AusCERT - Security Bulletins
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 12 perc 49 másodperc
ESB-2022.1444.6 - UPDATE [Cisco] Cisco Products: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1444.6
Vulnerability in Spring Framework Affecting Cisco Products: March 2022
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Endpoint Clients and Client Software
Network Management and Provisioning
Voice and Unified Communications Devices
Routing and Switching - Enterprise and Service Provider
Video, Streaming, TelePresence, and Transcoding Devices
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22965
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
Revision History: April 14 2022: Vendor updated vulnerable products
April 13 2022: Updated the products under investigation, vulnerable products, and products confirmed not vulnerable.
April 8 2022: Vendor updated vulnerable products and released patch for Cisco CX Cloud Agent Software
April 6 2022: Vendor updated vulnerable products
April 5 2022: Title update
April 5 2022: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
Vulnerability in Spring Framework Affecting Cisco Products: March 2022
Priority: Critical
Advisory ID: cisco-sa-java-spring-rce-Zx9GUc67
First Published: 2022 April 1 23:45 GMT
Last Updated: 2022 April 13 16:54 GMT
Version 1.7: Interim
Workarounds: No workarounds available
CVE Names: CVE-2022-22965
CWEs: CWE-120
CVSS Score:
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Summary
o On March 31, 2022, the following critical vulnerability in the Spring
Framework affecting Spring MVC and Spring WebFlux applications running on
JDK 9+ was released:
CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
For a description of this vulnerability, see VMware Spring Framework
Security Vulnerability Report .
This advisory will be updated as additional information becomes available.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
Affected Products
o Cisco is investigating its product line to determine which products may be
affected by this vulnerability. As the investigation progresses, Cisco will
update this advisory with information about affected products.
The Vulnerable Products section will include Cisco bug IDs for each
affected product. The bugs will be accessible through the Cisco Bug Search
Tool and contain additional platform-specific information, including
workarounds (if available) and fixed software releases.
Any product not listed in the Products Under Investigation or Vulnerable
Products section of this advisory is to be considered not vulnerable.
Because this is an ongoing investigation, be aware that products that are
currently considered not vulnerable may subsequently be considered
vulnerable as additional information becomes available.
Products Under Investigation
The following products are under active investigation to determine whether
they are affected by the vulnerability that is described in this advisory.
Network Management and Provisioning
Cisco Extensible Network Controller (XNC)
Cisco Network Change and Configuration Management
Cisco Nexus Dashboard Data Broker, formerly Cisco Nexus Data Broker
Cisco Nexus Dashboard, formerly Cisco Application Services Engine
Routing and Switching - Enterprise and Service Provider
Cisco Application Policy Infrastructure Controller Enterprise Module
(APIC-EM)
Cisco Network Convergence System 2000 Series
Cisco ONS 15454 Series Multiservice Provisioning Platforms
Wireless
Cisco Ultra Cloud Core - Session Management Function
Cisco Cloud Hosted Services
Cisco IoT Control Center
Cisco Umbrella
Vulnerable Products
Cisco is investigating its product line to determine which products may be
affected by this vulnerability. This section will be updated as information
is available.
The following table lists Cisco products that are affected by the
vulnerability that is described in this advisory. If a future release date
is indicated for software, the date provided represents an estimate based
on all information known to Cisco as of the Last Updated date at the top of
the advisory. Availability dates are subject to change based on a number of
factors, including satisfactory testing results and delivery of other
priority features and fixes. If no version or date is listed for an
affected component (indicated by a blank field and/or an advisory
designation of Interim), Cisco is continuing to evaluate the fix and will
update the advisory as additional information becomes available. After the
advisory is marked Final, customers should refer to the associated Cisco
bug(s) for further details.
Product Cisco Bug Fixed Release
ID Availability
Endpoint Clients and Client Software
Cisco CX Cloud Agent Software CSCwb41735 2.1.0 (20 Apr 2022)
Network Management and Provisioning
Cisco Automated Subsea Tuning CSCwb43658 2.1.0 (31 May 2022)
Cisco Crosswork Network Controller CSCwb43703 3.0.2 (29 Apr 2022)
2.0.2 (29 Apr 2022)
Cisco Crosswork Optimization Engine CSCwb43709 3.1.1 (1 May 2022)
2.1.1 (1 May 2022)
Cisco Crosswork Zero Touch Provisioning CSCwb43706 3.0.2 (29 Apr 2022)
(ZTP) 2.0.2 (20 Apr 2022)
Cisco Evolved Programmable Network 6.0.1.1 (29 Apr 2022)
Manager CSCwb43643 5.1.4.1 (29 Apr 2022)
5.0.2.3 (29 Apr 2022)
Cisco Managed Services Accelerator (MSX) CSCwb43667
Cisco Optical Network Planner CSCwb43691 5.0 (30 Aug 2022)
7.5.2.1 (19 Apr 2022)
Cisco WAN Automation Engine (WAE) Live CSCwb43708 7.4.0.2 (25 Apr 2022)
7.3.0.3 (29 Apr 2022)
7.5.2.1 (19 Apr 2022)
Cisco WAN Automation Engine (WAE) CSCwb43708 7.4.0.2 (25 Apr 2022)
7.3.0.3 (29 Apr 2022)
Data Center Network Manager (DCNM) CSCwb43637 12.1.1 (30 Jun 2022)
Nexus Dashboard Fabric Controller (NDFC) CSCwb43637 12.1.1 (30 Jun 2022)
Routing and Switching - Enterprise and Service Provider
Cisco DNA Center CSCwb43648
Cisco Optical Network Controller CSCwb43692 2.0 (31 May 2022)
Cisco Software-Defined AVC (SD-AVC) CSCwb43727
Voice and Unified Communications Devices
12.0 (30 May 2022)
Cisco Enterprise Chat and Email CSCwb45202 12.5 (30 May 2022)
12.6 ES2 (15 May 2022)
Video, Streaming, TelePresence, and Transcoding Devices
3.5.0 (30 Apr 2022)
Cisco Meeting Server CSCwb43662 3.4.2 (31 May 2022)
3.3.3 (17 Jun 2022)
Products Confirmed Not Vulnerable
Cisco is investigating its product line to determine which products may be
affected by this vulnerability. This section will be updated as information
becomes available.
Any product not listed in the Products Under Investigation or Vulnerable
Products section of this advisory is to be considered not vulnerable.
Because this is an ongoing investigation, be aware that products that are
currently considered not vulnerable may subsequently be considered
vulnerable as additional information becomes available.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Cable Devices
Cisco Continuous Deployment and Automation Framework
Cisco Prime Cable Provisioning
Collaboration and Social Media
Cisco SocialMiner
Cisco Webex Meetings Server
Network Application, Service, and Acceleration
Cisco Wide Area Application Services (WAAS)
Network and Content Security Devices
Cisco Adaptive Security Appliance (ASA) Software
Cisco Firepower Device Manager (FDM)
Cisco Firepower Management Center (FMC)
Cisco Firepower System Software
Cisco Identity Services Engine (ISE)
Cisco Secure Email Gateway, formerly Email Security Appliance (ESA)
Cisco Secure Email and Web Manager, formerly Cisco Content Security
Management Appliance (SMA)
Cisco Secure Network Analytics, formerly Cisco Stealthwatch
Cisco Security Manager
Network Management and Provisioning
Cisco Business Process Automation
Cisco CloudCenter Action Orchestrator
Cisco CloudCenter Cost Optimizer
Cisco CloudCenter Suite Admin
Cisco CloudCenter Workload Manager
Cisco CloudCenter
Cisco Collaboration Audit and Assessments
Cisco Common Services Platform Collector (CSPC)
Cisco Connected Mobile Experiences
Cisco Connected Pharma
Cisco Crosswork Change Automation
Cisco Crosswork Data Gateway
Cisco Crosswork Network Automation
Cisco Crosswork Situation Manager
Cisco DNA Assurance
Cisco Elastic Services Controller (ESC)
Cisco Intelligent Node (iNode) Manager
Cisco IoT Field Network Director, formerly Cisco Connected Grid Network
Management System
Cisco NCS 2000 Shelf Virtualization Orchestrator (SVO)
Cisco Network Insights for Data Center
Cisco Nexus Dashboard
Cisco Nexus Insights
Cisco Policy Suite for Mobile
Cisco Policy Suite
Cisco Prime Performance Manager
Cisco Smart PHY
Cisco ThousandEyes Endpoint Agent
Cisco ThousandEyes Enterprise Agent
Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM
Routing and Switching - Enterprise and Service Provider
Cisco ACI HTML5 vCenter Plug-in
Cisco ASR 5000 Series Routers
Cisco Enterprise NFV Infrastructure Software (NFVIS)
Cisco GGSN Gateway GPRS Support Node
Cisco IOx Fog Director
Cisco IP Services Gateway (IPSG)
Cisco MME Mobility Management Entity
Cisco Mobility Unified Reporting and Analytics System
Cisco PDSN/HA Packet Data Serving Node and Home Agent
Cisco PGW Packet Data Network Gateway
Cisco SD-WAN vManage
Cisco System Architecture Evolution Gateway (SAEGW)
Cisco Ultra Packet Core
Cisco Ultra Services Platform
Ultra Cloud Core - Redundancy Configuration Manager
Routing and Switching - Small Business
Cisco Business Dashboard
Unified Computing
Cisco HyperFlex
Voice and Unified Communications Devices
Cisco BroadWorks
Cisco Cloud Connect
Cisco Emergency Responder
Cisco Unified Attendant Console Advanced
Cisco Unified Attendant Console Business Edition
Cisco Unified Attendant Console Department Edition
Cisco Unified Attendant Console Enterprise Edition
Cisco Unified Attendant Console Premium Edition
Cisco Unified Communications Manager IM & Presence Service
Cisco Unified Communications Manager Session Management Edition
Cisco Unified Communications Manager
Cisco Unified Contact Center Express
Cisco Unified Customer Voice Portal
Cisco Unified Intelligence Center
Cisco Unity Connection
Cisco Virtualized Voice Browser
Video, Streaming, TelePresence, and Transcoding Devices
Cisco Expressway Series
Cisco TelePresence Integrator C Series
Cisco TelePresence MX Series
Cisco TelePresence Management Suite Provisioning Extensions
Cisco TelePresence Management Suite
Cisco TelePresence Precision Cameras
Cisco TelePresence Profile Series
Cisco TelePresence SX Series
Cisco TelePresence System EX Series
Cisco TelePresence Video Communication Server (VCS)
Cisco Touch
Cisco Video Surveillance Operations Manager
Cisco Vision Dynamic Signage Director
Cisco Webex Board Series
Cisco Webex Desk Series
Cisco Webex Room Navigator
Cisco Webex Room Series
Wireless
Cisco Ultra Cloud Core - Access and Mobility Management Function
Cisco Ultra Cloud Core - Network Repository Function
Cisco Ultra Cloud Core - Policy Control Function
Cisco Ultra Cloud Core - Redundancy Configuration Manager
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure
Cisco Cloud Hosted Services
Cisco BroadCloud
Cisco Industrial Asset Vision
Cisco IoT Operations Dashboard (IOTOC)
Cisco Kinetic for Cities
Cisco Registered Envelope Service
Cisco Smart Collector - Lifecycle Management
Cisco Unified Communications Manager Cloud
Cisco Webex Cloud-Connected UC (CCUC)
Workarounds
o Any workarounds will be documented in the product-specific Cisco bugs,
which are identified in the Vulnerable Products section of this advisory.
Fixed Software
o For information about fixed software releases, consult the Cisco bugs
identified in the Vulnerable Products section of this advisory.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page, to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is aware that
proof-of-concept exploit code is available for the vulnerability described
in this advisory.
Source
o This vulnerability was publicly disclosed by VMware on March 31, 2022.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Action Links for This Advisory
o Snort Rule 30790
Snort Rule 30791
Snort Rule 30792
Snort Rule 30793
Snort Rule 59416
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
Revision History
o +---------+----------------------------+----------+---------+-------------+
| Version | Description | Section | Status | Date |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.7 | investigation, vulnerable | Affected | Interim | 2022-APR-13 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.6 | investigation, vulnerable | Affected | Interim | 2022-APR-12 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.5 | investigation, vulnerable | Affected | Interim | 2022-APR-11 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.4 | investigation, vulnerable | Affected | Interim | 2022-APR-07 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.3 | investigation, vulnerable | Affected | Interim | 2022-APR-06 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.2 | investigation, vulnerable | Affected | Interim | 2022-APR-05 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| | Updated the products under | | | |
| 1.1 | investigation, vulnerable | Affected | Interim | 2022-APR-04 |
| | products, and products | Products | | |
| | confirmed not vulnerable. | | | |
+---------+----------------------------+----------+---------+-------------+
| 1.0 | Initial public release. | - | Interim | 2022-APR-01 |
+---------+----------------------------+----------+---------+-------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldxTuNLKJtyKPYoAQhgqRAArZvkAPWlvsQWlTeGllpPXb5/5Mzu0xRp
onZvp58LF4pMdftctVZeBRLlsEmUuD3/hROSdA7bz4Yv6/P3Tk5eDwkldKuObp+X
V6XOdjvu2gJQpSFbym+FzUkDpMxhVVW8FswldwDo6IZA4llKc4Fxwfls8aEA3dn8
zBCi7X6EXQPRzhCm+8Q0UnlnUdEDzsZD46fOOPkRnsbEXNJ/uGaR+eE67dyzgVow
YWHEajF/iCLR6WbmK8T60stT4slycLRanfKbq3xiQM64UXJz83hDp/pJ0X8Q/Fgs
otU/QfzBpfji6Wfzpdk2bdExd0xC0KSMBJdKD9JgRP6WSvjHHa1G42waa2Ws9+Z6
29NHbjMb9PPwULth3paUJrN8506UhIyH6mUj03iG7OT9r6NoCgkFhZeIedGVCwMM
SyMve7dcLnQL1LfI9F4Z/aw1aBAsAKtjWs5FREf7X4dfiuEXm+xDxOiOGlSrGiac
DsVSgDkYv89Gc4u7eUysFX/8YbeDIgErn0LstPX0mjO2oK3bCAqkMxZCtJUhIVHp
PWMg8h8L9r8MJ3ybK7Y6a4pM3r2q0IbzizWuVxd8rrXHGwCjOhe/XoepuufEdc4Y
5Ai/GkQNczPKHXABpsGsYAHNQ5piYC3REIsrdRrBCrd8f5uNRuyNI2VqL1bbxEjY
2U+D/Uihj+o=
=euUH
-----END PGP SIGNATURE-----
ESB-2022.1633 - [Ubuntu] Gzip: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1633
USN-5378-4: Gzip vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Gzip
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
https://ubuntu.com/security/notices/USN-5378-4
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5378-4: Gzip vulnerability
13 April 2022
Gzip could be made to overwrite arbitrary files.
Releases
o Ubuntu 16.04 ESM
o Ubuntu 14.04 ESM
Packages
o gzip - GNU compression utilities
Details
USN-5378-1 fixed a vulnerability in Gzip. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Cleemy Desu Wayo discovered that Gzip incorrectly handled certain
filenames. If a user or automated system were tricked into performing zgrep
operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 16.04
o gzip - 1.6-4ubuntu1+esm1
Available with UA Infra or UA Desktop
Ubuntu 14.04
o gzip - 1.6-3ubuntu1+esm1
Available with UA Infra or UA Desktop
In general, a standard system update will make all the necessary changes.
References
o CVE-2022-1271
Related notices
o USN-5378-1 : gzip, gzip-win32
o USN-5378-2 : xzdec, liblzma5, liblzma-doc, liblzma-dev, xz-utils
o USN-5378-3 : xzdec, liblzma5, liblzma-doc, liblzma-dev, xz-utils
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjT+NLKJtyKPYoAQhXcg//baFirTHeN5TwbS+vAKIxs7nywk0JXKgc
Ed34LJadYHFWslSy5U+l+F3dQhy2e9+sadFAzigGKDYZH/c2fftGLCIdTBLSgPuv
/YTbs2vlwB7o+3SrGISRvLj4rXo2ZuIOfzU55SQjV47UohD7r05tHRwMk4fcebxP
vNvZ0/apFa8ILFaIhVxVmegRprNAIfkO2kBxRFnyQby1NGVBQXWaxO8WIw4P6i8B
7x7VVGWMmPKTinbWZ4woiB/+kAjTRJOStsKDWOhajZQzqegt++8UfyBdyHWBvaeZ
KOLZ9d5EFC6NBAH9XDZCAIXGNvaESxUiFTy6s+/bpZOHolZrMwgOuWJYBc0hz9Ud
7A9p8C2jNMlYPsRBSpzXFKNO+UTI4agzabGauMu7ngWI7XJnsf4wYVkqlBJPd94F
JZPOKlLhKoSEA0rdsB7Q7gnamIGWZc2viDZ4rjlrIHk7bfzI0lqNOnPRfJ8n/n66
ij/TMbjb+XieQy0wyiwZqJS1pooryAYZ5HZ+3llPzKiXAO1dgtHNpmD2xNzMVtTr
2rho3OVXEfwP/IL/5+OnXIW4nkYxKf51GTfrcVIBEquy95IbMLKf282R9C5Eoz3G
6GCAaBVISt/sddn5T1CWxZWrA7T/7SDuZxZvV+BOhQXQ8k9aNoI78utAYsRYXEDJ
MOOfGhYggho=
=zOu0
-----END PGP SIGNATURE-----
ESB-2022.1632 - [Ubuntu] XZ Utils: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1632
USN-5378-3: XZ Utils vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: XZ Utils
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
https://ubuntu.com/security/notices/USN-5378-3
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5378-3: XZ Utils vulnerability
13 April 2022
XZ Utils could be made to overwrite arbitrary files.
Releases
o Ubuntu 16.04 ESM
o Ubuntu 14.04 ESM
Packages
o xz-utils - XZ-format compression utilities
Details
USN-5378-2 fixed a vulnerability in XZ Utils. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Cleemy Desu Wayo discovered that Gzip incorrectly handled certain
filenames. If a user or automated system were tricked into performing zgrep
operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 16.04
o xz-utils - 5.1.1alpha+20120614-2ubuntu2.16.04.1+esm1
Available with UA Infra or UA Desktop
Ubuntu 14.04
o xz-utils - 5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1
Available with UA Infra or UA Desktop
In general, a standard system update will make all the necessary changes.
References
o CVE-2022-1271
Related notices
o USN-5378-1 : gzip, gzip-win32
o USN-5378-2 : xz-utils, liblzma5, liblzma-doc, liblzma-dev, xzdec
o USN-5378-4 : gzip
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjRONLKJtyKPYoAQieQg/6ArAGFwKs9xoCgPVwyIcolHbFKMEFX5Bo
vCFlUV2pgt9ukNkZeMDhqaxh8/e9a2Cz1taLqkxZ1SOhWj2AYEuBc2NOAXinNSFx
1ocyBeaUDlKuRyPS39N77LwcfWfMFHOA6fNUBRjP/m/JoLo9uIEtbcUZhbVe0QDw
zD5COKhdu4uQZTCMxj96gLGq+50Xl3D6eqXhL3nnXW0dPbnpq/UnqU9wyUxa0qj6
LiKnrSJEU6wALLymh0Wg5l/6ekRAoCq8gO6UAck165S2yTq9zNt2cRJeFczcIlme
nWn/9gEapoABDErgbXi8zTQc1gTzhjDPRYWDpKwb73fWDpvj3EXO02Po1Rb5fPHS
xf6V3AZKv/FW37QOqb1ABTXwEI1IHVBceWioVqRym0PyztwzWBYWCqubgzpgzp2c
yZjQfCRikHfZe+8s0NtbalECjEk3FewzMadhgHeL3in04s4v43BIdcSaFfLGdhNL
t2rtDHzq9KROQaJSqLixxWIkNsCfhCLhft7lHeKMRpNizzFKJK9k5qKplVAK+WXp
1TccIoaKliT2StPVSJhB+4+HEa5Up6dLFIE2cLnxtmrBxo4Gwqp6u7gbx1r+Hr/e
mGPWymJtxM4978r564ov9vPF2KsKBdbFxMKzVgag86OrqLmXqOdcTX0NC8HgTiH2
Y7pq6gFcLp0=
=L7Qo
-----END PGP SIGNATURE-----
ESB-2022.1631 - [Ubuntu] XZ Utils: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1631
USN-5378-2: XZ Utils vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: XZ Utils
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
https://ubuntu.com/security/notices/USN-5378-2
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5378-2: XZ Utils vulnerability
13 April 2022
XZ Utils could be made to overwrite arbitrary files.
Releases
o Ubuntu 21.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o xz-utils - XZ-format compression utilities
Details
Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain
filenames. If a user or automated system were tricked into performing
xzgrep operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 21.10
o xz-utils - 5.2.5-2ubuntu0.1
Ubuntu 20.04
o xz-utils - 5.2.4-1ubuntu1.1
Ubuntu 18.04
o xz-utils - 5.2.2-1.3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References
o CVE-2022-1271
Related notices
o USN-5378-1 : gzip-win32, gzip
o USN-5378-3 : xz-utils, xzdec, liblzma-dev, liblzma-doc, liblzma5
o USN-5378-4 : gzip
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjOuNLKJtyKPYoAQgelQ//RFYahLuxE6+T5/TzMZSeIMssmPE12Lpt
XErtDIe8Yb1dqAY8tkE6po8muOdW+C2gpG2CiZOVYdXXi82kmbwzjfaXszb7bF3n
KJCX58Ft1Z5PeN8e8SWVrRdpk7XyI2ydi31eL5sb+WA2r3RaCtcOMRZa+7pV6aA2
e4ioBAy6DqM3OrdwmaygFL8hEP1dO9iC+qkFfkBplpx+UN+1cpwj3vRBDwXwY7EL
sAEBiK2i80giF/D+vfx7bF/de1y4aHp5CpWFM4FihWxQTjThuRlq+irl+wGS3XFf
V6x6FILhKo+jaHkjfyxaOXxQyD9be0nGQD0ktIFA5frPVSCopfZC3/ULX3D83X2B
qU1QsmvuFvANWgIIY+EqgNVYA8Xm2n7CbfBylP3iJtGqzTQjs4liSflfPrJd+Iwm
RvRi6V04B7HL8QB+JRWdY2QeT90spOXocbuBE3bhprDfUpQZNGCFjAHUOwrKJgbK
SCGm8WWk6NyYl3mB0HcO1t97j/JQHRwG1JcpZlX48E+YVpPHvCzS1jsxyA/PjgfW
x13SkwqOlH2KGImHaTqhswZjsjtN5LN0hVm5m35LwGzYXM+S6ccszwBhO4dhZO2W
6/Fxj10NlH8cyB3YbP0eL7VTTU22bP6aqqjv0qdskypGluOkFclYSLuzz6APEsHl
EjkpDReeJtI=
=3UwC
-----END PGP SIGNATURE-----
ESB-2022.1630 - [Ubuntu] Gzip: CVSS (Max): 7.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1630
USN-5378-1: Gzip vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Gzip
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-1271
Original Bulletin:
https://ubuntu.com/security/notices/USN-5378-1
Comment: CVSS (Max): 7.1 CVE-2022-1271 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5378-1: Gzip vulnerability
13 April 2022
Gzip could be made to overwrite arbitrary files.
