLuqeuIuy7LVmgm0LF5Tdt0YH7bg8C /o64IU504qT1EZmAXJuvmh97HLYVsY4YfuPJOGd3sLvtbK4gx4wpInvPJuuXFS88 cYEmrjGKUlr28xQmzYmi61Y8oqJoNi4FJCX0n+/oT4tbjSHlEbFScwbYNSxoQwoy 7v3z6Lgs9731PHffBrBqPr/DgQFEU6e5kb/46c3jFAUcTqjPLX0M8z5Gohz8IS9S wvf18oPtsA9cmBd7U1EdxqncWVvL+ZJwI0XM7tCVhFHsRFusf/m5m2361qt6pgRq ToKUMzHJjCADr02TWe4S1CtKKZI5uZFFDfHKGTMMfCQc/53XI9s0HCeMKrYbfgr+ NXLUstCI15jd4lynpNCxAPVMUkTmvGObS6SAu96+2sUnXJ9NrQhkH8OMRWmkj/SI PfR9AXfu90auki2FsuDVWRtWapfEkIVDfdjAGrRjzIzJOJrDfDh9H31jxSzsUths 4PE+9i8WM7PzXn5LCvBOCzSU2bbXDubDvwqADAqrcNpn67RXi1w2Ilsha+5y9dgT bSlZQCRJ22c= =GcfY -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1616 - [Cisco] Cisco IOS and IOS XE Software: CVSS (Max): 8.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1616 Cisco IOS and IOS XE Software Web Services Denial of Service Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOS and IOS XE Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20697 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS Comment: CVSS (Max): 8.6 CVE-2022-20697 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco IOS and IOS XE Software Web Services Denial of Service Vulnerability Priority: High Advisory ID: cisco-sa-http-dos-svOdkdBS First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvx42406 CVE Names: CVE-2022-20697 CWEs: CWE-691 Summary o A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS This advisory is part of the April 2022 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Affected Products o Vulnerable Products This vulnerability affects Cisco devices if they are running a vulnerable release of Cisco IOS Software or Cisco IOS XE Software and have the HTTP feature enabled. All vulnerable releases of Cisco IOS XE Software are within the 3SE and 3E release trains. For more information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Determine the HTTP Server Configuration To determine whether the HTTP Server feature is enabled for a device, log in to the device and use the show running-config | include ip http server| secure|active command in the CLI to check for the presence of the ip http server command or the ip http secure-server command in the global configuration. If either command is present, the HTTP Server feature is enabled for the device. The following example shows the output of the show running-config | include ip http server|secure|active command for a device that has the HTTP Server feature enabled: Router# show running-config | include ip http server|secure|active ip http server ip http secure-server Note: The presence of either command or both commands in the device configuration indicates that the web UI feature is enabled. If the ip http server command is present and the configuration also contains ip http active-session-modules none , the vulnerability is not exploitable over HTTP. If the ip http secure-server command is present and the configuration also contains ip http secure-active-session-modules none , the vulnerability is not exploitable over HTTPS. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: IOS XR Software Meraki products NX-OS Software Workarounds o There are no workarounds that address this vulnerability. However, there are mitigations. Disabling the HTTP Server feature eliminates the attack vector for this vulnerability and may be a suitable mitigation until affected devices can be upgraded. To disable the HTTP Server feature, use the no ip http server or no ip http secure-server command in global configuration mode. If both the HTTP server and HTTPS server are in use, both commands are required to disable the HTTP Server feature. Disabling HTTP and HTTPS for management functions can also be a suitable mitigation. Use the ip http active-session-modules none and ip http secure-active-session-modules none commands. While these mitigations have been deployed and were proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker to identify any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory ("First Fixed"). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified ("Combined First Fixed"). Customers can use the Cisco Software Checker to search advisories in the following ways: Choose the software and one or more releases Upload a .txt file that includes a list of specific releases Enter the output of the show version command After initiating a search, customers can customize the search to include all Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication. By default, the Cisco Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, customers can use the Cisco Software Checker on Cisco.com and check the Medium check box in the drop-down list under Impact Rating when customizing a search. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldic+NLKJtyKPYoAQgVug/+OQdeSmOzvKtMTUQFYsqi9th9lCF6mEel IVFKyjizzrEKxr6S80lCU8ArH837KnYRF4sY8TmpN+ABl/Ls0KJFcQkI4hnHZtPV jmiOMqhJSQoP2WFFgPeokbdSBBf94nXCfaCAWlUmkX4ft2SsfS5XZbeE7WKZPbaC 80QjBSczM0cfK79x24Sa5urpXqAyFc3/ksVv5vZpdmtNlOC8PzWy3d9ORY1Kw0Ri N2brxzKcdPv59VZdwL4AhtQqSzQXD0LvFut9OFKEPHacMrFOzx+/tc/qXME5V43X 7VAeUaBF2qMIo6AeitKWw6eRXTUqAGCJQww7xudxfYvRJ8SadvOc8jAziehXQ2+H M/AaSz+/4nX5xV6QjLtTc/FMm82KfxBJH9Fdc/dVuK7+3HqZOqrVR+4S6rhzgQFC BJQjhmgOliGeDLREKeIw1Pd+1bm2tzy5Lo21hnNhyTTBxsIKwThYzQv66abETTkB NoSCh+3SHiVfh0aZmwjueofPVRxtgUNL4AzuYKfWY6lOjcbqaXYty973TJbD0+cG LqHat4sKNGN2VA06cxXm/wAApPKNViTyYdjGDxcRTwPjCWIlcVQRR+EjZ4sh5VBA CNzv/nNvdD9Jy+AdhildxFm6uweLzwtNQ88W+YLQDIri7KD+PGXXm2tR8EFeNOx5 HBpCbMz6fss= =lVTK -----END PGP SIGNATURE-----
2022. április 14.