Releases
o Ubuntu 21.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o gzip - GNU compression utilities
Details
Cleemy Desu Wayo discovered that Gzip incorrectly handled certain
filenames. If a user or automated system were tricked into performing zgrep
operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 21.10
o gzip - 1.10-4ubuntu1.1
Ubuntu 20.04
o gzip - 1.10-0ubuntu4.1
Ubuntu 18.04
o gzip - 1.6-5ubuntu1.2
In general, a standard system update will make all the necessary changes.
References
o CVE-2022-1271
Related notices
o USN-5378-2 : xz-utils, liblzma-dev, liblzma5, liblzma-doc, xzdec
o USN-5378-3 : xz-utils, liblzma-dev, liblzma5, liblzma-doc, xzdec
o USN-5378-4 : gzip
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjLuNLKJtyKPYoAQgpNRAAkRKdKGwFTBoalxOAZMIvzd79HDRnA0PH
k6wx4GjVDzfT2bjV6i4nf9cudfXu3W7Xxcxr3RShPV7KlO1Yl3I5Bucl5AOvfRWF
4PJeeYcFFY/kvscTqnGhcavoATbyBww5qFREca2yPsJVvgO5amrePv92iqN5tE01
5P9KUoUA9NFXRt6UOyxXexivLsK/RbCbv1n54ZevFZbRAIqnmTeP9ZZDR6lvyph7
4Lixfg4CETPym1bP9Jpf5Y4xpOIoYJNVZ3Ewu6l+ALrcdHlSgZsKlCeGSvHDhfhG
CUMlsU5LitnH5b4zWgX8Y8K1Z7yPwBhWS/kr6LdMutsTQyk1o1TL69gWBpB3OWPM
qaWepNftY+edOl5+eIeFSEYy0YqP3dwIvWDw1XVf8vFMLbh6+X8AQmy4tr0QBzcd
rnQbrUHitnzXQd1QKXu3JrMogB4RHL9/vP29hlV5Y9QnoNMEEVtft5oE3IdYTeLf
DFh0E4mcYpwIVMVZnsCuwuOxzdBNGAFvGhZ7dxv5iyFJhD5yzSmmxqUxvqhhMYcG
KYsICMZp+TNJclBca8+4AuZA4k5eGW3HUf3wJFtAUyoZxf51IX3Up0ykbdadiDXi
W11qw/oSO6/Wd3cs5F5XPS8/iSrAPy/E41cVj4VWzh+Klj6tNDb4h0fzAT30V9as
izt9KVoCCAI=
=vjQj
-----END PGP SIGNATURE-----
ESB-2022.1629 - [Ubuntu] Linux Kernel (BlueField): CVSS (Max): 8.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1629
USN-5377-1: Linux kernel (BlueField) vulnerabilities
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux Kernel (BlueField)
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-1055 CVE-2022-0492
CVE-2022-0435 CVE-2021-45480 CVE-2021-45469
CVE-2021-45095 CVE-2021-44733 CVE-2021-43976
CVE-2021-28715 CVE-2021-28714 CVE-2021-28713
CVE-2021-28712 CVE-2021-28711 CVE-2021-4135
Original Bulletin:
https://ubuntu.com/security/notices/USN-5377-1
Comment: CVSS (Max): 8.8 CVE-2022-0435 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: [NVD], Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5377-1: Linux kernel (BlueField) vulnerabilities
13 April 2022
Several security issues were fixed in the Linux kernel.
Releases
o Ubuntu 20.04 LTS
Packages
o linux-bluefield - Linux kernel for NVIDIA BlueField platforms
Details
It was discovered that the network traffic control implementation in the
Linux kernel contained a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. ( CVE-2022-1055 )
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. ( CVE-2022-0492 )
Jurgen Gross discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
( CVE-2021-28711 , CVE-2021-28712 , CVE-2021-28713 )
Jurgen Gross discovered that the Xen network backend driver in the Linux
kernel did not adequately limit the amount of queued packets when a guest
did not process them. An attacker in a guest VM can use this to cause a
denial of service (excessive kernel memory consumption) in the network
backend domain. ( CVE-2021-28714 , CVE-2021-28715 )
It was discovered that the simulated networking device driver for the Linux
kernel did not properly initialize memory in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
( CVE-2021-4135 )
Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver
in the Linux kernel did not properly handle some error conditions. A
physically proximate attacker could use this to cause a denial of service
(system crash). ( CVE-2021-43976 )
It was discovered that the ARM Trusted Execution Environment (TEE)
subsystem in the Linux kernel contained a race condition leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service or possibly execute arbitrary code. ( CVE-2021-44733 )
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). ( CVE-2021-45095 )
Wenqing Liu discovered that the f2fs file system in the Linux kernel did
not properly validate the last xattr entry in an inode. An attacker could
use this to construct a malicious f2fs image that, when mounted and
operated on, could cause a denial of service (system crash) or possibly
execute arbitrary code. ( CVE-2021-45469 )
It was discovered that the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel did not properly deallocate memory in
some error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). ( CVE-2021-45480 )
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
( CVE-2022-0435 )
It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. ( CVE-2022-27666 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.04
o linux-image-bluefield - 5.4.0.1032.33
o linux-image-5.4.0-1032-bluefield - 5.4.0-1032.35
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2021-45095
o CVE-2021-28714
o CVE-2021-28715
o CVE-2021-28713
o CVE-2021-45469
o CVE-2022-0492
o CVE-2021-44733
o CVE-2021-43976
o CVE-2021-45480
o CVE-2021-4135
o CVE-2022-0435
o CVE-2021-28712
o CVE-2022-1055
o CVE-2021-28711
o CVE-2022-27666
Related notices
o USN-5278-1 : linux-oem-20.04d, linux-oem-5.14-tools-host,
linux-headers-5.14.0-1022-oem, linux-buildinfo-5.14.0-1022-oem,
linux-oem-5.14-headers-5.14.0-1022, linux-tools-5.14.0-1022-oem,
linux-image-unsigned-5.14.0-1022-oem, linux-modules-5.14.0-1022-oem,
linux-tools-oem-20.04d, linux-oem-5.14-tools-5.14.0-1022,
linux-headers-oem-20.04d, linux-image-5.14.0-1022-oem,
linux-image-oem-20.04d, linux-oem-5.14
o USN-5337-1 : linux-cloud-tools-5.13.0-37-generic,
linux-image-unsigned-5.13.0-1023-oracle, linux-gcp-headers-5.13.0-1021,
linux-aws-headers-5.13.0-1019, linux-tools-5.13.0-1022-raspi-nolpae,
linux-headers-5.13.0-1021-gcp, linux-image-lowlatency-hwe-20.04-edge,
linux-image-generic-lpae-hwe-20.04-edge, linux-image-gke,
linux-image-5.13.0-1019-aws, linux-headers-gke, linux-image-generic-64k,
linux-headers-5.13.0-37-generic-64k, linux-modules-5.13.0-1023-oracle,
linux-tools-5.13.0-37-lowlatency, linux-cloud-tools-common,
linux-image-generic-64k-hwe-20.04-edge, linux-gcp-edge,
linux-modules-extra-5.13.0-1019-aws, linux-image-raspi-nolpae,
linux-lowlatency, linux-cloud-tools-generic-hwe-20.04,
linux-headers-generic-lpae-hwe-20.04, linux-kvm-headers-5.13.0-1018,
linux-crashdump, linux-gcp-5.13, linux-modules-5.13.0-37-generic-64k,
linux-tools-common, linux-aws-cloud-tools-5.13.0-1019,
linux-image-5.13.0-1018-kvm, linux-virtual-hwe-20.04,
linux-gcp-tools-5.13.0-1021, linux-buildinfo-5.13.0-1021-gcp,
linux-generic-64k, linux-image-raspi, linux-tools-virtual,
linux-modules-extra-aws, linux-modules-extra-raspi,
linux-tools-generic-64k-hwe-20.04, linux-tools-5.13.0-1021-gcp,
linux-modules-extra-raspi-nolpae, linux-cloud-tools-lowlatency,
linux-tools-lowlatency-hwe-20.04-edge, linux-tools-aws-edge,
linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-oem-20.04,
linux-headers-raspi-nolpae, linux-headers-raspi,
linux-image-5.13.0-37-generic-64k, linux-kvm, linux-virtual-hwe-20.04-edge,
linux-buildinfo-5.13.0-1022-raspi-nolpae,
linux-cloud-tools-5.13.0-1019-aws, linux-image-generic-64k-hwe-20.04,
linux-gke, linux-image-5.13.0-1023-oracle,
linux-image-5.13.0-1022-raspi-nolpae, linux-buildinfo-5.13.0-37-generic,
linux-image-unsigned-5.13.0-37-lowlatency, linux-virtual,
linux-buildinfo-5.13.0-37-generic-64k, linux-cloud-tools-5.13.0-37,
linux-cloud-tools-lowlatency-hwe-20.04, linux-image-5.13.0-1022-raspi,
linux-headers-kvm, linux-tools-generic-hwe-20.04, linux-tools-lowlatency,
linux-headers-virtual, linux-image-generic-hwe-20.04-edge,
linux-tools-5.13.0-37-generic, linux-image-gcp,
linux-tools-virtual-hwe-20.04-edge, linux-image-kvm,
linux-headers-lowlatency-hwe-20.04-edge, linux-hwe-5.13-tools-5.13.0-37,
linux-cloud-tools-virtual, linux-image-generic-lpae,
linux-headers-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04-edge,
linux-tools-5.13.0-1019-aws, linux-tools-generic-64k-hwe-20.04-edge,
linux-cloud-tools-5.13.0-37-lowlatency, linux-tools-gke, linux-source,
linux-tools-5.13.0-37-generic-lpae, linux-buildinfo-5.13.0-1023-oracle,
linux-headers-lowlatency-hwe-20.04, linux-image-aws,
linux-modules-5.13.0-1022-raspi-nolpae,
linux-headers-generic-hwe-20.04-edge, linux-modules-5.13.0-37-generic-lpae,
linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp,
linux-hwe-5.13, linux-tools-oracle, linux-aws-tools-5.13.0-1019,
linux-aws-5.13-headers-5.13.0-1019, linux-modules-5.13.0-1021-gcp,
linux-headers-5.13.0-1022-raspi, linux-image-unsigned-5.13.0-1018-kvm,
linux-image-oracle, linux-headers-5.13.0-1018-kvm, linux-headers-aws-edge,
linux-image-generic-hwe-20.04, linux-oracle-tools-5.13.0-1023,
linux-image-generic-lpae-hwe-20.04, linux-hwe-5.13-cloud-tools-5.13.0-37,
linux-image-5.13.0-1021-gcp, linux-doc, linux-tools-generic-hwe-20.04-edge,
linux-image-extra-virtual-hwe-20.04, linux-tools-lowlatency-hwe-20.04,
linux-generic-hwe-20.04, linux-modules-5.13.0-37-lowlatency,
linux-raspi-tools-5.13.0-1022, linux-modules-extra-5.13.0-1021-gcp,
linux-tools-kvm, linux-aws-5.13, linux-headers-generic-lpae-hwe-20.04-edge,
linux-hwe-5.13-source-5.13.0, linux-image-virtual-hwe-20.04, linux-raspi,
linux-buildinfo-5.13.0-1019-aws, linux-tools-5.13.0-1023-oracle,
linux-tools-generic-lpae-hwe-20.04, linux-image-extra-virtual,
linux-headers-virtual-hwe-20.04, linux-buildinfo-5.13.0-37-lowlatency,
linux-image-5.13.0-37-lowlatency, linux-image-extra-virtual-hwe-20.04-edge,
linux-modules-5.13.0-1022-raspi, linux-image-unsigned-5.13.0-1019-aws,
linux-modules-5.13.0-37-generic, linux-oracle-headers-5.13.0-1023,
linux-aws-5.13-tools-5.13.0-1019, linux-tools-host, linux-image-aws-edge,
linux-oem-20.04, linux-cloud-tools-virtual-hwe-20.04,
linux-image-5.13.0-37-generic, linux-hwe-5.13-tools-host,
linux-tools-virtual-hwe-20.04, linux-image-unsigned-5.13.0-37-generic-64k,
linux-modules-5.13.0-1018-kvm, linux-buildinfo-5.13.0-37-generic-lpae,
linux-headers-5.13.0-37-generic-lpae, linux-tools-generic-lpae,
linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-raspi,
linux-tools-generic, linux-tools-5.13.0-1022-raspi,
linux-headers-5.13.0-37, linux-gcp-5.13-headers-5.13.0-1021,
linux-modules-extra-5.13.0-37-generic,
linux-cloud-tools-virtual-hwe-20.04-edge,
linux-image-unsigned-5.13.0-1021-gcp, linux-gcp, linux-headers-gcp-edge,
linux-aws-edge, linux-image-virtual-hwe-20.04-edge,
linux-headers-generic-64k, linux-tools-raspi-nolpae, linux-raspi-nolpae,
linux-tools-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge,
linux-image-generic, linux-generic-lpae-hwe-20.04,
linux-headers-5.13.0-1022-raspi-nolpae, linux-hwe-5.13-tools-common,
linux-headers-virtual-hwe-20.04-edge, linux-generic-lpae,
linux-headers-oracle, linux-headers-gcp, linux-image-lowlatency,
linux-modules-extra-gcp-edge, linux-modules-extra-aws-edge,
linux-tools-gcp-edge, linux-generic-hwe-20.04-edge,
linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge,
linux-modules-extra-gcp, linux-tools-oem-20.04, linux,
linux-headers-generic-hwe-20.04, linux-modules-5.13.0-1019-aws,
linux-raspi-headers-5.13.0-1022, linux-buildinfo-5.13.0-1018-kvm,
linux-headers-lowlatency, linux-headers-5.13.0-1019-aws,
linux-buildinfo-5.13.0-1022-raspi, linux-cloud-tools-generic,
linux-headers-5.13.0-1023-oracle, linux-modules-extra-5.13.0-1022-raspi,
linux-image-5.13.0-37-generic-lpae, linux-tools-5.13.0-37-generic-64k,
linux-headers-generic-lpae, linux-generic-64k-hwe-20.04,
linux-lowlatency-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge,
linux-source-5.13.0, linux-gcp-5.13-tools-5.13.0-1021,
linux-image-unsigned-5.13.0-37-generic, linux-libc-dev, linux-tools-aws,
linux-oracle, linux-tools-5.13.0-37, linux-modules-extra-gke,
linux-kvm-tools-5.13.0-1018, linux-headers-aws, linux-image-oem-20.04,
linux-headers-5.13.0-37-generic, linux-aws, linux-tools-5.13.0-1018-kvm,
linux-modules-extra-5.13.0-1023-oracle,
linux-aws-5.13-cloud-tools-5.13.0-1019, linux-hwe-5.13-headers-5.13.0-37,
linux-image-virtual, linux-image-gcp-edge,
linux-modules-extra-5.13.0-1022-raspi-nolpae,
linux-hwe-5.13-cloud-tools-common, linux-headers-5.13.0-37-lowlatency
o USN-5338-1 : linux-modules-extra-azure-lts-20.04,
linux-tools-generic-hwe-18.04, linux-image-5.4.0-1018-ibm,
linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge,
linux-modules-extra-oracle, linux-headers-gke, linux-image-aws-lts-20.04,
linux-cloud-tools-common, linux-lowlatency, linux-image-oracle-edge,
linux-tools-common, linux-image-unsigned-5.4.0-105-generic,
linux-image-gkeop-5.4, linux-headers-5.4.0-1066-gke, linux-image-azure-fde,
linux-oracle-headers-5.4.0-1067, linux-generic-hwe-18.04-edge,
linux-aws-5.4-headers-5.4.0-1069, linux-image-5.4.0-1073-azure-fde,
linux-headers-azure-edge, linux-cloud-tools-lowlatency,
linux-image-5.4.0-105-generic, linux-headers-5.4.0-1069-aws,
linux-headers-raspi-hwe-18.04-edge, linux-oem,
linux-tools-oracle-lts-20.04, linux-aws-cloud-tools-5.4.0-1069,
linux-cloud-tools-5.4.0-105-lowlatency, linux-headers-5.4.0-105-lowlatency,
linux-tools-5.4.0-1073-azure, linux-headers-virtual,
linux-hwe-5.4-cloud-tools-common, linux-oracle-lts-20.04,
linux-ibm-cloud-tools-common, linux-aws-tools-5.4.0-1069,
linux-headers-generic-lpae-hwe-18.04, linux-cloud-tools-5.4.0-105,
linux-snapdragon-hwe-18.04, linux-raspi-headers-5.4.0-1056,
linux-image-5.4.0-105-lowlatency, linux-image-aws,
linux-buildinfo-5.4.0-105-generic-lpae,
linux-image-unsigned-5.4.0-1073-azure, linux-tools-gcp, linux-generic,
linux-headers-5.4.0-1073-azure, linux-modules-extra-5.4.0-1018-ibm,
linux-headers-aws-edge, linux-doc, linux-buildinfo-5.4.0-1068-gcp,
linux-image-unsigned-5.4.0-1067-oracle, linux-tools-5.4.0-105,
linux-azure-headers-5.4.0-1073, linux-image-azure,
linux-raspi-5.4-headers-5.4.0-1056, linux-image-oracle-lts-20.04,
linux-modules-5.4.0-1066-gke, linux-headers-5.4.0-1059-kvm,
linux-aws-headers-5.4.0-1069, linux-tools-ibm-lts-20.04, linux-azure-fde,
linux-image-extra-virtual, linux-signed-image-oracle-edge,
linux-headers-azure-lts-20.04, linux-aws-5.4-cloud-tools-5.4.0-1069,
linux-modules-5.4.0-105-lowlatency, linux-cloud-tools-azure,
linux-headers-oracle-lts-20.04, linux-modules-extra-aws-lts-20.04,
linux-headers-snapdragon-hwe-18.04, linux-ibm,
linux-generic-lpae-hwe-18.04-edge, linux-modules-extra-5.4.0-1068-gcp,
linux-raspi-5.4, linux-image-gkeop, linux-hwe-5.4-source-5.4.0,
linux-ibm-lts-20.04, linux-generic-lpae,
linux-cloud-tools-lowlatency-hwe-18.04-edge,
linux-headers-generic-hwe-18.04-edge, linux-headers-gcp,
linux-aws-lts-20.04, linux-raspi2, linux-headers-raspi2-hwe-18.04-edge,
linux-modules-extra-oracle-edge, linux-gkeop-headers-5.4.0-1037,
linux-gcp-5.4, linux-headers-generic-lpae, linux-image-oem-osp1,
linux-modules-5.4.0-1068-gcp, linux-lowlatency-hwe-18.04,
linux-tools-azure-edge, linux-modules-extra-5.4.0-1037-gkeop,
linux-oem-osp1, linux-libc-dev, linux-buildinfo-5.4.0-105-lowlatency,
linux-image-virtual-hwe-18.04-edge, linux-buildinfo-5.4.0-1018-ibm,
linux-headers-5.4.0-105-generic, linux-buildinfo-5.4.0-1067-oracle,
linux-ibm-5.4-cloud-tools-common, linux-gkeop-5.4-source-5.4.0,
linux-ibm-tools-common, linux-image-5.4.0-1066-gke,
linux-tools-5.4.0-1018-ibm, linux-oracle-edge, linux-cloud-tools-gkeop,
linux-gke-5.4-headers-5.4.0-1066, linux-azure-5.4-headers-5.4.0-1073,
linux-tools-5.4.0-1067-oracle, linux-tools-lowlatency-hwe-18.04-edge,
linux-image-raspi2-hwe-18.04-edge, linux-buildinfo-5.4.0-1037-gkeop,
linux-headers-5.4.0-1068-gcp, linux-tools-lowlatency-hwe-18.04,
linux-buildinfo-5.4.0-1073-azure, linux-tools-azure-lts-20.04,
linux-image-azure-lts-20.04, linux-modules-extra-5.4.0-105-generic,
linux-ibm-source-5.4.0, linux-headers-5.4.0-1067-oracle,
linux-tools-virtual, linux-azure-cloud-tools-5.4.0-1073,
linux-signed-azure-edge, linux-tools-gcp-lts-20.04,
linux-modules-extra-aws, linux-headers-ibm, linux-modules-5.4.0-1018-ibm,
linux-image-unsigned-5.4.0-1066-gke, linux-headers-virtual-hwe-18.04,
linux-headers-5.4.0-1037-gkeop, linux-gke, linux-tools-lowlatency,
linux-raspi2-hwe-18.04, linux-tools-ibm-edge, linux-image-5.4.0-1037-gkeop,
linux-tools-5.4.0-1056-raspi, linux-image-gcp, linux-image-ibm-lts-20.04,
linux-headers-oem, linux-modules-extra-gkeop-5.4,
linux-tools-generic-hwe-18.04-edge, linux-headers-ibm-edge,
linux-gke-headers-5.4.0-1066, linux-image-5.4.0-1056-raspi,
linux-source-5.4.0, linux-tools-oracle, linux-image-raspi2-hwe-18.04,
linux-image-oracle, linux-gkeop-cloud-tools-5.4.0-1037, linux-tools-azure,
linux-image-raspi-hwe-18.04-edge, linux-signed-image-azure,
linux-modules-5.4.0-1073-azure, linux-image-unsigned-5.4.0-1037-gkeop,
linux-ibm-5.4-tools-common, linux-raspi, linux-headers-raspi2,
linux-image-oem, linux-image-unsigned-5.4.0-1018-ibm,
linux-headers-lowlatency-hwe-18.04, linux-image-aws-edge,
linux-modules-5.4.0-1067-oracle, linux-image-generic-lpae-hwe-18.04,
linux-tools-raspi, linux-azure-5.4-tools-5.4.0-1073, linux-tools-generic,
linux-image-gke-5.4, linux-oem-tools-host, linux-cloud-tools-azure-edge,
linux-ibm-5.4-headers-5.4.0-1018, linux-image-unsigned-5.4.0-1069-aws,
linux-ibm-edge, linux-headers-oracle, linux-raspi-5.4-tools-5.4.0-1056,
linux-buildinfo-5.4.0-1066-gke, linux-image-extra-virtual-hwe-18.04-edge,
linux-modules-extra-aws-edge, linux-modules-extra-gke-5.4,
linux-tools-gcp-edge, linux-modules-extra-gcp,
linux-buildinfo-5.4.0-1056-raspi, linux-headers-5.4.0-105-generic-lpae,
linux-azure-tools-5.4.0-1073, linux-image-lowlatency-hwe-18.04,
linux-modules-extra-ibm, linux-tools-gkeop,
linux-modules-extra-ibm-lts-20.04, linux-modules-extra-gke,
linux-buildinfo-5.4.0-1069-aws, linux-modules-extra-5.4.0-1067-oracle,
linux-headers-azure-fde, linux-modules-5.4.0-1059-kvm,
linux-tools-snapdragon-hwe-18.04,
linux-image-unsigned-5.4.0-105-lowlatency, linux-headers-5.4.0-1056-raspi,
linux-oracle-5.4-tools-5.4.0-1067, linux-tools-5.4.0-1066-gke,
linux-gcp-edge, linux-tools-5.4.0-1037-gkeop, linux-tools-oracle-edge,
linux-cloud-tools-gkeop-5.4, linux-tools-azure-fde,
linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4,
linux-kvm-tools-5.4.0-1059, linux-headers-raspi,
linux-image-virtual-hwe-18.04, linux-kvm, linux-gkeop-source-5.4.0,
linux-modules-extra-virtual-hwe-18.04, linux-headers-gcp-lts-20.04,
linux-headers-5.4.0-105, linux-headers-kvm, linux-image-5.4.0-1073-azure,
linux-gcp-tools-5.4.0-1068, linux-image-kvm, linux-image-generic-lpae,
linux-tools-gke, linux-gke-tools-5.4.0-1066, linux-source,
linux-tools-virtual-hwe-18.04-edge, linux-tools-ibm,
linux-cloud-tools-5.4.0-1037-gkeop, linux-tools-raspi2-hwe-18.04,
linux-signed-oracle, linux-headers-oracle-edge,
linux-headers-aws-lts-20.04, linux-modules-5.4.0-1069-aws,
linux-tools-raspi-hwe-18.04, linux-azure, linux-tools-kvm,
linux-image-5.4.0-105-generic-lpae, linux-image-raspi-hwe-18.04,
linux-tools-gkeop-5.4, linux-hwe-5.4-tools-5.4.0-105,
linux-raspi-hwe-18.04, linux-ibm-tools-5.4.0-1018, linux-tools-host,
linux-image-extra-virtual-hwe-18.04, linux-ibm-headers-5.4.0-1018,
linux-gkeop-5.4-cloud-tools-5.4.0-1037, linux-headers-generic,
linux-headers-raspi2-hwe-18.04, linux-aws-5.4, linux-gcp,
linux-headers-gkeop, linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04,
linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge,
linux-hwe-5.4-cloud-tools-5.4.0-105,
linux-cloud-tools-virtual-hwe-18.04-edge, linux-modules-5.4.0-1056-raspi,
linux-signed-image-azure-edge, linux-image-snapdragon-hwe-18.04-edge,
linux-image-5.4.0-1068-gcp, linux-headers-lowlatency-hwe-18.04-edge,
linux-modules-5.4.0-1037-gkeop, linux-signed-image-oracle,
linux-cloud-tools-generic-hwe-18.04-edge,
linux-modules-extra-5.4.0-1069-aws,
linux-image-unsigned-5.4.0-1073-azure-fde, linux-gke-5.4,
linux-headers-generic-hwe-18.04, linux-tools-aws,
linux-raspi-tools-5.4.0-1056, linux-image-gcp-lts-20.04,
linux-cloud-tools-azure-lts-20.04, linux-aws, linux-cloud-tools-azure-fde,
linux-modules-extra-gcp-lts-20.04, linux-image-virtual,
linux-modules-extra-azure, linux-image-gcp-edge,
linux-tools-5.4.0-1068-gcp, linux-cloud-tools-5.4.0-1069-aws,
linux-tools-5.4.0-1069-aws, linux-image-5.4.0-1069-aws,
linux-tools-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04-edge,
linux-azure-5.4-cloud-tools-5.4.0-1073, linux-tools-5.4.0-105-lowlatency,
linux-image-gke, linux-buildinfo-5.4.0-1059-kvm,
linux-cloud-tools-5.4.0-105-generic, linux-ibm-5.4-tools-5.4.0-1018,
linux-azure-edge, linux-modules-extra-virtual-hwe-18.04-edge,
linux-crashdump, linux-virtual-hwe-18.04,
linux-oracle-5.4-headers-5.4.0-1067, linux-image-generic-hwe-18.04,
linux-modules-extra-azure-fde, linux-image-raspi,
linux-kvm-headers-5.4.0-1059, linux-image-ibm-edge,
linux-buildinfo-5.4.0-105-generic, linux-tools-oem-osp1,
linux-tools-5.4.0-1059-kvm, linux-gkeop-5.4,
linux-gcp-5.4-headers-5.4.0-1068, linux-tools-aws-edge,
linux-modules-5.4.0-105-generic, linux-image-raspi2,
linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-gcp-lts-20.04,
linux-snapdragon-hwe-18.04-edge, linux-headers-gkeop-5.4, linux-virtual,
linux-aws-5.4-tools-5.4.0-1069, linux-image-generic-lpae-hwe-18.04-edge,
linux-azure-lts-20.04, linux-headers-5.4.0-1018-ibm, linux-ibm-5.4,
linux-cloud-tools-virtual, linux-modules-extra-azure-edge,
linux-tools-5.4.0-105-generic, linux-gkeop, linux-headers-ibm-lts-20.04,
linux-gkeop-5.4-tools-5.4.0-1037, linux-lowlatency-hwe-18.04-edge,
linux-headers-generic-lpae-hwe-18.04-edge,
linux-tools-raspi-hwe-18.04-edge, linux-modules-extra-5.4.0-1066-gke,
linux-tools-aws-lts-20.04, linux-headers-gke-5.4,
linux-image-5.4.0-1059-kvm, linux-gcp-headers-5.4.0-1068,
linux-modules-extra-ibm-edge, linux-cloud-tools-virtual-hwe-18.04,
linux-raspi2-hwe-18.04-edge, linux-image-unsigned-5.4.0-1068-gcp,
linux-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04,
linux-azure-5.4, linux-image-ibm, linux-raspi-hwe-18.04-edge,
linux-hwe-5.4-headers-5.4.0-105, linux-modules-extra-gkeop,
linux-gkeop-tools-5.4.0-1037, linux-signed-oracle-edge,
linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge,
linux-modules-5.4.0-105-generic-lpae, linux-tools-gke-5.4,
linux-headers-azure, linux-signed-azure, linux-headers-gcp-edge,
linux-aws-edge, linux-cloud-tools-lowlatency-hwe-18.04,
linux-tools-raspi2-hwe-18.04-edge, linux-oem-osp1-tools-host,
linux-gke-5.4-tools-5.4.0-1066, linux-image-lowlatency,
linux-modules-extra-gcp-edge, linux-generic-hwe-18.04,
linux-tools-5.4.0-105-generic-lpae, linux-ibm-5.4-source-5.4.0,
linux-modules-extra-5.4.0-1073-azure, linux, linux-headers-lowlatency,
linux-headers-raspi-hwe-18.04, linux-cloud-tools-generic,
linux-image-generic-hwe-18.04-edge, linux-tools-oem,
linux-oracle-tools-5.4.0-1067, linux-hwe-5.4-tools-common,
linux-image-unsigned-5.4.0-1059-kvm, linux-gcp-5.4-tools-5.4.0-1068,
linux-oracle, linux-image-azure-edge, linux-headers-aws,
linux-gkeop-5.4-headers-5.4.0-1037, linux-cloud-tools-5.4.0-1073-azure,
linux-image-5.4.0-1067-oracle, linux-tools-raspi2
o USN-5339-1 : linux-cloud-tools-4.15.0-173, linux-signed-generic,
linux-tools-gcp-lts-18.04, linux-azure-4.15-tools-4.15.0-1134,
linux-image-virtual-hwe-16.04, linux-modules-4.15.0-173-lowlatency,
linux-signed-image-lowlatency-hwe-16.04-edge,
linux-tools-generic-hwe-16.04, linux-gcp-lts-18.04,
linux-image-unsigned-4.15.0-1134-azure, linux-modules-4.15.0-1134-azure,
linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge,
linux-image-gke, linux-headers-gke, linux-azure-4.15-headers-4.15.0-1134,
linux-tools-virtual-hwe-16.04-edge, linux-cloud-tools-4.15.0-1134-azure,
linux-cloud-tools-common, linux-virtual-hwe-16.04,
linux-headers-4.15.0-173, linux-tools-azure-lts-18.04,
linux-image-unsigned-4.15.0-1119-gcp, linux-image-4.15.0-1119-gcp,
linux-cloud-tools-virtual-hwe-16.04, linux-azure-edge,
linux-aws-hwe-cloud-tools-4.15.0-1124, linux-lowlatency,
linux-image-4.15.0-1124-aws-hwe, linux-raspi2-tools-4.15.0-1106,
linux-cloud-tools-4.15.0-173-generic, linux-modules-4.15.0-1119-gcp,
linux-crashdump, linux-tools-common, linux-modules-extra-azure-lts-18.04,
linux-headers-4.15.0-1123-snapdragon, linux-azure-tools-4.15.0-1134,
linux-headers-gcp-lts-18.04, linux-buildinfo-4.15.0-1038-dell300x,
linux-signed-azure-lts-18.04, linux-tools-4.15.0-1124-aws,
linux-tools-4.15.0-173-generic, linux-signed-image-lowlatency,
linux-tools-virtual, linux-signed-azure-edge, linux-image-aws-hwe,
linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04,
linux-image-generic-lpae-hwe-16.04, linux-signed-oem,
linux-modules-4.15.0-1110-kvm, linux-modules-4.15.0-1090-oracle,
linux-headers-azure-edge, linux-tools-4.15.0-1110-kvm,
linux-modules-4.15.0-1124-aws, linux-cloud-tools-lowlatency,
linux-image-4.15.0-173-generic-lpae, linux-modules-extra-aws-hwe,
linux-tools-virtual-hwe-16.04, linux-image-raspi2,
linux-headers-4.15.0-1038-dell300x, linux-kvm,
linux-headers-generic-hwe-16.04, linux-tools-4.15.0-1123-snapdragon,
linux-image-azure-lts-18.04, linux-headers-4.15.0-173-lowlatency,
linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-oem,
linux-image-4.15.0-173-generic, linux-raspi2-headers-4.15.0-1106,
linux-buildinfo-4.15.0-1106-raspi2, linux-azure-lts-18.04,
linux-buildinfo-4.15.0-1119-gcp, linux-virtual, linux-tools-lowlatency,
linux-headers-kvm, linux-image-generic-hwe-16.04, linux-headers-virtual,
linux-tools-4.15.0-173, linux-headers-4.15.0-1134-azure,
linux-aws-cloud-tools-4.15.0-1124, linux-image-gcp,
linux-image-4.15.0-1134-azure, linux-image-lowlatency-hwe-16.04-edge,
linux-cloud-tools-virtual-hwe-16.04-edge,
linux-buildinfo-4.15.0-1090-oracle, linux-headers-oem,
linux-headers-4.15.0-1106-raspi2, linux-oracle-headers-4.15.0-1090,
linux-image-kvm, linux-aws-tools-4.15.0-1124, linux-cloud-tools-virtual,
linux-image-generic-lpae, linux-modules-extra-azure-edge, linux-tools-gke,
linux-generic-hwe-16.04-edge, linux-source, linux-headers-4.15.0-1124-aws,
linux-tools-4.15.0-1090-oracle, linux-image-4.15.0-1106-raspi2,
linux-tools-gcp, linux-generic, linux-cloud-tools-4.15.0-173-lowlatency,
linux-cloud-tools-azure-lts-18.04, linux-tools-oracle, linux-aws-lts-18.04,
linux-image-unsigned-4.15.0-173-lowlatency,
linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04,
linux-headers-lowlatency-hwe-16.04, linux-signed-image-oracle-lts-18.04,
linux-image-oracle, linux-signed-oracle, linux-headers-oracle-lts-18.04,
linux-tools-lowlatency-hwe-16.04-edge, linux-cloud-tools-generic-hwe-16.04,
linux-doc, linux-lowlatency-hwe-16.04, linux-tools-azure,
linux-headers-virtual-hwe-16.04-edge, linux-tools-4.15.0-173-generic-lpae,
linux-tools-dell300x, linux-modules-4.15.0-1106-raspi2,
linux-image-4.15.0-1124-aws, linux-image-4.15.0-1090-oracle,
linux-image-4.15.0-173-lowlatency, linux-image-azure,
linux-signed-image-azure, linux-azure, linux-tools-kvm,
linux-tools-generic-lpae-hwe-16.04-edge,
linux-headers-lowlatency-hwe-16.04-edge, linux-signed-lowlatency-hwe-16.04,
linux-headers-azure-lts-18.04, linux-headers-generic-hwe-16.04-edge,
linux-modules-extra-4.15.0-1134-azure, linux-generic-lpae-hwe-16.04-edge,
linux-headers-raspi2, linux-image-extra-virtual, linux-image-oem,
linux-snapdragon, linux-tools-aws-lts-18.04,
linux-buildinfo-4.15.0-173-generic-lpae,
linux-image-4.15.0-1123-snapdragon, linux-azure-headers-4.15.0-1134,
linux-modules-4.15.0-173-generic-lpae, linux-headers-dell300x,
linux-signed-image-lowlatency-hwe-16.04, linux-gcp-4.15,
linux-modules-4.15.0-173-generic,
linux-headers-generic-lpae-hwe-16.04-edge,
linux-image-4.15.0-1038-dell300x, linux-tools-host,
linux-buildinfo-4.15.0-173-lowlatency, linux-dell300x-headers-4.15.0-1038,
linux-modules-extra-gcp-lts-18.04, linux-signed-image-azure-lts-18.04,
linux-gcp-tools-4.15.0-1119, linux-tools-snapdragon,
linux-image-unsigned-4.15.0-1090-oracle,
linux-tools-generic-lpae-hwe-16.04, linux-buildinfo-4.15.0-1134-azure,
linux-cloud-tools-generic-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04,
linux-azure-cloud-tools-4.15.0-1134, linux-tools-generic-lpae,
linux-headers-generic, linux-oracle-tools-4.15.0-1090,
linux-signed-image-oem, linux-tools-generic,
linux-signed-image-generic-hwe-16.04,
linux-headers-4.15.0-173-generic-lpae, linux-hwe-tools-4.15.0-173,
linux-tools-lowlatency-hwe-16.04, linux-aws-headers-4.15.0-1124,
linux-dell300x-tools-4.15.0-1038, linux-headers-azure,
linux-hwe-cloud-tools-4.15.0-173, linux-cloud-tools-azure,
linux-cloud-tools-azure-edge, linux-gcp, linux-image-snapdragon,
linux-aws-edge, linux-image-unsigned-4.15.0-173-generic,
linux-signed-azure, linux-source-4.15.0,
linux-tools-generic-hwe-16.04-edge, linux-headers-4.15.0-1090-oracle,
linux-oracle-lts-18.04, linux-generic-hwe-16.04,
linux-headers-4.15.0-1110-kvm, linux-image-virtual-hwe-16.04-edge,
linux-modules-extra-4.15.0-173-generic,
linux-image-generic-lpae-hwe-16.04-edge,
linux-signed-image-generic-hwe-16.04-edge,
linux-buildinfo-4.15.0-173-generic, linux-image-generic,
linux-signed-oracle-lts-18.04, linux-tools-4.15.0-1038-dell300x,
linux-tools-4.15.0-1119-gcp, linux-tools-oracle-lts-18.04,
linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x,
linux-headers-oracle, linux-virtual-hwe-16.04-edge,
linux-tools-4.15.0-1106-raspi2, linux-headers-gcp, linux-image-lowlatency,
linux-signed-image-azure-edge, linux-cloud-tools-4.15.0-1124-aws,
linux-image-dell300x, linux-image-generic-hwe-16.04-edge,
linux-modules-extra-4.15.0-1119-gcp, linux-raspi2,
linux-image-extra-virtual-hwe-16.04, linux-modules-extra-gcp,
linux-tools-4.15.0-173-lowlatency, linux-kvm-headers-4.15.0-1110,
linux-modules-extra-4.15.0-1124-aws, linux, linux-signed-image-oracle,
linux-headers-generic-lpae-hwe-16.04, linux-headers-lowlatency,
linux-headers-snapdragon, linux-image-unsigned-4.15.0-1038-dell300x,
linux-modules-4.15.0-1123-snapdragon, linux-cloud-tools-generic,
linux-gcp-4.15-headers-4.15.0-1119, linux-signed-generic-hwe-16.04-edge,
linux-azure-4.15-cloud-tools-4.15.0-1134, linux-headers-4.15.0-173-generic,
linux-kvm-tools-4.15.0-1110, linux-cloud-tools-lowlatency-hwe-16.04,
linux-buildinfo-4.15.0-1110-kvm, linux-headers-generic-lpae,
linux-aws-hwe-tools-4.15.0-1124, linux-signed-lowlatency,
linux-snapdragon-tools-4.15.0-1123, linux-tools-oem,
linux-tools-4.15.0-1134-azure, linux-modules-4.15.0-1038-dell300x,
linux-tools-azure-edge, linux-azure-4.15,
linux-image-unsigned-4.15.0-1124-aws, linux-aws-hwe,
linux-modules-extra-4.15.0-1090-oracle, linux-libc-dev,
linux-headers-aws-hwe, linux-hwe, linux-lowlatency-hwe-16.04-edge,
linux-buildinfo-4.15.0-1123-snapdragon, linux-buildinfo-4.15.0-1124-aws,
linux-oracle, linux-signed-lowlatency-hwe-16.04-edge,
linux-headers-4.15.0-1119-gcp, linux-headers-virtual-hwe-16.04,
linux-modules-extra-gke, linux-image-azure-edge,
linux-snapdragon-headers-4.15.0-1123, linux-gcp-headers-4.15.0-1119,
linux-aws, linux-image-extra-virtual-hwe-16.04-edge,
linux-image-oracle-lts-18.04, linux-gcp-4.15-tools-4.15.0-1119,
linux-image-virtual, linux-modules-extra-azure,
linux-image-4.15.0-1110-kvm, linux-tools-raspi2
o USN-5343-1 : linux-signed-generic, linux-tools-virtual-lts-wily,
linux-kvm-headers-4.4.0-1103, linux-headers-lowlatency-lts-vivid,
linux-signed-generic-lts-utopic, linux-tools-4.4.0-1102-aws,
linux-cloud-tools-4.4.0-1102-aws, linux-headers-virtual-lts-vivid,
linux-signed-generic-lts-wily, linux-signed-image-generic,
linux-cloud-tools-lowlatency-lts-vivid, linux-cloud-tools-common,
linux-image-virtual-lts-wily, linux-lowlatency,
linux-modules-extra-4.4.0-1138-aws, linux-tools-virtual-lts-utopic,
linux-tools-4.4.0-1138-aws, linux-crashdump, linux-tools-common,
linux-headers-generic-lts-vivid, linux-signed-image-lowlatency,
linux-tools-virtual, linux-modules-extra-aws, linux-virtual-lts-vivid,
linux-cloud-tools-lowlatency-lts-wily, linux-image-4.4.0-1138-aws,
linux-headers-4.4.0-1102-aws, linux-cloud-tools-4.4.0-222-generic,
linux-buildinfo-4.4.0-222-generic, linux-cloud-tools-generic-lts-vivid,
linux-image-lowlatency-lts-wily, linux-signed-image-lowlatency-lts-xenial,
linux-image-4.4.0-222-lowlatency, linux-cloud-tools-lowlatency,
linux-hwe-generic-trusty, linux-lowlatency-lts-xenial,
linux-buildinfo-4.4.0-1103-kvm, linux-cloud-tools-4.4.0-222-lowlatency,
linux-kvm, linux-image-generic-lts-xenial,
linux-headers-virtual-lts-xenial, linux-buildinfo-4.4.0-1138-aws,
linux-tools-4.4.0-222-generic, linux-cloud-tools-4.4.0-1103-kvm,
linux-buildinfo-4.4.0-222-lowlatency, linux-modules-4.4.0-222-generic,
linux-virtual, linux-generic-lts-xenial, linux-tools-generic-lts-vivid,
linux-tools-lowlatency, linux-headers-4.4.0-222-lowlatency,
linux-headers-kvm, linux-signed-image-generic-lts-vivid,
linux-tools-virtual-lts-vivid, linux-headers-virtual, linux-image-kvm,
linux-virtual-lts-wily, linux-cloud-tools-virtual-lts-utopic,
linux-cloud-tools-virtual, linux-image-extra-virtual-lts-wily,
linux-headers-generic-lts-wily, linux-source,
linux-image-lowlatency-lts-vivid, linux-image-aws,
linux-cloud-tools-generic-lts-wily, linux-generic,
linux-image-4.4.0-1103-kvm, linux-aws-headers-4.4.0-1102,
linux-image-generic-lts-utopic, linux-image-4.4.0-222-generic,
linux-modules-4.4.0-222-lowlatency, linux-source-4.4.0,
linux-generic-lts-vivid, linux-tools-4.4.0-222,
linux-image-virtual-lts-xenial, linux-headers-4.4.0-1138-aws,
linux-cloud-tools-virtual-lts-wily, linux-doc,
linux-headers-generic-lts-xenial, linux-tools-generic-lts-xenial,
linux-headers-4.4.0-222, linux-aws-headers-4.4.0-1138,
linux-cloud-tools-lowlatency-lts-xenial, linux-modules-4.4.0-1138-aws,
linux-image-extra-virtual-lts-xenial, linux-headers-virtual-lts-utopic,
linux-headers-4.4.0-1103-kvm, linux-aws-tools-4.4.0-1102, linux-tools-kvm,
linux-headers-generic-lts-utopic, linux-tools-lts-utopic,
linux-image-hwe-generic-trusty, linux-image-lowlatency-lts-xenial,
linux-image-virtual-lts-utopic, linux-image-hwe-virtual-trusty,
linux-cloud-tools-generic-lts-xenial, linux-signed-generic-lts-vivid,
linux-tools-virtual-lts-xenial, linux-tools-4.4.0-222-lowlatency,
linux-aws-tools-4.4.0-1138, linux-image-extra-virtual,
linux-lowlatency-lts-vivid, linux-signed-image-generic-lts-xenial,
linux-image-extra-virtual-lts-utopic, linux-lowlatency-lts-utopic,
linux-cloud-tools-4.4.0-1138-aws, linux-tools-host,
linux-headers-lowlatency-lts-wily, linux-image-generic-lts-vivid,
linux-tools-lowlatency-lts-vivid, linux-aws-cloud-tools-4.4.0-1138,