ESB-2022.1615 - [Cisco] Cisco IOS XR Software: CVSS (Max): 8.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1615 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability 14 April 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOS XR Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20714 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk Comment: CVSS (Max): 8.6 CVE-2022-20714 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability Priority: High Advisory ID: cisco-sa-lsplus-Z6AQEOjk First Published: 2022 April 13 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvy48962 CVE Names: CVE-2022-20714 CWEs: CWE-126 Summary o A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk This advisory is part of the April 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco IOS XR Software Security Advisory Bundled Publication . Affected Products o Vulnerable Products This vulnerability affects Cisco ASR 9000 Series Aggregation Services Routers if they are running Cisco IOS-XR 64-bit Software and have a Lightspeed-Plus-based line card installed. For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Determine Which Line Cards are Installed To determine which line cards are installed in the device, use the show platform CLI command. The following line cards are Lightspeed-Plus-based: A9K-4HG-FLEX-SE A9K-4HG-FLEX-TR A9K-8HG-FLEX-SE A9K-8HG-FLEX-TR A9K-20HG-FLEX-SE A9K-20HG-FLEX-TR A99-4HG-FLEX-SE A99-4HG-FLEX-TR A99-10X400GE-X-SE A99-10X400GE-X-TR A99-32X100GE-X-SE A99-32X100GE-X-TR For more information about line card type identification, see ASR 9000 Series Line Card Types . Note: The Cisco Lightspeed-Plus list of product identifiers was accurate at the time of publication. For specific questions and further clarification about a product identifier, contact the Cisco Technical Assistance Center (TAC). Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: IOS Software IOS XE Software IOS XR Platforms not listed in the Vulnerable Products section of this advisory NX-OS Software Details o When this vulnerability is successfully exploited, logs will show a warning message similar to the following: npu_server[351]: %PLATFORM-NP-4-HARD_RESET_START : NP0: Performing recovery action for an internal network processor error. (PA2REG.ppe_int1) Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases In the following table(s), the left column lists Cisco software releases. The right column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. Customers are advised to upgrade to an appropriate fixed software release as indicated in this section. Cisco IOS XR Software First Fixed Release Release 7.0 and earlier Not vulnerable. 7.1 Vulnerable; migrate to a fixed release or apply an SMU or Service Pack. 7.2 Not vulnerable; no ASR9K support. 7.3 7.3.2 7.4 and later Not affected. Cisco has released the following SMUs to address this vulnerability. Customers who require SMUs for releases that are not listed are advised to contact their support organization. Cisco IOS XR Software Release Platform SMU Name 7.1.2 ASR9K-X64 asr9k-x64-7.1.2.CSCvy48962 7.1.3 ASR9K-X64 asr9k-x64-7.1.3.CSCvz75757 Cisco has released the following Service Packs that include the SMU to address this vulnerability. Cisco IOS XR Software Release Platform Service Pack Name 7.1.2 ASR9K-X64 asr9k-px-7.1.2.k9-sp1.tar The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during the resolution of a Cisco TAC support case. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Cisco IOS XR Software Security Advisory Bundled Publication URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYldiaeNLKJtyKPYoAQiWpg//cyU5gXvTNiuQihpEw+cnyG4yk6x/jHiE 2B4TnF0SX6DRaY6468DH6FGg6BCorpu5dXv8NDjBJTNAuXN7Jlsa1CGCWibYezn1 8yZWldtE3/XidX6vI3kLrvqY27gO8CKeBGUQ4kK1MPipBemi8ey71+/ZaI54RWOW 0arC6X0KpnQU1NSvgRwr4/K1OeNRFDKuuBi7r3UGjBI6prcBTp6sEpi/fF0enLfE UE5JZnLVpOYfw8NfK0K+1ernldJ+hToljY6dYVPLK+HkHAN3cji1PIHK6htI3Tec HrgjLqz9fU9QiPCVUmFzl5UtTvwGiexqJlUIAfuUc5zi9fLgwliMR9SVy4OAVPE9 YSxWbP8YjUMdIkO8bE8XKGnH03AU+mqmWj+j09gpPy7cT+373Sqxn7Mrcguc2aQ0 6uAlLD/1eSVLnN+p3Hmy8ozNabvcgR6gsRmM3x5rbF5UCypcpx3LMaHnLq/1h4re 94OdlVhnBm1GwlWIwlilCu8qBnmg9vNIQwu8xKwQPwudXnj2kwaWN6iwLU50caJ9 3WN0yWh8xd4ETnodiM7e2J+5Y2IUegwq6zjdGtYFE8DX7Nm/V50sWTUlJyMbq3wV r+QLFqSwIBGNg+7wAMAONJHH9AbVbb2qSwIB540hJdR/1mSTJtGOEabxXS33JGKE zNrH13/0LCM= =uJk+ -----END PGP SIGNATURE-----