linux-cloud-tools-lowlatency-lts-utopic, linux-headers-generic,
linux-signed-image-generic-lts-utopic, linux-tools-generic,
linux-image-unsigned-4.4.0-222-lowlatency,
linux-modules-extra-4.4.0-222-generic, linux-modules-4.4.0-1103-kvm,
linux-signed-image-generic-lts-wily, linux-image-generic,
linux-signed-lowlatency-lts-wily, linux-image-extra-virtual-lts-vivid,
linux-virtual-lts-utopic, linux-tools-generic-lts-utopic,
linux-lts-xenial-tools-4.4.0-222, linux-kvm-cloud-tools-4.4.0-1103,
linux-image-lowlatency, linux-tools-lowlatency-lts-utopic,
linux-image-generic-lts-wily, linux-headers-lowlatency-lts-utopic,
linux-tools-lowlatency-lts-xenial, linux,
linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-xenial,
linux-cloud-tools-virtual-lts-vivid, linux-generic-lts-wily,
linux-headers-4.4.0-222-generic, linux-headers-lowlatency,
linux-aws-cloud-tools-4.4.0-1102, linux-cloud-tools-generic-lts-utopic,
linux-cloud-tools-generic, linux-signed-generic-lts-xenial,
linux-signed-lowlatency-lts-xenial, linux-tools-generic-lts-wily,
linux-signed-lowlatency, linux-cloud-tools-4.4.0-222,
linux-kvm-tools-4.4.0-1103, linux-hwe-virtual-trusty, linux-libc-dev,
linux-lts-xenial, linux-image-4.4.0-1102-aws, linux-tools-aws,
linux-tools-lowlatency-lts-wily, linux-buildinfo-4.4.0-1102-aws,
linux-headers-aws, linux-aws, linux-image-virtual-lts-vivid,
linux-virtual-lts-xenial, linux-signed-image-lowlatency-lts-wily,
linux-tools-4.4.0-1103-kvm, linux-headers-virtual-lts-wily,
linux-lts-xenial-cloud-tools-4.4.0-222, linux-image-virtual,
linux-lowlatency-lts-wily, linux-cloud-tools-virtual-lts-xenial,
linux-generic-lts-utopic, linux-modules-4.4.0-1102-aws,
linux-image-unsigned-4.4.0-222-generic
o USN-5368-1 : linux-tools-5.13.0-1025-oracle, linux-image-azure,
linux-azure, linux-oracle-edge, linux-headers-oracle,
linux-azure-5.13-tools-5.13.0-1021, linux-cloud-tools-5.13.0-1021-azure,
linux-modules-5.13.0-1021-azure, linux-image-unsigned-5.13.0-1025-oracle,
linux-modules-extra-5.13.0-1021-azure, linux-modules-extra-azure-edge,
linux-oracle-5.13-headers-5.13.0-1025, linux-buildinfo-5.13.0-1021-azure,
linux-modules-5.13.0-1025-oracle, linux-azure-edge,
linux-image-oracle-edge, linux-image-unsigned-5.13.0-1021-azure,
linux-azure-5.13-headers-5.13.0-1021, linux-oracle-5.13-tools-5.13.0-1025,
linux-tools-azure-edge, linux-tools-5.13.0-1021-azure, linux-tools-oracle,
linux-tools-oracle-edge, linux-oracle, linux-oracle-5.13,
linux-image-oracle, linux-modules-extra-5.13.0-1025-oracle,
linux-headers-oracle-edge, linux-headers-azure, linux-image-azure-edge,
linux-cloud-tools-azure, linux-cloud-tools-azure-edge,
linux-headers-azure-edge, linux-tools-azure,
linux-headers-5.13.0-1021-azure, linux-image-5.13.0-1025-oracle,
linux-headers-5.13.0-1025-oracle, linux-azure-5.13,
linux-modules-extra-azure, linux-buildinfo-5.13.0-1025-oracle,
linux-image-5.13.0-1021-azure, linux-azure-5.13-cloud-tools-5.13.0-1021
o USN-5298-1 : linux-tools-4.15.0-1121-aws, linux-signed-generic,
linux-tools-gcp-lts-18.04, linux-image-virtual-hwe-16.04,
linux-signed-image-lowlatency-hwe-16.04-edge,
linux-tools-generic-hwe-16.04, linux-tools-4.15.0-1116-gcp,
linux-gcp-lts-18.04, linux-signed-image-generic,
linux-cloud-tools-lowlatency-hwe-16.04-edge,
linux-buildinfo-4.15.0-1120-aws, linux-image-gke,
linux-cloud-tools-4.15.0-1131-azure, linux-headers-4.15.0-1087-oracle,
linux-headers-gke, linux-tools-virtual-hwe-16.04-edge,
linux-gcp-4.15-headers-4.15.0-1116, linux-cloud-tools-common,
linux-modules-extra-4.15.0-1116-gcp, linux-modules-4.15.0-1116-gcp,
linux-modules-extra-4.15.0-1120-aws, linux-modules-extra-4.15.0-1131-azure,
linux-tools-azure-lts-18.04, linux-buildinfo-4.15.0-169-generic-lpae,
linux-cloud-tools-virtual-hwe-16.04, linux-azure-edge, linux-lowlatency,
linux-virtual-hwe-16.04, linux-crashdump, linux-image-4.15.0-1035-dell300x,
linux-modules-4.15.0-1103-raspi2, linux-azure-4.15-cloud-tools-4.15.0-1131,
linux-tools-common, linux-oracle-tools-4.15.0-1087,
linux-headers-4.15.0-1120-snapdragon, linux-modules-extra-azure-lts-18.04,
linux-raspi2-headers-4.15.0-1103, linux-cloud-tools-4.15.0-169-lowlatency,
linux-headers-gcp-lts-18.04, linux-signed-azure-lts-18.04,
linux-azure-tools-4.15.0-1131, linux-signed-image-lowlatency,
linux-headers-4.15.0-169-lowlatency, linux-azure-4.15-headers-4.15.0-1131,
linux-tools-virtual, linux-signed-azure-edge,
linux-cloud-tools-4.15.0-1121-aws, linux-image-aws-hwe,
linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04,
linux-image-generic-lpae-hwe-16.04, linux-headers-4.15.0-169,
linux-signed-oem, linux-aws-headers-4.15.0-1120,
linux-cloud-tools-4.15.0-1120-aws, linux-headers-azure-edge,
linux-modules-4.15.0-1035-dell300x, linux-snapdragon-tools-4.15.0-1120,
linux-cloud-tools-lowlatency, linux-modules-extra-aws-hwe,
linux-tools-virtual-hwe-16.04, linux-image-raspi2,
linux-azure-headers-4.15.0-1131, linux-modules-4.15.0-1087-oracle,
linux-kvm, linux-headers-generic-hwe-16.04,
linux-buildinfo-4.15.0-169-lowlatency, linux-image-azure-lts-18.04,
linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-oem,
linux-tools-4.15.0-1120-aws, linux-buildinfo-4.15.0-1035-dell300x,
linux-azure-lts-18.04, linux-buildinfo-4.15.0-1120-snapdragon,
linux-image-4.15.0-169-generic-lpae, linux-virtual, linux-tools-lowlatency,
linux-headers-kvm, linux-image-generic-hwe-16.04,
linux-modules-extra-4.15.0-1121-aws, linux-headers-virtual,
linux-dell300x-tools-4.15.0-1035, linux-image-lowlatency-hwe-16.04-edge,
linux-image-gcp, linux-cloud-tools-virtual-hwe-16.04-edge,
linux-headers-oem, linux-image-kvm, linux-headers-4.15.0-1121-aws,
linux-tools-4.15.0-1035-dell300x, linux-kvm-tools-4.15.0-1107,
linux-tools-4.15.0-1131-azure, linux-image-4.15.0-1087-oracle,
linux-image-generic-lpae, linux-cloud-tools-virtual,
linux-modules-extra-azure-edge, linux-tools-4.15.0-169-generic,
linux-headers-4.15.0-169-generic-lpae, linux-tools-gke,
linux-generic-hwe-16.04-edge, linux-source, linux-modules-4.15.0-1107-kvm,
linux-hwe-tools-4.15.0-169, linux-tools-gcp, linux-generic,
linux-headers-4.15.0-1035-dell300x, linux-cloud-tools-azure-lts-18.04,
linux-aws-cloud-tools-4.15.0-1121, linux-tools-oracle, linux-aws-lts-18.04,
linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04,
linux-headers-lowlatency-hwe-16.04, linux-signed-image-oracle-lts-18.04,
linux-image-oracle, linux-modules-4.15.0-1120-snapdragon,
linux-headers-4.15.0-1107-kvm, linux-signed-oracle,
linux-hwe-cloud-tools-4.15.0-169, linux-headers-oracle-lts-18.04,
linux-tools-lowlatency-hwe-16.04-edge, linux-cloud-tools-generic-hwe-16.04,
linux-doc, linux-lowlatency-hwe-16.04,
linux-modules-extra-4.15.0-1087-oracle, linux-tools-4.15.0-169,
linux-headers-virtual-hwe-16.04-edge, linux-tools-azure,
linux-buildinfo-4.15.0-1121-aws, linux-tools-dell300x,
linux-aws-hwe-cloud-tools-4.15.0-1120,
linux-image-unsigned-4.15.0-169-lowlatency,
linux-image-4.15.0-1120-snapdragon, linux-image-unsigned-4.15.0-1131-azure,
linux-image-azure, linux-cloud-tools-4.15.0-169, linux-azure,
linux-image-4.15.0-169-generic, linux-signed-image-azure,
linux-headers-lowlatency-hwe-16.04-edge, linux-headers-4.15.0-1120-aws,
linux-tools-generic-lpae-hwe-16.04-edge, linux-tools-kvm,
linux-signed-lowlatency-hwe-16.04, linux-image-4.15.0-1103-raspi2,
linux-headers-azure-lts-18.04, linux-image-unsigned-4.15.0-1035-dell300x,
linux-modules-4.15.0-169-lowlatency, linux-headers-generic-hwe-16.04-edge,
linux-generic-lpae-hwe-16.04-edge, linux-headers-raspi2,
linux-image-extra-virtual, linux-image-oem,
linux-image-unsigned-4.15.0-1121-aws, linux-buildinfo-4.15.0-1116-gcp,
linux-buildinfo-4.15.0-1131-azure, linux-modules-4.15.0-1120-aws,
linux-buildinfo-4.15.0-1087-oracle, linux-snapdragon,
linux-tools-4.15.0-1120-snapdragon, linux-headers-dell300x,
linux-signed-image-lowlatency-hwe-16.04, linux-tools-aws-lts-18.04,
linux-gcp-4.15, linux-headers-generic-lpae-hwe-16.04-edge,
linux-image-4.15.0-1131-azure, linux-tools-host,
linux-modules-extra-gcp-lts-18.04, linux-signed-image-azure-lts-18.04,
linux-tools-snapdragon, linux-tools-generic-lpae-hwe-16.04,
linux-cloud-tools-generic-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04,
linux-tools-4.15.0-1103-raspi2, linux-tools-generic-lpae,
linux-headers-generic, linux-signed-image-oem, linux-tools-generic,
linux-snapdragon-headers-4.15.0-1120, linux-modules-4.15.0-169-generic,
linux-signed-image-generic-hwe-16.04, linux-aws-hwe-tools-4.15.0-1120,
linux-modules-4.15.0-1121-aws, linux-modules-4.15.0-169-generic-lpae,
linux-tools-lowlatency-hwe-16.04, linux-headers-azure,
linux-image-snapdragon, linux-cloud-tools-azure,
linux-cloud-tools-azure-edge, linux-gcp, linux-oracle-headers-4.15.0-1087,
linux-aws-edge, linux-signed-azure, linux-source-4.15.0,
linux-tools-generic-hwe-16.04-edge, linux-aws-tools-4.15.0-1121,
linux-oracle-lts-18.04, linux-buildinfo-4.15.0-1107-kvm,
linux-generic-hwe-16.04, linux-image-unsigned-4.15.0-1120-aws,
linux-image-virtual-hwe-16.04-edge,
linux-signed-image-generic-hwe-16.04-edge, linux-aws-headers-4.15.0-1121,
linux-headers-4.15.0-1116-gcp, linux-headers-4.15.0-1103-raspi2,
linux-image-generic-lpae-hwe-16.04-edge, linux-image-generic,
linux-signed-oracle-lts-18.04, linux-tools-4.15.0-169-generic-lpae,
linux-tools-oracle-lts-18.04, linux-tools-4.15.0-169-lowlatency,
linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x,
linux-headers-oracle, linux-virtual-hwe-16.04-edge,
linux-tools-4.15.0-1087-oracle, linux-headers-gcp,
linux-gcp-tools-4.15.0-1116, linux-image-lowlatency,
linux-raspi2-tools-4.15.0-1103, linux-signed-image-azure-edge,
linux-dell300x-headers-4.15.0-1035, linux-image-dell300x,
linux-image-generic-hwe-16.04-edge, linux-modules-4.15.0-1131-azure,
linux-raspi2, linux-image-extra-virtual-hwe-16.04, linux-modules-extra-gcp,
linux-azure-cloud-tools-4.15.0-1131, linux, linux-signed-image-oracle,
linux-headers-generic-lpae-hwe-16.04, linux-headers-lowlatency,
linux-headers-snapdragon, linux-image-4.15.0-169-lowlatency,
linux-cloud-tools-generic, linux-signed-generic-hwe-16.04-edge,
linux-headers-4.15.0-169-generic, linux-signed-lowlatency,
linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-generic-lpae,
linux-tools-oem, linux-cloud-tools-4.15.0-169-generic,
linux-image-unsigned-4.15.0-169-generic, linux-tools-azure-edge,
linux-azure-4.15, linux-buildinfo-4.15.0-1103-raspi2, linux-aws-hwe,
linux-image-unsigned-4.15.0-1116-gcp, linux-headers-4.15.0-1131-azure,
linux-kvm-headers-4.15.0-1107, linux-gcp-headers-4.15.0-1116,
linux-image-unsigned-4.15.0-1087-oracle, linux-headers-aws-hwe, linux-hwe,
linux-libc-dev, linux-lowlatency-hwe-16.04-edge, linux-oracle,
linux-signed-lowlatency-hwe-16.04-edge, linux-tools-4.15.0-1107-kvm,
linux-headers-virtual-hwe-16.04, linux-modules-extra-gke,
linux-image-azure-edge, linux-image-4.15.0-1116-gcp,
linux-buildinfo-4.15.0-169-generic, linux-aws, linux-image-4.15.0-1107-kvm,
linux-image-extra-virtual-hwe-16.04-edge,
linux-modules-extra-4.15.0-169-generic, linux-gcp-4.15-tools-4.15.0-1116,
linux-image-oracle-lts-18.04, linux-image-virtual,
linux-modules-extra-azure, linux-azure-4.15-tools-4.15.0-1131,
linux-tools-raspi2
o USN-5302-1 : linux-oem-5.14-tools-5.14.0-1024, linux-headers-oem-20.04d,
linux-tools-oem-20.04, linux-oem-20.04d, linux-modules-5.14.0-1024-oem,
linux-oem-5.14-tools-host, linux-image-oem-20.04b,
linux-headers-5.14.0-1024-oem, linux-image-oem-20.04c, linux-oem-20.04c,
linux-tools-oem-20.04d, linux-oem-20.04, linux-image-oem-20.04d,
linux-image-5.14.0-1024-oem, linux-oem-20.04b, linux-tools-oem-20.04b,
linux-tools-5.14.0-1024-oem, linux-image-unsigned-5.14.0-1024-oem,
linux-headers-oem-20.04b, linux-buildinfo-5.14.0-1024-oem,
linux-image-oem-20.04, linux-oem-5.14, linux-oem-5.14-headers-5.14.0-1024,
linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c
o LSN-0085-1 : ibm-5.4, gkeop, gkeop-5.4, gke-4.15, azure-4.15,
lowlatency-4.15, generic-5.4, gke, gke-5.4, oem, azure, aws,
lowlatency-5.4, ibm, generic-4.4, lowlatency-4.4, generic-4.15, gcp
o USN-5362-1 : linux-headers-5.13.0-1010-intel, linux-intel-5.13-tools-host,
linux-modules-extra-5.13.0-1010-intel, linux-image-intel,
linux-buildinfo-5.13.0-1010-intel, linux-headers-intel,
linux-intel-5.13-headers-5.13.0-1010, linux-image-5.13.0-1010-intel,
linux-intel-5.13-tools-common, linux-intel-5.13-tools-5.13.0-1010,
linux-intel-5.13-cloud-tools-5.13.0-1010,
linux-image-unsigned-5.13.0-1010-intel, linux-intel-5.13-source-5.13.0,
linux-intel-5.13, linux-intel-5.13-cloud-tools-common, linux-tools-intel,
linux-intel, linux-cloud-tools-intel, linux-modules-5.13.0-1010-intel,
linux-cloud-tools-5.13.0-1010-intel, linux-tools-5.13.0-1010-intel
o USN-5361-1 : linux-signed-generic, linux-tools-virtual-lts-wily,
linux-headers-4.4.0-1104-kvm, linux-headers-lowlatency-lts-vivid,
linux-signed-generic-lts-utopic, linux-kvm-headers-4.4.0-1104,
linux-headers-virtual-lts-vivid, linux-signed-generic-lts-wily,
linux-signed-image-generic, linux-cloud-tools-lowlatency-lts-vivid,
linux-cloud-tools-common, linux-image-virtual-lts-wily, linux-lowlatency,
linux-tools-virtual-lts-utopic, linux-crashdump, linux-tools-common,
linux-image-4.4.0-1104-kvm, linux-headers-generic-lts-vivid,
linux-signed-image-lowlatency, linux-tools-virtual,
linux-modules-extra-aws, linux-virtual-lts-vivid,
linux-cloud-tools-lowlatency-lts-wily, linux-aws-headers-4.4.0-1139,
linux-cloud-tools-generic-lts-vivid, linux-image-lowlatency-lts-wily,
linux-kvm-tools-4.4.0-1104, linux-signed-image-lowlatency-lts-xenial,
linux-cloud-tools-lowlatency, linux-hwe-generic-trusty,
linux-lowlatency-lts-xenial, linux-modules-4.4.0-1104-kvm, linux-kvm,
linux-image-generic-lts-xenial, linux-headers-virtual-lts-xenial,
linux-cloud-tools-4.4.0-223-generic, linux-aws-cloud-tools-4.4.0-1139,
linux-virtual, linux-generic-lts-xenial, linux-tools-generic-lts-vivid,
linux-tools-lowlatency, linux-headers-kvm,
linux-signed-image-generic-lts-vivid, linux-tools-virtual-lts-vivid,
linux-headers-virtual, linux-image-kvm, linux-tools-4.4.0-1104-kvm,
linux-virtual-lts-wily, linux-cloud-tools-virtual-lts-utopic,
linux-cloud-tools-virtual, linux-headers-4.4.0-1139-aws,
linux-modules-4.4.0-223-generic, linux-image-extra-virtual-lts-wily,
linux-cloud-tools-4.4.0-1104-kvm, linux-tools-4.4.0-223,
linux-headers-generic-lts-wily, linux-source, linux-modules-4.4.0-1103-aws,
linux-image-lowlatency-lts-vivid, linux-image-aws,
linux-cloud-tools-4.4.0-1139-aws, linux-cloud-tools-generic-lts-wily,
linux-generic, linux-buildinfo-4.4.0-223-generic,
linux-image-generic-lts-utopic, linux-source-4.4.0,
linux-modules-4.4.0-1139-aws, linux-image-4.4.0-223-generic,
linux-generic-lts-vivid, linux-tools-4.4.0-1139-aws,
linux-image-virtual-lts-xenial, linux-buildinfo-4.4.0-1104-kvm,
linux-cloud-tools-virtual-lts-wily, linux-doc,
linux-headers-generic-lts-xenial, linux-tools-generic-lts-xenial,
linux-tools-4.4.0-223-generic, linux-cloud-tools-lowlatency-lts-xenial,
linux-image-extra-virtual-lts-xenial, linux-aws-headers-4.4.0-1103,
linux-headers-virtual-lts-utopic, linux-tools-kvm,
linux-headers-generic-lts-utopic, linux-tools-lts-utopic,
linux-headers-4.4.0-223, linux-image-hwe-generic-trusty,
linux-image-lowlatency-lts-xenial, linux-kvm-cloud-tools-4.4.0-1104,
linux-image-virtual-lts-utopic, linux-image-hwe-virtual-trusty,
linux-cloud-tools-generic-lts-xenial, linux-signed-generic-lts-vivid,
linux-tools-virtual-lts-xenial, linux-headers-4.4.0-1103-aws,
linux-image-extra-virtual, linux-lowlatency-lts-vivid,
linux-headers-4.4.0-223-generic, linux-signed-image-generic-lts-xenial,
linux-image-extra-virtual-lts-utopic, linux-lowlatency-lts-utopic,
linux-image-4.4.0-223-lowlatency, linux-tools-host,
linux-buildinfo-4.4.0-1139-aws, linux-headers-lowlatency-lts-wily,
linux-image-generic-lts-vivid, linux-headers-4.4.0-223-lowlatency,
linux-tools-lowlatency-lts-vivid, linux-cloud-tools-4.4.0-1103-aws,
linux-cloud-tools-lowlatency-lts-utopic, linux-headers-generic,
linux-signed-image-generic-lts-utopic, linux-tools-generic,
linux-aws-tools-4.4.0-1139, linux-image-unsigned-4.4.0-223-lowlatency,
linux-aws-cloud-tools-4.4.0-1103, linux-signed-image-generic-lts-wily,
linux-image-4.4.0-1139-aws, linux-image-4.4.0-1103-aws,
linux-image-generic, linux-buildinfo-4.4.0-1103-aws,
linux-image-unsigned-4.4.0-223-generic, linux-signed-lowlatency-lts-wily,
linux-image-extra-virtual-lts-vivid, linux-virtual-lts-utopic,
linux-tools-generic-lts-utopic, linux-image-lowlatency,
linux-tools-lowlatency-lts-utopic, linux-image-generic-lts-wily,
linux-lts-xenial-cloud-tools-4.4.0-223, linux-aws-tools-4.4.0-1103,
linux-cloud-tools-4.4.0-223, linux-headers-lowlatency-lts-utopic,
linux-tools-lowlatency-lts-xenial, linux,
linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-xenial,
linux-cloud-tools-virtual-lts-vivid, linux-buildinfo-4.4.0-223-lowlatency,
linux-generic-lts-wily, linux-headers-lowlatency,
linux-signed-generic-lts-xenial, linux-signed-lowlatency-lts-xenial,
linux-cloud-tools-generic-lts-utopic, linux-cloud-tools-generic,
linux-tools-4.4.0-1103-aws, linux-tools-generic-lts-wily,
linux-signed-lowlatency, linux-modules-4.4.0-223-lowlatency,
linux-modules-extra-4.4.0-1139-aws, linux-hwe-virtual-trusty,
linux-tools-4.4.0-223-lowlatency, linux-libc-dev, linux-lts-xenial,
linux-tools-aws, linux-tools-lowlatency-lts-wily,
linux-modules-extra-4.4.0-223-generic,
linux-cloud-tools-4.4.0-223-lowlatency, linux-headers-aws, linux-aws,
linux-image-virtual-lts-vivid, linux-lts-xenial-tools-4.4.0-223,
linux-virtual-lts-xenial, linux-signed-image-lowlatency-lts-wily,
linux-headers-virtual-lts-wily, linux-image-virtual,
linux-lowlatency-lts-wily, linux-cloud-tools-virtual-lts-xenial,
linux-generic-lts-utopic
o USN-5358-1 : linux-modules-extra-azure-lts-20.04,
linux-headers-5.13.0-39-generic-lpae, linux-tools-generic-hwe-18.04,
linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge,
linux-modules-extra-oracle, linux-headers-gke,
linux-azure-headers-5.4.0-1074, linux-cloud-tools-common,
linux-image-aws-lts-20.04, linux-tools-5.4.0-1061-kvm, linux-lowlatency,
linux-image-oracle-edge, linux-tools-common,
linux-cloud-tools-5.4.0-107-generic, linux-generic-64k,
linux-generic-hwe-18.04-edge, linux-image-5.13.0-1020-kvm,
linux-cloud-tools-lowlatency, linux-headers-oem-20.04,
linux-image-generic-64k-hwe-20.04, linux-oem, linux-tools-oracle-lts-20.04,
linux-gcp-headers-5.13.0-1023, linux-image-5.13.0-39-generic-64k,
linux-headers-virtual, linux-hwe-5.4-cloud-tools-common,
linux-oracle-lts-20.04, linux-image-generic-hwe-20.04-edge,
linux-hwe-5.13-tools-5.13.0-39, linux-headers-generic-lpae-hwe-18.04,
linux-snapdragon-hwe-18.04, linux-modules-5.4.0-1069-oracle,
linux-headers-5.13.0-1021-aws, linux-image-5.4.0-1069-oracle,
linux-image-aws, linux-headers-generic-64k-hwe-20.04-edge, linux-generic,
linux-tools-gcp, linux-hwe-5.13, linux-modules-5.13.0-1021-aws,
linux-tools-5.13.0-1023-gcp, linux-doc, linux-tools-generic-hwe-20.04-edge,
linux-image-extra-virtual-hwe-20.04, linux-kvm-headers-5.13.0-1020,
linux-tools-5.4.0-1069-oracle, linux-image-unsigned-5.4.0-1061-kvm,
linux-headers-5.13.0-39, linux-buildinfo-5.13.0-1023-gcp,
linux-image-oracle-lts-20.04, linux-buildinfo-5.4.0-1069-oracle,
linux-tools-generic-lpae-hwe-20.04, linux-image-extra-virtual,
linux-signed-image-oracle-edge, linux-oem-20.04,
linux-headers-azure-lts-20.04, linux-modules-5.4.0-1061-kvm,
linux-image-5.13.0-1023-gcp, linux-tools-5.13.0-1021-aws,
linux-headers-5.4.0-107-generic-lpae, linux-headers-oracle-lts-20.04,
linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04,
linux-headers-generic-64k, linux-generic-lpae-hwe-18.04-edge,
linux-modules-5.13.0-39-generic, linux-modules-5.4.0-107-lowlatency,
linux-hwe-5.4-source-5.4.0, linux-generic-lpae,
linux-cloud-tools-lowlatency-hwe-18.04-edge,
linux-headers-generic-hwe-18.04-edge, linux-headers-gcp,
linux-image-unsigned-5.13.0-39-generic-64k,
linux-modules-extra-5.13.0-1021-aws, linux-aws-lts-20.04,
linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-oracle-edge,
linux-buildinfo-5.13.0-39-lowlatency, linux-headers-generic-lpae,
linux-image-oem-osp1, linux-lowlatency-hwe-18.04,
linux-cloud-tools-5.13.0-39, linux-source-5.13.0, linux-oem-osp1,
linux-libc-dev, linux-image-virtual-hwe-18.04-edge,
linux-image-unsigned-5.13.0-1021-aws, linux-oracle-headers-5.4.0-1069,
linux-modules-5.13.0-39-generic-lpae, linux-tools-5.13.0-1025-oracle,
linux-oracle-edge, linux-cloud-tools-5.13.0-39-lowlatency,
linux-buildinfo-5.13.0-39-generic, linux-image-5.4.0-1061-kvm,
linux-tools-lowlatency-hwe-18.04-edge, linux-gcp-tools-5.13.0-1023,
linux-tools-lowlatency-hwe-18.04, linux-tools-azure-lts-20.04,
linux-image-azure-lts-20.04, linux-aws-cloud-tools-5.4.0-1071,
linux-tools-virtual, linux-buildinfo-5.13.0-1021-aws,
linux-modules-extra-aws, linux-tools-generic-64k-hwe-20.04,
linux-hwe-5.13-headers-5.13.0-39, linux-headers-virtual-hwe-18.04,
linux-cloud-tools-generic-hwe-20.04-edge, linux-gke,
linux-oracle-5.4-headers-5.4.0-1069, linux-tools-lowlatency,
linux-aws-headers-5.4.0-1071, linux-headers-5.4.0-1069-oracle,
linux-image-gcp, linux-headers-oem, linux-image-5.13.0-39-lowlatency,
linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-18.04-edge,
linux-image-5.4.0-107-lowlatency, linux-headers-generic-hwe-20.04-edge,
linux-source-5.4.0, linux-tools-oracle,
linux-modules-extra-5.13.0-1023-gcp, linux-headers-5.13.0-1020-kvm,
linux-headers-5.4.0-107-generic, linux-image-oracle,
linux-buildinfo-5.4.0-1074-azure, linux-modules-5.4.0-107-generic-lpae,
linux-image-generic-lpae-hwe-20.04, linux-tools-lowlatency-hwe-20.04,
linux-headers-generic-lpae-hwe-20.04-edge, linux-aws-tools-5.13.0-1021,
linux-headers-virtual-hwe-20.04, linux-image-oem,
linux-headers-lowlatency-hwe-18.04, linux-cloud-tools-5.13.0-1021-aws,
linux-image-unsigned-5.4.0-107-lowlatency,
linux-cloud-tools-virtual-hwe-20.04, linux-hwe-5.13-tools-host,
linux-image-generic-lpae-hwe-18.04, linux-modules-extra-5.4.0-1074-azure,
linux-tools-generic, linux-tools-5.13.0-39-generic-lpae,
linux-oem-tools-host, linux-modules-extra-5.4.0-1069-oracle,
linux-buildinfo-5.13.0-39-generic-64k,
linux-tools-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-tools-common,
linux-headers-virtual-hwe-20.04-edge, linux-modules-5.13.0-39-lowlatency,
linux-headers-oracle, linux-cloud-tools-5.4.0-1071-aws,
linux-buildinfo-5.4.0-107-generic-lpae,
linux-image-extra-virtual-hwe-18.04-edge, linux-generic-hwe-20.04-edge,
linux-generic-64k-hwe-20.04-edge, linux-modules-extra-gcp,
linux-tools-oem-20.04, linux-image-5.13.0-1021-aws,
linux-tools-5.4.0-107-lowlatency, linux-image-unsigned-5.4.0-1074-azure,
linux-kvm-tools-5.13.0-1020, linux-image-lowlatency-hwe-18.04,
linux-aws-headers-5.13.0-1021, linux-modules-extra-gke,
linux-cloud-tools-5.4.0-107, linux-headers-5.13.0-1025-oracle,
linux-tools-snapdragon-hwe-18.04, linux-headers-5.4.0-107-lowlatency,
linux-headers-5.4.0-1071-aws, linux-hwe-5.13-cloud-tools-common,
linux-buildinfo-5.13.0-39-generic-lpae, linux-image-5.4.0-1074-azure,
linux-oracle-5.4-tools-5.4.0-1069, linux-image-lowlatency-hwe-20.04-edge,
linux-image-generic-lpae-hwe-20.04-edge,
linux-image-unsigned-5.13.0-1025-oracle,
linux-azure-cloud-tools-5.4.0-1074, linux-image-generic-64k-hwe-20.04-edge,
linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04,
linux-hwe-5.13-cloud-tools-5.13.0-39, linux-oracle-headers-5.13.0-1025,
linux-tools-oracle-edge, linux-oracle-tools-5.4.0-1069,
linux-image-unsigned-5.4.0-1069-oracle, linux-tools-5.4.0-1071-aws,
linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4,
linux-image-unsigned-5.13.0-39-generic, linux-buildinfo-5.13.0-1025-oracle,
linux-image-virtual-hwe-18.04, linux-kvm,
linux-hwe-5.4-cloud-tools-5.4.0-107, linux-modules-extra-virtual-hwe-18.04,
linux-headers-kvm, linux-tools-5.13.0-1020-kvm,
linux-tools-virtual-hwe-20.04-edge, linux-buildinfo-5.4.0-1061-kvm,
linux-image-kvm, linux-headers-lowlatency-hwe-20.04-edge,
linux-image-generic-lpae, linux-headers-generic-64k-hwe-20.04,
linux-tools-gke, linux-modules-5.13.0-1023-gcp, linux-source,
linux-headers-lowlatency-hwe-20.04, linux-modules-5.4.0-1074-azure,
linux-kvm-tools-5.4.0-1061, linux-tools-virtual-hwe-18.04-edge,
linux-cloud-tools-5.4.0-1074-azure, linux-signed-oracle,
linux-cloud-tools-5.13.0-39-generic, linux-headers-oracle-edge,
linux-image-generic-hwe-20.04, linux-buildinfo-5.4.0-1071-aws,
linux-headers-aws-lts-20.04, linux-image-5.4.0-107-generic,
linux-generic-hwe-20.04, linux-cloud-tools-5.4.0-107-lowlatency,
linux-azure, linux-tools-kvm, linux-image-virtual-hwe-20.04,
linux-tools-5.4.0-107, linux-tools-host,
linux-image-unsigned-5.4.0-1071-aws, linux-tools-virtual-hwe-20.04,
linux-hwe-5.4-headers-5.4.0-107, linux-image-extra-virtual-hwe-18.04,
linux-headers-5.4.0-1061-kvm, linux-tools-5.13.0-39, linux-headers-generic,
linux-image-lowlatency-hwe-20.04, linux-aws-cloud-tools-5.13.0-1021,
linux-cloud-tools-virtual-hwe-20.04-edge, linux-gcp,
linux-buildinfo-5.4.0-107-lowlatency, linux-tools-5.4.0-1074-azure,
linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04,
linux-tools-generic-64k, linux-image-generic,
linux-headers-snapdragon-hwe-18.04-edge, linux-buildinfo-5.4.0-107-generic,
linux-tools-5.13.0-39-lowlatency, linux-cloud-tools-virtual-hwe-18.04-edge,
linux-image-snapdragon-hwe-18.04-edge,
linux-headers-lowlatency-hwe-18.04-edge, linux-signed-image-oracle,
linux-headers-generic-hwe-20.04, linux-cloud-tools-generic-hwe-18.04-edge,
linux-tools-5.4.0-107-generic-lpae, linux-generic-64k-hwe-20.04,
linux-headers-generic-hwe-18.04, linux-tools-aws, linux-image-oem-20.04,
linux-cloud-tools-azure-lts-20.04, linux-aws,
linux-modules-5.4.0-107-generic, linux-image-5.4.0-1071-aws,
linux-image-virtual, linux-tools-generic-lpae-hwe-18.04,
linux-headers-virtual-hwe-18.04-edge, linux-image-5.4.0-107-generic-lpae,
linux-image-gke, linux-image-generic-64k, linux-headers-5.13.0-1023-gcp,
linux-tools-5.13.0-39-generic-64k,
linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump,
linux-virtual-hwe-20.04, linux-virtual-hwe-18.04,
linux-modules-extra-5.13.0-39-generic, linux-image-generic-hwe-18.04,
linux-buildinfo-5.13.0-1020-kvm, linux-aws-tools-5.4.0-1071,
linux-modules-extra-5.4.0-107-generic, linux-headers-5.13.0-39-generic-64k,
linux-tools-oem-osp1, linux-image-5.13.0-1025-oracle,
linux-tools-lowlatency-hwe-20.04-edge, linux-headers-oem-osp1,
linux-generic-lpae-hwe-18.04, linux-virtual-hwe-20.04-edge,
linux-snapdragon-hwe-18.04-edge, linux-image-5.13.0-39-generic-lpae,
linux-cloud-tools-lowlatency-hwe-20.04, linux-hwe-5.4-tools-5.4.0-107,
linux-tools-generic-hwe-20.04, linux-virtual,
linux-image-generic-lpae-hwe-18.04-edge, linux-azure-lts-20.04,
linux-lowlatency-hwe-20.04-edge, linux-cloud-tools-virtual,
linux-lowlatency-hwe-18.04-edge, linux-headers-generic-lpae-hwe-18.04-edge,
linux-tools-aws-lts-20.04, linux-tools-5.4.0-107-generic,
linux-modules-5.13.0-39-generic-64k, linux-cloud-tools-virtual-hwe-18.04,
linux-hwe-5.13-source-5.13.0, linux-virtual-hwe-18.04-edge,
linux-tools-virtual-hwe-18.04, linux-image-unsigned-5.13.0-39-lowlatency,
linux-azure-tools-5.4.0-1074, linux-image-extra-virtual-hwe-20.04-edge,
linux-modules-5.13.0-1025-oracle, linux-headers-5.13.0-39-generic,
linux-signed-oracle-edge, linux-tools-generic-lpae,
linux-tools-snapdragon-hwe-18.04-edge,
linux-image-unsigned-5.4.0-107-generic, linux-image-5.13.0-39-generic,
linux-image-virtual-hwe-20.04-edge, linux-cloud-tools-lowlatency-hwe-18.04,
linux-oracle-tools-5.13.0-1025, linux-modules-extra-5.4.0-1071-aws,
linux-modules-extra-5.13.0-1025-oracle, linux-generic-lpae-hwe-20.04,
linux-modules-5.4.0-1071-aws, linux-modules-5.13.0-1020-kvm,
linux-oem-osp1-tools-host, linux-kvm-headers-5.4.0-1061,
linux-image-lowlatency, linux-generic-hwe-18.04, linux-headers-5.4.0-107,
linux, linux-headers-lowlatency, linux-cloud-tools-generic,
linux-image-unsigned-5.13.0-1020-kvm, linux-headers-5.13.0-39-lowlatency,
linux-image-generic-hwe-18.04-edge, linux-image-unsigned-5.13.0-1023-gcp,
linux-tools-oem, linux-lowlatency-hwe-20.04,
linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-hwe-5.4-tools-common,
linux-oracle, linux-headers-5.4.0-1074-azure, linux-headers-aws,
linux-tools-5.13.0-39-generic
o USN-5358-2 : linux-cloud-tools-gkeop, linux-image-5.4.0-1074-azure,
linux-gcp-5.4-tools-5.4.0-1069, linux-buildinfo-5.4.0-1058-raspi,
linux-image-raspi2-hwe-18.04-edge, linux-image-gke,
linux-azure-5.4-headers-5.4.0-1074, linux-headers-gke,
linux-modules-extra-5.13.0-1021-azure, linux-headers-5.13.0-1023-gcp,
linux-gcp-edge, linux-image-5.13.0-1024-raspi-nolpae,
linux-buildinfo-5.4.0-1019-ibm, linux-image-raspi-nolpae, linux-azure-edge,
linux-gkeop-5.4-cloud-tools-5.4.0-1038, linux-gcp-5.13,
linux-ibm-source-5.4.0, linux-raspi-5.4-headers-5.4.0-1058,
linux-tools-5.13.0-1024-raspi, linux-image-gkeop-5.4,
linux-headers-5.4.0-1067-gke, linux-modules-5.4.0-1067-gke,
linux-image-5.4.0-1058-raspi, linux-modules-extra-azure-fde,
linux-modules-5.4.0-1038-gkeop, linux-image-raspi,
linux-modules-extra-5.13.0-1024-raspi, linux-buildinfo-5.13.0-1021-aws,
linux-azure-cloud-tools-5.13.0-1021, linux-image-azure-fde,
linux-signed-azure-edge, linux-tools-gcp-lts-20.04,
linux-cloud-tools-gkeop-5.4, linux-modules-extra-aws,
linux-modules-extra-5.4.0-1069-gcp, linux-modules-extra-raspi,
linux-image-ibm-edge, linux-azure-headers-5.13.0-1021,
linux-raspi-tools-5.4.0-1058, linux-tools-azure-fde, linux-headers-ibm,
linux-headers-5.4.0-1019-ibm, linux-headers-azure-edge,
linux-modules-extra-raspi-nolpae, linux-gkeop-5.4,
linux-tools-5.4.0-1071-aws, linux-tools-aws-edge, linux-image-raspi2,
linux-headers-raspi-nolpae, linux-headers-raspi,
linux-buildinfo-5.4.0-1038-gkeop, linux-modules-5.13.0-1021-azure,
linux-buildinfo-5.4.0-1067-gke, linux-gke,
linux-gkeop-5.4-headers-5.4.0-1038, linux-gcp-lts-20.04,
linux-gkeop-source-5.4.0, linux-headers-raspi-hwe-18.04-edge,
linux-image-5.4.0-1019-ibm, linux-image-5.4.0-1067-gke,
linux-headers-gkeop-5.4, linux-headers-gcp-lts-20.04,
linux-cloud-tools-5.13.0-1021-azure, linux-raspi2-hwe-18.04,
linux-tools-ibm-edge, linux-ibm-cloud-tools-common, linux-image-gcp,
linux-image-ibm-lts-20.04, linux-modules-5.13.0-1024-raspi-nolpae,
linux-modules-extra-gkeop-5.4, linux-ibm-tools-5.4.0-1019,
linux-raspi-headers-5.4.0-1058, linux-ibm-5.4,
linux-gkeop-headers-5.4.0-1038, linux-modules-extra-azure-edge,
linux-image-unsigned-5.4.0-1069-gcp, linux-tools-gke,
linux-modules-5.13.0-1024-raspi, linux-gcp-5.13-headers-5.13.0-1023,
linux-headers-ibm-edge, linux-modules-5.13.0-1023-gcp,
linux-headers-5.13.0-1021-aws, linux-modules-extra-5.4.0-1038-gkeop,
linux-aws-5.4-headers-5.4.0-1071, linux-image-aws,
linux-modules-5.4.0-1074-azure, linux-headers-5.4.0-1058-raspi,
linux-gcp-5.13-tools-5.13.0-1023, linux-tools-gcp,
linux-tools-5.13.0-1021-azure, linux-aws-5.13-tools-5.13.0-1021,
linux-image-raspi2-hwe-18.04, linux-tools-ibm,
linux-modules-extra-5.13.0-1023-gcp, linux-cloud-tools-5.4.0-1074-azure,
linux-modules-5.13.0-1021-aws, linux-tools-raspi2-hwe-18.04, linux-gkeop,
linux-headers-ibm-lts-20.04, linux-cloud-tools-5.4.0-1038-gkeop,
linux-buildinfo-5.4.0-1074-azure, linux-headers-aws-edge,
linux-tools-5.13.0-1023-gcp, linux-image-5.4.0-1074-azure-fde,
linux-tools-raspi-hwe-18.04-edge, linux-buildinfo-5.4.0-1071-aws,
linux-headers-gke-5.4, linux-tools-azure,
linux-azure-5.4-cloud-tools-5.4.0-1074, linux-tools-raspi-hwe-18.04,
linux-image-5.13.0-1021-azure, linux-image-raspi-hwe-18.04-edge,
linux-modules-extra-ibm-edge, linux-image-unsigned-5.4.0-1019-ibm,
linux-signed-image-azure, linux-image-azure,
linux-aws-5.13-cloud-tools-5.13.0-1021, linux-azure,
linux-raspi2-hwe-18.04-edge, linux-aws-5.13,
linux-buildinfo-5.13.0-1023-gcp, linux-ibm-5.4-tools-common, linux-raspi,
linux-image-raspi-hwe-18.04, linux-tools-ibm-lts-20.04, linux-azure-5.4,
linux-azure-fde, linux-azure-tools-5.13.0-1021, linux-headers-raspi2,
linux-image-ibm, linux-tools-5.4.0-1058-raspi,
linux-image-unsigned-5.4.0-1038-gkeop, linux-tools-gkeop-5.4,
linux-raspi-hwe-18.04, linux-cloud-tools-5.13.0-1021-aws,
linux-buildinfo-5.13.0-1021-azure, linux-gkeop-5.4-tools-5.4.0-1038,
linux-headers-5.13.0-1024-raspi, linux-image-aws-edge,
linux-image-unsigned-5.4.0-1071-aws, linux-raspi-hwe-18.04-edge,
linux-gke-headers-5.4.0-1067, linux-modules-extra-gkeop,
linux-ibm-5.4-headers-5.4.0-1019, linux-modules-extra-5.4.0-1074-azure,
linux-tools-raspi, linux-tools-5.4.0-1069-gcp,
linux-tools-5.4.0-1038-gkeop, linux-image-5.13.0-1023-gcp,
linux-headers-raspi2-hwe-18.04, linux-tools-5.13.0-1021-aws,
linux-tools-gke-5.4, linux-headers-azure, linux-image-gke-5.4,
linux-aws-5.4, linux-cloud-tools-azure, linux-cloud-tools-azure-edge,
linux-gcp, linux-aws-edge, linux-gke-5.4-headers-5.4.0-1067,
linux-headers-gcp-edge, linux-gkeop-cloud-tools-5.4.0-1038,
linux-headers-gkeop, linux-headers-5.4.0-1038-gkeop, linux-ibm,
linux-signed-azure, linux-headers-5.13.0-1021-azure,
linux-tools-5.4.0-1074-azure, linux-modules-extra-5.4.0-1071-aws,
linux-tools-raspi-nolpae, linux-tools-raspi2-hwe-18.04-edge,
linux-raspi-nolpae, linux-modules-extra-5.13.0-1024-raspi-nolpae,
linux-ibm-edge, linux-raspi-5.4, linux-buildinfo-5.4.0-1069-gcp,
linux-raspi-tools-5.13.0-1024, linux-image-gkeop, linux-ibm-lts-20.04,
linux-modules-5.4.0-1071-aws, linux-gcp-headers-5.4.0-1069,
linux-image-gcp-edge, linux-headers-5.4.0-1069-gcp,
linux-cloud-tools-5.4.0-1071-aws, linux-image-5.4.0-1069-gcp,
linux-gke-tools-5.4.0-1067, linux-image-unsigned-5.4.0-1074-azure-fde,
linux-modules-extra-5.13.0-1021-aws, linux-headers-gcp,
linux-modules-extra-5.4.0-1067-gke, linux-tools-5.4.0-1067-gke,
linux-modules-extra-gcp-edge, linux-signed-image-azure-edge,
linux-modules-extra-aws-edge, linux-modules-extra-gke-5.4,
linux-tools-gcp-edge, linux-buildinfo-5.13.0-1024-raspi,
linux-headers-raspi2-hwe-18.04-edge, linux-raspi2,
linux-ibm-headers-5.4.0-1019, linux-modules-extra-gcp,
linux-ibm-5.4-source-5.4.0, linux-image-5.13.0-1021-aws,
linux-modules-extra-5.4.0-1019-ibm, linux-aws-5.13-headers-5.13.0-1021,
linux-modules-5.4.0-1019-ibm, linux-image-unsigned-5.4.0-1074-azure,
linux-headers-raspi-hwe-18.04, linux-image-unsigned-5.13.0-1023-gcp,
linux-gcp-5.4, linux-image-unsigned-5.13.0-1021-azure,
linux-gcp-tools-5.4.0-1069, linux-aws-5.4-cloud-tools-5.4.0-1071,
linux-gkeop-tools-5.4.0-1038, linux-modules-5.4.0-1069-gcp,
linux-gke-5.4-tools-5.4.0-1067, linux-modules-extra-ibm,
linux-tools-azure-edge, linux-image-5.13.0-1024-raspi,
linux-buildinfo-5.13.0-1024-raspi-nolpae, linux-tools-gkeop, linux-gke-5.4,
linux-image-unsigned-5.4.0-1067-gke, linux-modules-extra-ibm-lts-20.04,
linux-tools-aws, linux-ibm-5.4-tools-5.4.0-1019,
linux-azure-5.4-tools-5.4.0-1074, linux-modules-extra-gke,
linux-headers-5.4.0-1074-azure, linux-image-azure-edge,
linux-aws-5.4-tools-5.4.0-1071, linux-headers-aws,
linux-image-5.4.0-1038-gkeop, linux-image-gcp-lts-20.04, linux-aws,
linux-cloud-tools-azure-fde, linux-ibm-5.4-cloud-tools-common,
linux-headers-azure-fde, linux-gcp-5.4-headers-5.4.0-1069,
linux-gkeop-5.4-source-5.4.0, linux-image-5.4.0-1071-aws,
linux-modules-extra-gcp-lts-20.04, linux-ibm-tools-common,
linux-modules-extra-azure, linux-raspi-5.4-tools-5.4.0-1058,
linux-tools-5.13.0-1024-raspi-nolpae,
linux-headers-5.13.0-1024-raspi-nolpae, linux-headers-5.4.0-1071-aws,
linux-raspi-headers-5.13.0-1024, linux-image-unsigned-5.13.0-1021-aws,
linux-modules-5.4.0-1058-raspi, linux-tools-5.4.0-1019-ibm,
linux-tools-raspi2
o USN-5353-1 : linux-headers-5.14.0-1031-oem,
linux-oem-5.14-tools-5.14.0-1031, linux-buildinfo-5.14.0-1031-oem,
linux-image-5.14.0-1031-oem, linux-headers-oem-20.04d,
linux-tools-oem-20.04, linux-oem-20.04d, linux-oem-5.14-tools-host,
linux-image-oem-20.04b, linux-tools-5.14.0-1031-oem,
linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d,
linux-oem-20.04, linux-image-unsigned-5.14.0-1031-oem,
linux-image-oem-20.04d, linux-modules-5.14.0-1031-oem, linux-oem-20.04b,
linux-tools-oem-20.04b, linux-oem-5.14-headers-5.14.0-1031,
linux-headers-oem-20.04b, linux-oem-5.14, linux-image-oem-20.04,
linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c
o USN-5357-1 : linux-tools-4.15.0-175-generic-lpae, linux-signed-generic,
linux-image-virtual-hwe-16.04, linux-image-4.15.0-175-generic,
linux-image-4.15.0-175-lowlatency,
linux-signed-image-lowlatency-hwe-16.04-edge,
linux-tools-generic-hwe-16.04, linux-tools-4.15.0-1125-snapdragon,
linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge,
linux-tools-virtual-hwe-16.04-edge, linux-buildinfo-4.15.0-175-lowlatency,
linux-cloud-tools-common, linux-virtual-hwe-16.04,
linux-tools-azure-lts-18.04, linux-aws-headers-4.15.0-1126,
linux-cloud-tools-virtual-hwe-16.04, linux-lowlatency,
linux-image-unsigned-4.15.0-1136-azure, linux-headers-4.15.0-1136-azure,
linux-tools-4.15.0-1136-azure, linux-crashdump,
linux-image-4.15.0-1040-dell300x, linux-tools-common,
linux-modules-extra-azure-lts-18.04, linux-azure-4.15-tools-4.15.0-1136,
linux-buildinfo-4.15.0-175-generic, linux-tools-4.15.0-175-generic,
linux-signed-azure-lts-18.04, linux-modules-4.15.0-175-generic-lpae,
linux-headers-4.15.0-175-generic-lpae, linux-signed-image-lowlatency,
linux-tools-virtual, linux-cloud-tools-4.15.0-1136-azure,
linux-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04,
linux-image-generic-lpae-hwe-16.04, linux-signed-oem,
linux-image-unsigned-4.15.0-175-lowlatency,
linux-tools-4.15.0-1040-dell300x, linux-cloud-tools-lowlatency,
linux-headers-4.15.0-175, linux-tools-virtual-hwe-16.04, linux-kvm,
linux-headers-generic-hwe-16.04, linux-image-azure-lts-18.04,
linux-tools-4.15.0-1126-aws, linux-dell300x-tools-4.15.0-1040, linux-oem,
linux-azure-lts-18.04, linux-cloud-tools-4.15.0-1126-aws, linux-virtual,
linux-buildinfo-4.15.0-175-generic-lpae, linux-tools-lowlatency,
linux-headers-kvm, linux-image-4.15.0-1136-azure,
linux-image-generic-hwe-16.04, linux-headers-virtual,
linux-modules-4.15.0-1112-kvm, linux-image-lowlatency-hwe-16.04-edge,
linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-oem,
linux-snapdragon-tools-4.15.0-1125, linux-image-kvm,
linux-image-generic-lpae, linux-cloud-tools-virtual,
linux-generic-hwe-16.04-edge, linux-modules-extra-4.15.0-1136-azure,
linux-snapdragon-headers-4.15.0-1125, linux-cloud-tools-4.15.0-175,
linux-source, linux-headers-4.15.0-175-generic, linux-tools-4.15.0-175,
linux-generic, linux-cloud-tools-azure-lts-18.04,
linux-hwe-tools-4.15.0-175, linux-buildinfo-4.15.0-1136-azure,
linux-aws-lts-18.04, linux-modules-extra-aws-lts-18.04,
linux-image-aws-lts-18.04, linux-headers-lowlatency-hwe-16.04,
linux-buildinfo-4.15.0-1125-snapdragon, linux-headers-4.15.0-1040-dell300x,
linux-tools-lowlatency-hwe-16.04-edge,
linux-headers-4.15.0-1125-snapdragon, linux-cloud-tools-generic-hwe-16.04,
linux-doc, linux-lowlatency-hwe-16.04,
linux-headers-virtual-hwe-16.04-edge, linux-modules-4.15.0-175-lowlatency,
linux-tools-dell300x, linux-image-4.15.0-1126-aws,
linux-hwe-cloud-tools-4.15.0-175, linux-modules-4.15.0-1136-azure,
linux-aws-tools-4.15.0-1126, linux-tools-kvm,
linux-tools-generic-lpae-hwe-16.04-edge,
linux-headers-lowlatency-hwe-16.04-edge,
linux-cloud-tools-4.15.0-175-generic, linux-modules-4.15.0-1126-aws,
linux-signed-lowlatency-hwe-16.04, linux-kvm-tools-4.15.0-1112,
linux-headers-azure-lts-18.04, linux-headers-generic-hwe-16.04-edge,
linux-aws-cloud-tools-4.15.0-1126, linux-image-unsigned-4.15.0-175-generic,
linux-generic-lpae-hwe-16.04-edge, linux-image-extra-virtual,
linux-image-oem, linux-snapdragon, linux-tools-aws-lts-18.04,
linux-headers-dell300x, linux-signed-image-lowlatency-hwe-16.04,
linux-buildinfo-4.15.0-1126-aws, linux-headers-generic-lpae-hwe-16.04-edge,
linux-tools-host, linux-signed-image-azure-lts-18.04,
linux-modules-4.15.0-175-generic, linux-modules-4.15.0-1040-dell300x,
linux-tools-snapdragon, linux-tools-generic-lpae-hwe-16.04,
linux-azure-4.15-headers-4.15.0-1136,
linux-cloud-tools-generic-hwe-16.04-edge,
linux-image-4.15.0-175-generic-lpae, linux-image-lowlatency-hwe-16.04,
linux-tools-generic-lpae, linux-headers-generic, linux-signed-image-oem,
linux-tools-generic, linux-signed-image-generic-hwe-16.04,
linux-tools-lowlatency-hwe-16.04, linux-image-snapdragon,
linux-headers-4.15.0-1112-kvm, linux-source-4.15.0,
linux-tools-generic-hwe-16.04-edge,
linux-cloud-tools-4.15.0-175-lowlatency, linux-generic-hwe-16.04,
linux-image-virtual-hwe-16.04-edge,
linux-signed-image-generic-hwe-16.04-edge,
linux-image-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1112-kvm,
linux-image-generic, linux-tools-4.15.0-1112-kvm,
linux-kvm-headers-4.15.0-1112, linux-generic-lpae,
linux-headers-aws-lts-18.04, linux-dell300x, linux-virtual-hwe-16.04-edge,
linux-image-lowlatency, linux-buildinfo-4.15.0-1040-dell300x,
linux-image-dell300x, linux-image-generic-hwe-16.04-edge,
linux-tools-4.15.0-175-lowlatency, linux-image-extra-virtual-hwe-16.04,
linux-headers-4.15.0-175-lowlatency, linux-image-4.15.0-1125-snapdragon,
linux-image-unsigned-4.15.0-1040-dell300x, linux,
linux-headers-generic-lpae-hwe-16.04, linux-headers-4.15.0-1126-aws,
linux-headers-lowlatency, linux-headers-snapdragon,
linux-cloud-tools-generic, linux-signed-generic-hwe-16.04-edge,
linux-dell300x-headers-4.15.0-1040, linux-signed-lowlatency,
linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-generic-lpae,
linux-tools-oem, linux-azure-4.15, linux-modules-4.15.0-1125-snapdragon,
linux-azure-4.15-cloud-tools-4.15.0-1136, linux-libc-dev, linux-hwe,
linux-signed-lowlatency-hwe-16.04-edge, linux-lowlatency-hwe-16.04-edge,
linux-headers-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1126-aws,
linux-modules-extra-4.15.0-175-generic, linux-aws,
linux-image-extra-virtual-hwe-16.04-edge, linux-image-virtual,
linux-modules-extra-4.15.0-1126-aws, linux-buildinfo-4.15.0-1112-kvm
o USN-5357-2 : linux-tools-gcp-lts-18.04, linux-raspi2-tools-4.15.0-1107,
linux-modules-4.15.0-1091-oracle, linux-gcp-lts-18.04, linux-image-gke,
linux-headers-gke, linux-image-4.15.0-1126-aws-hwe,
linux-aws-headers-4.15.0-1126, linux-azure-edge,
linux-image-unsigned-4.15.0-1120-gcp,
linux-image-unsigned-4.15.0-1136-azure, linux-headers-4.15.0-1136-azure,
linux-aws-hwe-cloud-tools-4.15.0-1126, linux-tools-4.15.0-1136-azure,
linux-aws-hwe-tools-4.15.0-1126, linux-buildinfo-4.15.0-1120-gcp,
linux-buildinfo-4.15.0-1107-raspi2, linux-tools-4.15.0-1107-raspi2,
linux-headers-gcp-lts-18.04, linux-cloud-tools-4.15.0-1136-azure,
linux-signed-azure-edge, linux-image-aws-hwe, linux-headers-azure-edge,
linux-modules-extra-aws-hwe, linux-image-raspi2,
linux-image-4.15.0-1120-gcp, linux-tools-4.15.0-1126-aws,
linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04,
linux-gcp-4.15-headers-4.15.0-1120, linux-cloud-tools-4.15.0-1126-aws,
linux-image-4.15.0-1136-azure, linux-image-gcp,
linux-buildinfo-4.15.0-1091-oracle, linux-tools-4.15.0-1091-oracle,
linux-modules-extra-azure-edge, linux-tools-gke,
linux-modules-extra-4.15.0-1136-azure, linux-tools-gcp,
linux-azure-tools-4.15.0-1136, linux-tools-oracle,
linux-buildinfo-4.15.0-1136-azure, linux-signed-image-oracle-lts-18.04,
linux-headers-4.15.0-1120-gcp, linux-image-oracle, linux-signed-oracle,
linux-headers-oracle-lts-18.04, linux-image-4.15.0-1091-oracle,
linux-tools-azure, linux-azure-cloud-tools-4.15.0-1136,
linux-modules-4.15.0-1136-azure, linux-signed-image-azure,
linux-image-azure, linux-azure, linux-oracle-headers-4.15.0-1091,
linux-modules-4.15.0-1126-aws, linux-image-unsigned-4.15.0-1091-oracle,
linux-headers-raspi2, linux-oracle-tools-4.15.0-1091, linux-gcp-4.15,
linux-buildinfo-4.15.0-1126-aws, linux-modules-extra-gcp-lts-18.04,
linux-headers-4.15.0-1091-oracle, linux-gcp-headers-4.15.0-1120,
linux-headers-azure, linux-cloud-tools-azure, linux-cloud-tools-azure-edge,
linux-gcp, linux-signed-azure, linux-aws-edge,
linux-modules-4.15.0-1107-raspi2, linux-oracle-lts-18.04,
linux-signed-oracle-lts-18.04, linux-modules-extra-4.15.0-1120-gcp,
linux-tools-oracle-lts-18.04, linux-gcp-4.15-tools-4.15.0-1120,
linux-headers-oracle, linux-modules-extra-4.15.0-1091-oracle,
linux-headers-gcp, linux-signed-image-azure-edge, linux-raspi2,
linux-modules-extra-gcp, linux-signed-image-oracle,
linux-headers-4.15.0-1126-aws, linux-raspi2-headers-4.15.0-1107,
linux-headers-4.15.0-1107-raspi2, linux-azure-headers-4.15.0-1136,
linux-tools-azure-edge, linux-aws-hwe, linux-headers-aws-hwe,
linux-modules-4.15.0-1120-gcp, linux-oracle, linux-modules-extra-gke,
linux-image-azure-edge, linux-image-unsigned-4.15.0-1126-aws,
linux-tools-4.15.0-1120-gcp, linux-image-4.15.0-1107-raspi2,
linux-gcp-tools-4.15.0-1120, linux-image-oracle-lts-18.04,
linux-modules-extra-azure, linux-modules-extra-4.15.0-1126-aws,
linux-tools-raspi2
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjJONLKJtyKPYoAQj75g/8C2xOH4/NCxw1f3omNrODuwca/NvbJ10g
JY+5kkU/5K/fj/gIxf8wnz0+v7XwZnS4bJcPhu1FqDgd7S1T1f30UWxwxFhrRkH2
+6wOXRLQJECpAysV6jJJdg8h2FbzhLupOZUExPeKP7MgIPx4/XMgPhbFLpfvPzh+
Fw+FSgR2v1mBuOE4+CdqyV0KVfv+z3ioxbXOPTJ47l8AkpEyH/JEF/QCG5qjo1RC
KtQhUII+tYcq4xjY86iFKmzmyAMQPg8AsCgzEe3ayxh72KuyWN32XgR9Afrf/44l
6ZaqFRPuS70/Z+rk7+SWUzj1hPwA/qC7Er8aHG4iBlnFG4S14CYW8fE3zaEWKQSe
f26MpFI6Lw7lPN9VPUiB6EhzR60IjMsmVUBSRUeSg+0uXHy4rF0iz4KxbhDpUupg
3WPdtSFXTFN9EEAzNaW38dnta2KzkH/r3reyV1mbYASMmWq3e1+RsNMxX1WxEuDN
ed+FCAvLcoCNfB1PfbSnx/MCzzG3rGsUzKLdpFe4+T7RfrZHy4vH85mwPEj/2AV4
BHCe3djNz24OjMyMAzx8vjTGE8DI7z0unFwld/3CM8h1YeEvVOGR8w0fL9qxiIDa
D4GrnNxyVaLzgrDXitVnENp1YuCgCj7Q4gflGfK3pyVICzG49vWp3mZ6GYyVQxqu
vpb2kho2oXE=
=KrMX
-----END PGP SIGNATURE-----
ESB-2022.1628 - [Ubuntu] nginx: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1628
USN-5371-1: nginx vulnerabilities
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: nginx
Publisher: Ubuntu
Operating System: Ubuntu
Resolution: Patch/Upgrade
CVE Names: CVE-2021-3618 CVE-2020-36309 CVE-2020-11724
Original Bulletin:
https://ubuntu.com/security/notices/USN-5371-1
Comment: CVSS (Max): 7.5 CVE-2020-11724 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-5371-1: nginx vulnerabilities
12 April 2022
Several security issues were fixed in nginx.
Releases
o Ubuntu 21.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
o Ubuntu 16.04 ESM
Packages
o nginx - small, powerful, scalable web/proxy server
Details
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. ( CVE-2020-11724 )
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to disclose sensitive
information. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. ( CVE-2020-36309 )
It was discovered that nginx mishandled the use of
compatible certificates among multiple encryption protocols.
If a remote attacker were able to intercept the communication,
this issue could be used to redirect traffic between subdomains.
( CVE-2021-3618 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 21.10
o nginx-light - 1.18.0-6ubuntu11.1
o nginx-extras - 1.18.0-6ubuntu11.1
o nginx-core - 1.18.0-6ubuntu11.1
Ubuntu 20.04
o nginx-light - 1.18.0-0ubuntu1.3
o nginx-extras - 1.18.0-0ubuntu1.3
o libnginx-mod-http-lua - 1.18.0-0ubuntu1.3
o nginx-core - 1.18.0-0ubuntu1.3
o nginx-full - 1.18.0-0ubuntu1.3
Ubuntu 18.04
o nginx-light - 1.14.0-0ubuntu1.10
o nginx-extras - 1.14.0-0ubuntu1.10
o libnginx-mod-http-lua - 1.14.0-0ubuntu1.10
o nginx-core - 1.14.0-0ubuntu1.10
o nginx-full - 1.14.0-0ubuntu1.10
Ubuntu 16.04
o nginx-extras - 1.10.3-0ubuntu0.16.04.5+esm3
Available with UA Infra or UA Desktop
o nginx-core - 1.10.3-0ubuntu0.16.04.5+esm3
Available with UA Infra or UA Desktop
o nginx-light - 1.10.3-0ubuntu0.16.04.5+esm3
Available with UA Infra or UA Desktop
In general, a standard system update will make all the necessary changes.
References
o CVE-2020-36309
o CVE-2021-3618
o CVE-2020-11724
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjFeNLKJtyKPYoAQg6TBAAsuDmhScmqASrDcyqT/leeRS4zTFu98zj
3cMJeKxzUTnNmXf9XH4/hQfe9caG+dIlaT9SYzu4ZHNY7WWOeoBLnUr7LiRnbLTo
4z7ya853uhBTMmctlxkWhuzZ9EmHY59m14ZxY4Tnr2wxmT6qUeNyjeNUqjc4H3pW
Wfsm3zFhUEcIYEQIPr5B66CLyUR03JZUgMzZaI8eZkscNviA+EZDwLkoGJJvlNlo
eEOy1C7JnBGFVBE+GCioqCyjBlcwhc/nA/eUraTNgEV1bAHb/4KB8YpA2coMkgAC
GUVREGVtSdhvqtrnLYxu1CTPcEEb15EfHhRnTJKlQ42I4V31JZ3BJVfVVev+w4To
fck0qAqAUxtTwuhryIEP77o3SA9mCfmG94H/YWYPjZzRcYwJifG8GDcU9QNvT8TZ
sgsfUZrrLI79n2lDh5DjxP/1TH3DtcsJ0IrOftm6quSUOOqWeyCGhIm7YDCkZUB3
6mNF3IYnY5GVZHK7mDcYm+PnG9OxrPc10td/VZotJFbsS8CmHbgeoKiEieiKRRZx
YKuyU8z1M3XIGYKJVOz+tAglbyqQXJMkuwe6gy8VV/kR8SVJBRv3OFb4Bbt5pwf5
dSasLEWK9W0M01bbH7tB9wa/yolTZEqDrOTe4K6+VqixB43OllYYirgBVkOSZPUU
LhuSvMLs+uE=
=BM8E
-----END PGP SIGNATURE-----
ESB-2022.1627 - [SUSE] Linux Kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1627
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1)
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux Kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221172-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for
SLE 15 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1172-1
Rating: important
References: #1195951 #1197133
Cross-References: CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.12.14-197_102 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1172=1
SUSE-SLE-Module-Live-Patching-15-SP1-2022-1173=1
SUSE-SLE-Module-Live-Patching-15-SP1-2022-1174=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-livepatch-4_12_14-197_102-default-6-150100.2.1
kernel-livepatch-4_12_14-197_105-default-3-150100.2.1
kernel-livepatch-4_12_14-197_108-default-2-150100.2.1
References:
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjDONLKJtyKPYoAQin/g//UtcFA03g8FnEJ320zhfgM5qYsMxXkOl9
WgspPzcPcpaP4dF/PoFRWFl+kOlMtUP4RMcUE3D60VboLc5vU6/iAtL/xRZV1IDe
Gm1R7YJei9Ks4MFwMxr7dZFy4OnVUsLkgoTKV7lyl/wWiA8Fcjt7RX/ZLp4LctJa
CQWN2wORBsqZ7DsG70BeN4Rxzb90XaNq/0W7mjyoge2zKeaI3rRRhOeQO6J0ZdOg
y9oiLnJa2HB4eUQrFYm/TLagngAmPQVhle5qJR0R4GTpNC0vpQ6MEEDatxKE0zAo
RRwByNnRwIgaDgEfa9vUIB9pjbmqQ7wieU63DoANotZPzavCz7Yty0obU8NmlhpG
qt+S9gaMFmAISQAEOiyxG0mf9/8UYZRJDtLY0bc+7hehoqGKuZARxG+JPovF+7QB
blcJuuncVSF6sNMO4AtHZ/0LL7YpnOSQfOV7qqY8XKDCLJ3rop9KijVUZLO+IDCa
vQaCVF9Xf/Jk68yRcSEQd0WauQ9c7L8hznNnfCZc41I8FaVHA8XSULXsL9KNLrQ/
wKR8j4SkbJ8WRRbnXLWqHZgZEyLepHc2cRViM3pdCf71rdz6kNgZKGJqfnTaoRmU
HJGqvUZgJRgRL01GmqFMV2Rd9EQO38iBKumqPgNYZUeSSqCxRUYlFsbWi5RuXmST
mos9O5nH9+A=
=Jk7J
-----END PGP SIGNATURE-----
ESB-2022.1626 - [SUSE] libexif: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1626
Security update for libexif
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libexif
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2020-0452 CVE-2020-0198 CVE-2020-0181
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221168-1
Comment: CVSS (Max): 7.5 CVE-2020-0452 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for libexif
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1168-1
Rating: important
References: #1172768 #1172802 #1178479
Cross-References: CVE-2020-0181 CVE-2020-0198 CVE-2020-0452
Affected Products:
HPE Helion Openstack 8
SUSE Linux Enterprise Server 12-SP2-BCL
SUSE Linux Enterprise Server 12-SP3-BCL
SUSE Linux Enterprise Server 12-SP3-LTSS
SUSE Linux Enterprise Server 12-SP4-LTSS
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for libexif fixes the following issues:
o CVE-2020-0181: Fixed an integer overflow that could lead to denial of
service (bsc#1172802).
o CVE-2020-0198: Fixed and unsigned integer overflow that could lead to
denial of service (bsc#1172768).
o CVE-2020-0452: Fixed a buffer overflow check that could be optimized away
by the compiler (bsc#1178479).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1168=1
o SUSE OpenStack Cloud Crowbar 8:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-1168=1
o SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1168=1
o SUSE OpenStack Cloud 8:
zypper in -t patch SUSE-OpenStack-Cloud-8-2022-1168=1
o SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1168=1
o SUSE Linux Enterprise Server for SAP 12-SP4:
zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1168=1
o SUSE Linux Enterprise Server for SAP 12-SP3:
zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-1168=1
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1168=1
o SUSE Linux Enterprise Server 12-SP4-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1168=1
o SUSE Linux Enterprise Server 12-SP3-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-1168=1
o SUSE Linux Enterprise Server 12-SP3-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-1168=1
o SUSE Linux Enterprise Server 12-SP2-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1168=1
o HPE Helion Openstack 8:
zypper in -t patch HPE-Helion-OpenStack-8-2022-1168=1
Package List:
o SUSE OpenStack Cloud Crowbar 9 (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE OpenStack Cloud Crowbar 8 (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE OpenStack Cloud 9 (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE OpenStack Cloud 8 (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif-devel-0.6.22-8.13.1
o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
o SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64):
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64):
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64):
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64):
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
o HPE Helion Openstack 8 (x86_64):
libexif-debugsource-0.6.22-8.13.1
libexif12-0.6.22-8.13.1
libexif12-32bit-0.6.22-8.13.1
libexif12-debuginfo-0.6.22-8.13.1
libexif12-debuginfo-32bit-0.6.22-8.13.1
References:
o https://www.suse.com/security/cve/CVE-2020-0181.html
o https://www.suse.com/security/cve/CVE-2020-0198.html
o https://www.suse.com/security/cve/CVE-2020-0452.html
o https://bugzilla.suse.com/1172768
o https://bugzilla.suse.com/1172802
o https://bugzilla.suse.com/1178479
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldjAuNLKJtyKPYoAQhUjRAAssrpv6Wh8SPHG/lj2DDAjNmHAqjVd8dK
rmyB1MI47gTg6JkLo92lbVztXTX+SLDzrhiliBMxm7LGd7iz0cML38VUF7Gd0+ud
OiA3lAlAfzmii1GtoVZx3LkAmbn92USNTKsg/XW19Y9gP0aQtfHCB7vcczu3sZud
Yz18CSQh/RFpKCbkKuxe81FKVZ4MQHVNr2O2GvfUAgSttVz2Ppmf4UVeCrge9arZ
gNhHcIQZceY4z+ca+jnafHZp8FJmWzTJslFB9K9Lg9t9sgMNltswrLas2j8Ipp4w
K8qEFq/doV9rwHmjxfEHS0sj1DeZEBqDdMULFwSiw7oQtbisTc3DIwUzpRcbFxI+
mlsM4SVmERrEYzTb1vTR3egF7FOGGHJqVrRbUqKmmhsf4ipkuhxU058MXegJ3uSW
hrvRIjhw4lzQ7xRGsI+mQlxcDI8UcJLaCimnz/OgXBl9JNG/ojNYQGimCoDeV0vx
ejC9X4SuwCWAHGfzXc1oLiiDnNvImJq8tT7GdKzenZLA/gcPnVPAKUQvCBGOHRU+
wY8TIOzM2oStRqOaDRhqHQqtmzWGUVtUJdAHzpS0F+QL+Uchy34ts4NxTzCjwRoU
tV7zcwTNCjcg9VevnIGo3a1VZmJDt35iFiGipJVWNSWCkBC+ztw6sZZ/TjQJHwXC
SihHuEo78CE=
=JUad
-----END PGP SIGNATURE-----
ESB-2022.1625 - [SUSE] go1.17: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1625
Security update for go1.17
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: go1.17
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-24921
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221167-1
Comment: CVSS (Max): 7.5 CVE-2022-24921 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1167-1
Rating: important
References: #1183043 #1190649 #1196732
Cross-References: CVE-2022-24921
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes is now available.
Description:
This update for go1.17 fixes the following issues:
Update to version 1.17.8 (bsc#1190649): - CVE-2022-24921: Fixed a potential
denial of service via large regular expressions (bsc#1196732).
Non-security fixes: - Fixed an issue with v2 modules (go#51332). - Fixed an
issue when building source in riscv64 (go#51199). - Increased compatibility for
the DNS protocol in the net module (go#51162). - Fixed an issue with histograms
in the runtime/metrics module (go#50734). - Fixed an issue when parsing x509
certificates (go#51000).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1167=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1167=1
o SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1167=1
o SUSE Manager Retail Branch Server 4.1:
zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1167=1
o SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1167=1
o SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1167=1
o SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1167=1
o SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1167=1
o SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1167=1
o SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1167=1
o SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1167=1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1167=1
o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1167=1
o SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1167=1
Package List:
o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
o openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o SUSE Manager Server 4.1 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Manager Proxy 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le
s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le
s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64
x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64
x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
o SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
References:
o https://www.suse.com/security/cve/CVE-2022-24921.html
o https://bugzilla.suse.com/1183043
o https://bugzilla.suse.com/1190649
o https://bugzilla.suse.com/1196732
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldi+eNLKJtyKPYoAQjnYA/+IVW+GBmZX6kUQyLFLCRcSrGRgVmSQnnr
pSI6SLVW4dAictZA0nq6N9OOCwpbPtWsnI3sJmX2uXLFgWxSHdfTL4isE4y0L6mW
FhAu2YT+Q4sjK19/3CjBjSvG0mRtXJ2FEBmO4KvNgpzV88fayzaLHLnsRrFH/ojf
ATyXZ7lOyrBzRw0vwK7AeKZj8BOXYBjxtoOqMJ9OsG646tkfozS73ux3zEsNxtTz
zoleMv+J3ug1Vk4JaKKlpY/xj/PuhgGtztNUDCkC4PaGs6zbJ3Zi3hJQg3WQTCyd
g/JymG5dQ9FnYUV9frDHr/BetTgcv8JgaToZ4dFA02BPfpVqKqzRodC24a+mA8Ji
85BdsZpgRzlrDS5BrltC9vEdibj1eltAtcarVXCnB86P30egPf8DFGMTL9EKQxy5
flQF6WPrr/XVZ9FaRjIVly4Ts6yaUSpjDeiPlanEUUgbU9QUyutgYOlj4KymfLNE
RuCCAtL5D8RaQb5lYEVP3xwASAjELBxUkYt56/Ap84Mm9wwE+hT1rLhEkzJdcnQP
U7dzna8bMa9L58UmKWRj2TU1kIjL0yO7jXfu2e6/steL053zIiZX/aMO8Goz47QX
c87jTQUh7EXBA/r4lc8V6VddeDvFCtp2JJqLaDMAUP2geNV9JGIXSBDJg/XtRQ7Z
az7jJ9wAlfk=
=aYWy
-----END PGP SIGNATURE-----
ESB-2022.1624 - [SUSE] Mozilla Thunderbird: CVSS (Max): 7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1624
Security update for MozillaThunderbird
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Mozilla Thunderbird
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28289 CVE-2022-28286 CVE-2022-28285
CVE-2022-28282 CVE-2022-28281 CVE-2022-24713
CVE-2022-1197 CVE-2022-1196 CVE-2022-1097
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221176-1
Comment: CVSS (Max): 7.5 CVE-2022-28289 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1176-1
Rating: important
References: #1197903
Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-24713
CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286
CVE-2022-28289
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
o Updated to version 91.8 (bsc#1197903): - CVE-2022-1097: Fixed a memory
corruption issue with NSSToken objects. - CVE-2022-28281: Fixed a memory
corruption issue due to unexpected WebAuthN Extensions. - CVE-2022-1197:
Fixed an issue where OpenPGP revocation information was ignored. -
CVE-2022-1196: Fixed a memory corruption issue after VR process
destruction. - CVE-2022-28282: Fixed a memory corruption issue in document
translation. - CVE-2022-28285: Fixed a memory corruption issue in JIT code
generation. - CVE-2022-28286: Fixed an iframe layout issue that could have
been exploited to stage spoofing attacks. - CVE-2022-24713: Fixed a
potential denial of service via complex regular expressions. -
CVE-2022-28289: Fixed multiple memory corruption issues.
Non-security fixes:
o Changed Google accounts using password authentication to use OAuth2.
o Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be
imported into GnuPG.
o Fixed an issue where exporting multiple public PGP keys from Thunderbird
was not possible.
o Fixed an issue where replying to a newsgroup message erroneously displayed
a "No-reply" popup warning.
o Fixed an issue with opening older address books.
o Fixed an issue where LDAP directories would be lost when switching to
"Offline" mode.
o Fixed an issue when importing webcals.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1176=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1176=1
o SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1176=1
o SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1176=1
o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1176=
1
o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1176=
1
Package List:
o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
o SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
o SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64
ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
o SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64
ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
References:
o https://www.suse.com/security/cve/CVE-2022-1097.html
o https://www.suse.com/security/cve/CVE-2022-1196.html
o https://www.suse.com/security/cve/CVE-2022-1197.html
o https://www.suse.com/security/cve/CVE-2022-24713.html
o https://www.suse.com/security/cve/CVE-2022-28281.html
o https://www.suse.com/security/cve/CVE-2022-28282.html
o https://www.suse.com/security/cve/CVE-2022-28285.html
o https://www.suse.com/security/cve/CVE-2022-28286.html
o https://www.suse.com/security/cve/CVE-2022-28289.html
o https://bugzilla.suse.com/1197903
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldi5uNLKJtyKPYoAQjAHA/+JXsQoix/eyw6qQm0Iq1FXQjD7O8mapdr
yp/gr7SQNuAy0sYmH5Y2MH+dtaDtIHKni4wE+7zYcx8PTqpuPdmvxLc/uzx+8mKz
5aA1XnYtsCK3dpOVsDQTwSCpuaiCvo5MlP0s/smuVAebcnJEDCzh8o28DqwZYv6a
LcyXvfL4hHXPt2bNbcv3DNzanzy1f9K19QXVe3MGm9aa7J575Oo5wSaSzfQ9BNjI
E41WP/dH8m+rmVaTv1YYkMGyCaELXUa0oCTsVOBiNDfW7vTeLbdBPnfp6/0GzaA6
C6VYpFjl0jawFr4BF9F3qwzDV4uqnSQRw20CgpV6a3RZ8MjiUPtIVYblNIkdy8/v
ynUuIaGZa188YmsKvgGCDMEk5OhUoKc0tv7jMevAxtNLgZbKaw3dllNpCTOxVvS1
yeV7w9H0W73j+Rv3mTPvbMV5zX3qByJdD4zvmTP6Jp0H34DS1wpDISiwR97sSThc
+qUTIr/uB3IAH8iz1UR70R1fda8tlJ3hxkxh8JIuMCZBMLUZn9aTNdnXKO2o3s6O
5wSHhKXWmZmctDN4Sn4O6Tde9zsp0YfEZvGivOjulMBaer4UAmsCVyi9k4JGmEYf
DpTuvjI91PELKpmzQULTI2O55fZXl5gzmJJ/XcfJOkHY9H+GxBqIyVVBSC4PALge
iO6B2pt7V3U=
=2TCJ
-----END PGP SIGNATURE-----
ESB-2022.1623 - ALERT [Cisco] Cisco Wireless LAN Controller: CVSS (Max): 10.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1623
Cisco Wireless LAN Controller Management Interface
Authentication Bypass Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Wireless LAN Controller
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20695
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF
Comment: CVSS (Max): 10.0 CVE-2022-20695 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco Wireless LAN Controller Management Interface Authentication Bypass
Vulnerability
Priority: Critical
Advisory ID: cisco-sa-wlc-auth-bypass-JRNhV4fF
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: Yes
Cisco Bug IDs: CSCwa43249
CVE Names: CVE-2022-20695
CWEs: CWE-303
Summary
o A vulnerability in the authentication functionality of Cisco Wireless LAN
Controller (WLC) Software could allow an unauthenticated, remote attacker
to bypass authentication controls and log in to the device through the
management interface
This vulnerability is due to the improper implementation of the password
validation algorithm. An attacker could exploit this vulnerability by
logging in to an affected device with crafted credentials. A successful
exploit could allow the attacker to bypass authentication and log in to the
device as an administrator. The attacker could obtain privileges that are
the same level as an administrative user but it depends on the crafted
credentials.
Note: This vulnerability exists because of a non-default device
configuration that must be present for it to be exploitable. For details
about the vulnerable configuration, see the Vulnerable Products section of
this advisory.
Cisco has released software updates that address this vulnerability. There
are workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products if they are running
Cisco WLC Software Release 8.10.151.0 or Release 8.10.162.0 and have
macfilter radius compatibility configured as Other :
3504 Wireless Controller
5520 Wireless Controller
8540 Wireless Controller
Mobility Express
Virtual Wireless Controller (vWLC)
Note: The vulnerable releases noted above are available in the Software
Center on Cisco.com. In addition, specific customers have been given the
following vulnerable escalation builds that are not in the Software Center:
8.10.151.4 to 8.10.151.10
8.10.162.1 to 8.10.162.14
Determine the Configuration
To determine whether the Cisco WLC configuration is vulnerable, issue the
show macfilter summary CLI command. If RADIUS compatibility mode is other ,
as shown in the following example, the device is considered vulnerable:
wlc > show macfilter summary
MAC Filter RADIUS Compatibility mode............. Other
MAC Filter Delimiter............................. Single-Hyphen
MAC Filter Entries............................... 0
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and
9500 Series Switches
Catalyst 9800 Series Wireless Controllers
Catalyst 9800 Wireless Controller for Cloud
Embedded Wireless Controller on Catalyst Access Points
Wireless LAN Controller (WLC) AireOS products not listed in the
Vulnerable Products section
Workarounds
o There are workarounds that addresses this vulnerability. Choose one of the
following based on the environment:
Option 1: No Macfilters in the Environment
Customers who do not use macfilters can reset the macfilter radius
compatibility mode to the default value using the following CLI command:
wlc > config macfilter radius-compat cisco
Option 2: Macfilters in the Environment
Customers who use macfilters and who are able to change the radius server
configuration to match other possible compatibility modes can modify the
macfilter compatibility to either cisco or free using one of the following
CLI commands:
wlc > config macfilter radius-compat cisco
wlc > config macfilter radius-compat free
For more information about the different macfilter compatibility modes, see
Cisco Wireless Controller Command Reference .
While these workarounds have been deployed and were proven successful in a
test environment, customers should determine the applicability and
effectiveness in their own environment and under their own use conditions.
Customers should be aware that any workaround or mitigation that is
implemented may negatively impact the functionality or performance of their
network based on intrinsic customer deployment scenarios and limitations.
Customers should not deploy any workarounds or mitigations before first
evaluating the applicability to their own environment and any impact to
such environment.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades,
customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information
about licensing and downloads. This page can also display customer device
support coverage for customers who use the My Devices tool.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases.
The right column indicates whether a release is affected by the
vulnerability described in this advisory and the first release that
includes the fix for this vulnerability. Customers are advised to upgrade
to an appropriate fixed software release as indicated in this section.
Cisco Wireless LAN Controller Release First Fixed Release
8.9 and earlier Not vulnerable
8.10.142.0 and earlier Not vulnerable
8.10.151.0 and later 8.10.171.0
To download the software from the Software Center on Cisco.com, do the
following:
1. Click Browse all .
2. Choose Wireless > Wireless LAN Controller > Standalone Controllers .
3. Choose a specific product from the right pane of the product selector.
4. Choose a hardware platform from the left pane of the software page.
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o Cisco would like to thank a security researcher with Bispok for reporting
this vulnerability.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldi0ONLKJtyKPYoAQhx5g//VcXOe7hecT/qOZS0jD/dCHqaHnywFN7n
tTsplxJ5pRhtWl0zPxRLwujzid3Mkqvx2rllRHlA262wwCJJntxP/k3P7dfge3Ep
Geuq0LzsRnN8jbyWjCldrotWEd9xXy77DIqEe69FsGy2wKlX8m6uXnfuzgvRjv1X
rbp/njWOU3/XjhCxzCQnIOjetLsxV0ycwHlibDBtz7UULfpHpe04WENmIfvmXBMO
/lEO7P4nHDpjMWYM7+RlD8oX0+nWudEkJsgTW3F69yR9YlQiLrXrxbel9b5qSw+I
DE9YZQYPMO5JjNZeYsOf9ipHq9S/T/g4wdsrky+MJIa2eSumXiPgvScWuQJxZ4mr
jTsxj80D7uVQG8ykhh+gX65/zqjPt1IDjZvVvgnvbXmQq0CjMcTgijRs+bJODVeB
/MYYI+lwtoIzKifdCP3/PXwgp6UrzaD3wa9k4gCYVMpqSJFDjywe3zIkdcs3vday
gqQotOCQhTdzezFA+HIYiqwnLU4zTPpji9i4a0nYeYawStr7aFjBgEitxeYbO+FH
6iPRIEls9XhfmXuzxfLYnEE+g6tVQHO1WPD17ofgc34js9QHmfJ618WF6/PiSZ7S
ryLOi5HnkV8lIhDxtngy9WW9Nc9WpINJvPP4R6Map/0W3Tu4wF9wFvByj8CaK5hE
BuAIsZA/BC0=
=0dpl
-----END PGP SIGNATURE-----
ESB-2022.1622 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 7.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1622
Cisco SD-WAN vManage Software Privilege Escalation Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco SD-WAN vManage Software
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20739
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL
Comment: CVSS (Max): 7.3 CVE-2022-20739 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco SD-WAN vManage Software Privilege Escalation Vulnerability
Priority: High
Advisory ID: cisco-sa-sdwan-privesc-vman-tEJFpBSL
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvt11537
CVE Names: CVE-2022-20739
CWEs: CWE-269
Summary
o A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an
authenticated, local attacker to execute arbitrary commands on the
underlying operating system as the root user. The attacker must be
authenticated on the affected system as a low-privileged user to exploit
this vulnerability.
This vulnerability exists because a file leveraged by a root user is
executed when a low-privileged user runs specific commands on an affected
system. An attacker could exploit this vulnerability by injecting arbitrary
commands to a specific file as a lower-privileged user and then waiting
until an admin user executes specific commands. The commands would then be
executed on the device by the root user. A successful exploit could allow
the attacker to escalate their privileges on the affected system from a
low-privileged user to the root user.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL
Affected Products
o Vulnerable Products
This vulnerability affects Cisco SD-WAN vManage Software.
For information about which Cisco software releases are vulnerable, see the
Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
Cisco IOS XE SD-WAN Software
Cisco SD-WAN vEdge Series Routers
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades,
customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information
about licensing and downloads. This page can also display customer device
support coverage for customers who use the My Devices tool.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases.
The center column indicates whether a release is affected by the
vulnerability described in this advisory and the first release that
includes the fix for this vulnerability. The right column indicates whether
a release is affected by any of the Critical or High SIR vulnerabilities
described in this collection of advisories and which release includes fixes
for those vulnerabilities.
Customers are advised to upgrade to an appropriate fixed software release
as indicated in the following table(s). To ensure a complete upgrade
solution, consider that this advisory is part of a collection that includes
the following advisories:
cisco-sa-sd-wan-file-access-VW36d28P Cisco SD-WAN Solution Improper
Access Control Vulnerability
cisco-sa-sdwan-privesc-vman-tEJFpBSL Cisco SD-WAN vManage Privilege
Escalation Vulnerability
Cisco First Fixed Release First Fixed Release for All
SD-WAN for This Vulnerabilities Described in the
Release Vulnerability Collection of Advisories
18.3 and Migrate to a fixed Migrate to a fixed release.
earlier release.
18.4 18.4.6 Migrate to a fixed release.
19.2 19.2.3 Migrate to a fixed release.
20.1 20.1.2 Migrate to a fixed release.
20.3 20.3.1 Migrate to a fixed release.
20.4 20.4.1 Migrate to a fixed release.
20.5 20.5.1 Migrate to a fixed release.
20.6 20.6.1 20.6.1
20.7 20.7.1 20.7.1
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o This vulnerability was found during internal security testing by Andrew Kim
of the Cisco Advanced Security Initiatives Group (ASIG).
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldiweNLKJtyKPYoAQgBnw//beChEgmKfrH9JZ0FfisXns5coqSkjjX4
tnoWllFacccolc/jziIIphHJ8AougYMeGN4PQGosKssz/g3p0XKGcOZvu0Dssl5p
91hSoypdVgBjuQZTM8000NeptwhGNPxX6j6J23A4rwyIfOhl8NpJAaXPYYDRN53b
kd+ApKwnSxlQkqOK8Uj8Xk0g9+6id6jx3QPhbr3lDyl8/n3zv2VTidGLCnCsFxnk
6qlSjGwLz0sN4045FOuqaITNsD+g5hbgOiIag2iZ/i50+G+XP4uScWdEt1tO6kg0
ahWiLWmppG0uZbPjMV/XL3cscfML7rQwlUDHWnwyVTqBNOgA8h5fstwEaQd4K8mu
PU5H4lVxZvxYm3beENILx9JIcayxx7vGSyd/Pi11Qpn4V21zTP1CogJl5DnlAd47
13jxpxEqoL0Uhyo1RNdrX7vW6ieKdIMKvAj+HwfLgLZxInbINZBeaV0wXN66mXM+
X4bopOMI3iqreTzv+SNCENXQGbSnKPFfV5TV3wqYWcW34q3brk84Zgsnw/ODnLXD
26T4KfVTgXeabM3FtxMwj43UXVAETRO0BlHoTc1KSIorz3rc2PSiGnbK6l3sA1UW
R8FM+HuLDJhR2vYaCvkVZzdAalevZbfRK6tkQHVMad07fLj1lineh8ohKgZgYSwq
eJqzv2a4/DM=
=0Akq
-----END PGP SIGNATURE-----
ESB-2022.1621 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 6.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1621
Cisco SD-WAN vManage Software Information Disclosure Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco SD-WAN vManage Software
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20747
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq
Comment: CVSS (Max): 6.5 CVE-2022-20747 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco SD-WAN vManage Software Information Disclosure Vulnerability
Priority: Medium
Advisory ID: cisco-sa-sdwan-vman-infodis-73sHJNEq
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvy67842
CVE Names: CVE-2022-20747
CWEs: CWE-202
Summary
o A vulnerability in the History API of Cisco SD-WAN vManage Software could
allow an authenticated, remote attacker to gain access to sensitive
information on an affected system.
This vulnerability is due to insufficient API authorization checking on the
underlying operating system. An attacker could exploit this vulnerability
by sending a crafted API request to Cisco vManage as a lower-privileged
user and gaining access to sensitive information that they would not
normally be authorized to access.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq
Affected Products
o Vulnerable Products
At the time of publication, this vulnerability affected Cisco SD-WAN
vManage Software.
For information about which Cisco software releases were vulnerable at the
time of publication, see the Fixed Software section of this advisory. See
the Details section in the bug ID(s) at the top of this advisory for the
most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
At the time of publication, the release information in the following table
(s) was accurate. See the Details section in the bug ID(s) at the top of
this advisory for the most complete and current information.
Cisco SD-WAN Release First Fixed Release
18.3 and earlier Migrate to a fixed release.
18.4 Migrate to a fixed release.
19.2 Migrate to a fixed release.
20.1 Migrate to a fixed release.
20.3 Migrate to a fixed release.
20.4 Migrate to a fixed release.
20.5 Migrate to a fixed release.
20.6 20.6.1
20.7 20.7.1
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o This vulnerability was found during the resolution of a Cisco TAC support
case.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-infodis-73sHJNEq
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldiruNLKJtyKPYoAQgDLxAAqJbcejTIiMXzh0DoW6a+ehPaE+KD9R1W
tepNznkb2HafoweNUYFqGXEW2Qp4u6RLLnzgq51qmZALHcAHZZv0LHYU2LF/l7n/
soA/cg7kKarhIqUdZIz4wfssE8zvrz2sB3OqXDSDvfAXFkz9OuCqM4lcYq/xdKxs
GhAUDZnbtfW6Bn1pskRkVAaYmHA2Fj4dyMpWYKCblznf6eOhOCAgguaBiygRievv
V+zqj/PAtERoiBUXlzSJWlU3nJ5xCT1ZbT9udJMOHqAhSPBHh/a55AuB3P0CkRzC
vXNaepklkZqEGAPJFx6XMzl8djUoi6f+2hhZU1BwQgTUJTxbrI2YpcgSOZ0bFydA
JQ70nei6NXc2rV8XSo2bkBxu7Xf/V5kH3mXvh7uncD043ZsXP6TyYYk3R5AKm+68
Zcr7ZYZvV2sa6dU29Wr+7Rhx5FnbevBJZ/f+J7703fI7BNqctpbsnOEZEmkbYkuR
+RborQWsAjqwjkYLeXjxMKkCZA1ugWjF6Bt3KOyoB4OXpaXXhbVBeqg6UIXNtgWf
LzZqWMVPZSX/B6b0pSeoCql0ZvJn4iMA8janZU25ax2HvOm79sAOxv86K/K9IFkl
wzkYkq9ByowjisQlhf8M+KHzx/kSd1SafPy9YchRzwlW0+1dhye3YNudNKURQEk7
NNh14hvOw8I=
=b8vm
-----END PGP SIGNATURE-----
ESB-2022.1620 - [Cisco] Cisco SD-WAN vManage Software: CVSS (Max): 6.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1620
Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco SD-WAN vManage Software
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20735
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR
Comment: CVSS (Max): 6.5 CVE-2022-20735 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability
Priority: Medium
Advisory ID: cisco-sa-sdwan-vmanage-csrf-rxQL4tXR
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvu28364
CVE Names: CVE-2022-20735
CWEs: CWE-352
Summary
o A vulnerability in the web-based management interface of Cisco SD-WAN
vManage Software could allow an unauthenticated, remote attacker to conduct
a cross-site request forgery (CSRF) attack on an affected system.
This vulnerability is due to insufficient CSRF protections for the
web-based management interface on an affected system. An attacker could
exploit this vulnerability by persuading a user of the interface to click a
malicious link. A successful exploit could allow the attacker to perform
arbitrary actions with the privilege level of the affected user. These
actions could include modifying the system configuration and deleting
accounts.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR
Affected Products
o Vulnerable Products
At the time of publication, this vulnerability affected Cisco SD-WAN
vManage Software.
For information about which Cisco software releases were vulnerable at the
time of publication, see the Fixed Software section of this advisory. See
the Details section in the bug ID(s) at the top of this advisory for the
most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
At the time of publication, the release information in the following table
(s) was accurate. See the Details section in the bug ID(s) at the top of
this advisory for the most complete and current information.
The left column lists Cisco software releases, and the right column
indicates whether a release was affected by the vulnerability described in
this advisory and which release included the fix for this vulnerability.
Cisco SD-WAN vManage Software Release First Fixed Release
Earlier than 20.6 Migrate to a fixed release.
20.6 20.6.1
20.7 20.7.1
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o This vulnerability was found during internal security testing by Alex
Lumsden of the Cisco Advanced Security Initiatives Group (ASIG).
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-csrf-rxQL4tXR
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldipONLKJtyKPYoAQjBARAAro0LcY58bInP9R1SHaeYpSilS5ryvhq9
FbVPcYlMsGtWJl7LSCRzYbhpd6xzpnV+Q3jZlOMGWGdZ61KOkUfNgXHpVEz9XC0D
/bhgLxaRs1T7J6mvslKxzXJjGVPqLi1R9Ay8I0WS81I7dqb8DdsWYbKZE+IUlwJF
Jf4i7wgj/3gP77YhxVWPk0DGQ3h+YZbbRqAai4R5Fh5GyN6CSbPLxJVifW2VlYOj
OHpC0LDfivKucQzfgVtScXEMuNxyDDGFVqB1kc/kFk5Azp0tFV+Qxffe5mjuCgoY
lXTm/mbWo6sG4Wpkyp1w4eBOgleFqGeOUxHjMiESc5U1kq8zd1AfHsKDH7qRom2Q
oevXviDV1cm9uTkvK48t+q4S5fe96qFfEK9Nd2QA6Vlww4uopGL8IdD8Ys7fTgSp
ddMSQuOlQp8M9UvMDs2ba0/l3qQmmG4LdXWSTw8XCy/Z8WnPtrmajnOC1VmxUhQH
0+xyQvQqN32dgTGAYpKGFQ8OsKZir/3WWoKtcdcCeop1x0643fti4de1r4OgNRCM
lqkgM4LDBB6zCEw+0TMljijcIkibp/uvlnir32MdlxO6d9bKY02kXuS4OF7T+rwu
Jd7uY3pOxwF+00o32xRMHxNwIiVdferTtduyaURxVzSI2AAYWGlPf/pwkZQ3QEYw
hWXQ7uwpft8=
=MTj8
-----END PGP SIGNATURE-----
ESB-2022.1619 - [Cisco] Cisco SD-WAN vEdge Routers: CVSS (Max): 5.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1619
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco SD-WAN vEdge Routers
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20717
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB
Comment: CVSS (Max): 5.5 CVE-2022-20717 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
Priority: Medium
Advisory ID: cisco-sa-sdwan-vedge-dos-jerVm4bB
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvt55609
CVE Names: CVE-2022-20717
CWEs: CWE-789
CVSS Score:
5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X
Summary
o A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could
allow an authenticated, local attacker to cause an affected device to run
out of memory, resulting in a denial of service (DoS) condition.
This vulnerability is due to insufficient memory management when an
affected device receives large amounts of traffic. An attacker could
exploit this vulnerability by sending malicious traffic to an affected
device. A successful exploit could allow the attacker to cause the device
to crash, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB
Affected Products
o Vulnerable Products
At the time of publication, this vulnerability affected the following Cisco
products if they were running a vulnerable release of Cisco SD-WAN vEdge
Software:
1100 Series Integrated Services Routers (ISRs)
SD-WAN vEdge 100 Series Routers
SD-WAN vEdge 1000 Series Routers
SD-WAN vEdge 2000 Series Routers
SD-WAN vEdge 5000 Series Routers
For information about which Cisco software releases were vulnerable at the
time of publication, see the Fixed Software section of this advisory. See
the Details section in the bug ID(s) at the top of this advisory for the
most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
5000 Series Enterprise Network Compute System (ENCS) platforms that are
running Cisco IOS XE SD-WAN Software
Cloud Services Router (CSR) 1000V Series images
ISRs that are running Cisco IOS XE SD-WAN Software
vEdge Cloud Router images
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
At the time of publication, the release information in the following table
(s) was accurate. See the Details section in the bug ID(s) at the top of
this advisory for the most complete and current information.
The left column lists Cisco software releases, and the right column
indicates whether a release was affected by the vulnerability described in
this advisory and which release included the fix for this vulnerability.
Cisco SD-WAN vEdge Software Release First Fixed Release
Earlier than 20.6 Migrate to a fixed release.
20.6 20.6.1
20.7 20.7.1
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vedge-dos-jerVm4bB
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldimONLKJtyKPYoAQiVnA/9F+YBKpKWF4mzGCSEzQ/3yVuRlC6+Lf1M
D3ISNzYjNTphsg1RwEEyYW+/GTrzTpiMxZkWQn9SaLaaos+nY22BVYydP3X875+n
ExXREsYLsCLOHSkr5u+nCoy1OyPWJx7dgwtFmKFL4E1c+/RFYAOCCrdEtNC64eQs
a5IHWaxAQzKpG/92FdnZPjd/Kb8H/K5gdZdEMK9h+dk7E4Y3uyiR3zTywCv2+L4L
4ksbLdayKgCXz+bHXb8JU6a8/uHApNs5Mp2A2pX3dyYHY+3WCBtDAp4MYbk1L9tz
xm9rp0+fZS0tT4wKWpI4tMlsxsjmL15cb7lXO/843QJaJZe/qi3zcz59rdpBhA1/
1Jnn1i4dy1EwRHYmtJODS4JcAcBYGi2JVBiu/i+3Yxyehwf7vrdq15cJ7kcmuxAX
k0iggKjoAUCS561mrpnx/iW6xtKGlTBNftpCs79TCIuENNRL0lkn6zxi3WxfByg8
ankkEDwC9m9i9ISl4vQ2GTopsXvHrVLvhAO0bNa5tBCOvMia0jyXbMfqPfxZuQdn
DBkZC+RN01gHYHDdgEU08LoFIKn/ed4Cxjm9MF97QJmF9jyEAl5OQoGaRk43FDgN
2kKOQvm9x3/OAT0hxK+pNbTUhz14QcLejyO9njSlY+iduNVFdEgqXi7+L5s6ZX+k
6h+vk5Vdzeg=
=/sFh
-----END PGP SIGNATURE-----
ESB-2022.1618 - [Cisco] Cisco SD-WAN: CVSS (Max): 7.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1618
Cisco SD-WAN Solution Improper Access Control Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco SD-WAN
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20716
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P
Comment: CVSS (Max): 7.8 CVE-2022-20716 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco SD-WAN Solution Improper Access Control Vulnerability
Priority: High
Advisory ID: cisco-sa-sd-wan-file-access-VW36d28P
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvy11382
CVE Names: CVE-2022-20716
CWEs: CWE-284
Summary
o A vulnerability in the CLI of Cisco SD-WAN Software could allow an
authenticated, local attacker to gain escalated privileges.
This vulnerability is due to improper access control on files within the
affected system. A local attacker could exploit this vulnerability by
modifying certain files on the vulnerable device. If successful, the
attacker could gain escalated privileges and take actions on the system
with the privileges of the root user.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P
Affected Products
o Vulnerable Products
This vulnerability affects the following Cisco products:
SD-WAN vBond Orchestrator Software
SD-WAN vEdge Cloud Routers
SD-WAN vEdge Routers
SD-WAN vManage Software
SD-WAN vSmart Controller Software
For information about which Cisco software releases are vulnerable, see the
Fixed Software section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect Cisco IOS XE
SD-WAN Software.
Indicators of Compromise
o The Cisco Security Indicators of Compromise Reference Guide lists commonly
observed Indicators of Compromise (IoCs), which can help identify devices
that may have been impacted by the vulnerability disclosed in this Cisco
security advisory.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades,
customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information
about licensing and downloads. This page can also display customer device
support coverage for customers who use the My Devices tool.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases.
The center column indicates whether a release is affected by the
vulnerability described in this advisory and the first release that
includes the fix for this vulnerability. The right column indicates whether
a release is affected by any of the Critical or High SIR vulnerabilities
described in this collection of advisories and which release includes fixes
for those vulnerabilities.
Customers are advised to upgrade to an appropriate fixed software release
as indicated in the following table(s). To ensure a complete upgrade
solution, consider that this advisory is part of a collection that includes
the following advisories:
cisco-sa-sd-wan-file-access-VW36d28P Cisco SD-WAN Solution Improper
Access Control Vulnerability
cisco-sa-sdwan-privesc-vman-tEJFpBSL Cisco SD-WAN vManage Privilege
Escalation Vulnerability
Cisco SD-WAN First Fixed Release First Fixed Release for All
Software for This Vulnerabilities Described in the
Release Vulnerability Collection of Advisories
18.4 Migrate to a fixed Migrate to a fixed release.
release.
19.2 Migrate to a fixed Migrate to a fixed release.
release.
20.3 Migrate to a fixed Migrate to a fixed release.
release.
20.4 Migrate to a fixed Migrate to a fixed release.
release.
20.5 Migrate to a fixed Migrate to a fixed release.
release.
20.6 20.6.1 20.6.1
20.7 20.7.1 20.7.1
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o Cisco would like to thank Joris Oversteyns for reporting this
vulnerability.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldijeNLKJtyKPYoAQiaDQ//c88dbWrdRGzvP6xL6PQ0+RygOcb/oFjQ
Q9KM3rT5kguEgT+whIcHajMo230hp08ULZsxKYfvkQYt3y3YxrJkh317/NZUFj4Y
c4cI8ku/IJRbQu45h35w0wBWYk+cHVBHr4SJuOGE72ia5pI91Ud+/wT1ObJc0zfR
QSRB4mFwyWSC1fhefGngVXzwwJFA7cuG5ogLiTYkCX5oyRQC3R8bXGfJC/m1uOhq
qBM8bppeMFFp9FropnKMkm5el8VKeb+h3T9IIy/qZqX8d0ZNadtushtziWmgJZIN
hxWE8CFNU90OHZ1D/E2GASNo3JkLAZJrnObJTx/qFpmo+xCNHCaf5o3LAee0R9pZ
qoX4/T/CVM4zec3W4aneKgupzHywqQxJpDIc7QSpjO3VvQ0tHYA4YKMp2XcyGaAc
or+phmm65KQ+jVCHenBgPNvkriUmnCbVq3XCS7/hKXdzDVI76RDxOF05/xUili90
4suGyZUqf5HwlKgQMoC0GdcgIQkgx4Vuk0Xf0QCesQ8Z5eZVfIyROFEfYG0hmwEX
SQtlYu5FBcYv7RpkjCRAFad9gXVNPaCtZNqGm4H4O5lf87aGLnlZw8q/pTGJoomR
IViCzYuk3u5rQLxUMKOXDUw6zljz5gb3Jg1CrXrfZQSulBO6fdb1ro4vdHHVJTnV
jl3DKPpbB6w=
=04US
-----END PGP SIGNATURE-----
ESB-2022.1617 - [Cisco] Cisco IOx Application Hosting Environment: CVSS (Max): 5.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1617
Cisco IOx Application Hosting Environment Vulnerabilities
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco IOx Application Hosting Environment
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20727 CVE-2022-20726 CVE-2022-20725
CVE-2022-20724 CVE-2022-20723 CVE-2022-20722
CVE-2022-20721 CVE-2022-20720 CVE-2022-20719
CVE-2022-20718 CVE-2022-20677
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj
Comment: CVSS (Max): 5.5 CVE-2022-20719 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco IOx Application Hosting Environment Vulnerabilities
Priority: Medium
Advisory ID: cisco-sa-iox-yuXQ6hFj
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvx27640 CSCvy16608 CSCvy30903 CSCvy30957 CSCvy35913
CSCvy35914 CSCvy86583 CSCvy86598 CSCvy86602 CSCvy86603
CSCvy86604 CSCvy86608
CVE Names: CVE-2022-20677 CVE-2022-20718 CVE-2022-20719 CVE-2022-20720
CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724
CVE-2022-20725 CVE-2022-20726 CVE-2022-20727
CWEs: CWE-22 CWE-250 CWE-77
Summary
o Multiple vulnerabilities in the Cisco IOx application hosting environment
on multiple Cisco platforms could allow an attacker to inject arbitrary
commands into the underlying host operating system, execute arbitrary code
on the underlying host operating system, install applications without being
authenticated, or conduct a cross-site scripting (XSS) attack against a
user of the affected software.
For more information about these vulnerabilities, see the Details section
of this advisory.
Cisco has released software updates that address these vulnerabilities.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj
This advisory is part of the April 2022 release of the Cisco IOS and IOS XE
Software Security Advisory Bundled Publication. For a complete list of the
advisories and links to them, see Cisco Event Response: April 2022
Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled
Publication.
Affected Products
o Vulnerable Products
At the time of publication, one of more of these vulnerabilities affected
the following Cisco products if they were running a vulnerable software
release:
800 Series Industrial Integrated Services Routers (Industrial ISRs)
800 Series Integrated Services Routers (ISRs)
1000 Series Connected Grid Router (CGR1000) Compute Modules
IC3000 Industrial Compute Gateways
Industrial Ethernet (IE) 4000 Series Switches
IOS XE-based devices configured with IOx
IR510 WPAN Industrial Routers
For information about which Cisco software releases were vulnerable at the
time of publication, see the Fixed Software section of this advisory. See
the Details section in the bug ID(s) at the top of this advisory for the
most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by these vulnerabilities.
Cisco has confirmed that these vulnerabilities do not affect the following
Cisco products:
IOS XR Software
Meraki products
NX-OS Software
Details
o The vulnerabilities are not dependent on one another. Exploitation of one
of the vulnerabilities is not required to exploit another vulnerability. In
addition, a software release that is affected by one of the vulnerabilities
may not be affected by the other vulnerabilities.
Details about the vulnerabilities are as follows:
CVE-2022-20718: Cisco IOx Application Hosting Environment Parameter
Injection Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
execute a parameter injection using the Cisco IOx API.
This vulnerability is due to incomplete sanitization of parameters that are
passed in for activation of an application. An attacker could exploit this
vulnerability by deploying and activating an application in the Cisco IOx
application hosting environment with a crafted activation payload file. A
successful exploit could allow the attacker to execute arbitrary code as
root on the underlying host operating system.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy35913
CVE ID: CVE-2022-20718
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20719: Cisco IOx Application Hosting Environment Parameter
Injection Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
execute a parameter injection using the Cisco IOx API.
This vulnerability is due to incomplete sanitization of parameters that are
passed in as part of the IOx package descriptor. An attacker could exploit
this vulnerability by crafting an IOx package descriptor file and then
building and deploying an application in the Cisco IOx application hosting
environment. A successful exploit could allow the attacker to execute
arbitrary code as root on the underlying host operating system.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86583
CVE ID: CVE-2022-20719
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20720: Cisco IOx Application Hosting Environment Path Traversal
Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
read or write arbitrary data on the underlying host operating system.
This vulnerability exists because a real path check is not performed on the
requested data. An attacker could exploit this vulnerability by creating a
symbolic link within the deployed application and requesting data using the
API. A successful exploit could allow the attacker to read or execute
arbitrary code as root on the underlying host operating system.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy30957
CVE ID: CVE-2022-20720
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20723: Cisco IOx Application Hosting Environment Arbitrary Code
Execution Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
execute arbitrary code on the underlying host operating system.
This vulnerability is due to incomplete sanitization of parameters that are
passed in for activation of an application. An attacker could exploit this
vulnerability by deploying and activating an application in the Cisco IOx
application hosting environment with a crafted activation payload file. A
successful exploit could allow the attacker to execute arbitrary code as
root on the underlying host operating system.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86603
CVE ID: CVE-2022-20723
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20725: Cisco IOx Application Hosting Environment Cross-Site
Scripting Vulnerability
A vulnerability in the web-based Local Manager interface of the Cisco IOx
application hosting environment could allow an authenticated, remote
attacker to conduct a stored cross-site scripting (XSS) attack against a
user of the web-based Local Manager interface of an affected device. The
attacker must have valid Local Manager credentials.
This vulnerability is due to insufficient validation of user-supplied input
by the web-based Local Manager interface. An attacker could exploit this
vulnerability by injecting malicious code into a system settings tab. A
successful exploit could allow the attacker to execute arbitrary script
code in the context of the affected web interface or allow the attacker to
access sensitive browser-based information.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86608
CVE ID: CVE-2022-20725
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
CVE-2022-20724: Cisco IOx Application Hosting Environment User
Impersonation Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an unauthenticated, remote attacker to
bypass authentication and impersonate another authenticated user session.
This vulnerability is due to a race condition for allocation of the token.
An attacker could exploit this vulnerability by constantly trying a call to
the upload API, and if the calls occur at the same time as an authorized
administrator deploying an application, the attacker may race the token and
be given the ability to bypass authentication. A successful exploit could
allow the attacker to bypass authentication.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86604
CVE ID: CVE-2022-20724
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.3
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-20726: Cisco IOx Application Hosting Environment Denial of Service
Vulnerability
A vulnerability in the Cisco IOx application hosting environment of Cisco
809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829
Industrial ISRs, Cisco CGR 1000 Compute Modules, and Cisco IC3000
Industrial Compute Gateways could allow an unauthenticated, remote attacker
to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient error handling of socket
operations. An attacker could exploit this vulnerability by sending a
sustained rate of crated TCP traffic to the IOx web server on an affected
device. A successful exploit could allow the attacker to cause the IOx web
server to stop processing requests, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvx27640
CVE ID: CVE-2022-20726
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.3
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-20677: Cisco IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the Cisco IOx application hosting environment in Cisco
IOS XE Software could allow an authenticated, local attacker to elevate
privileges from privilege level 15 to root on an affected device.
This vulnerability is due to incomplete file protection for the Cisco IOx
application hosting environment. An attacker could exploit this
vulnerability by modifying the file system with a crafted payload. A
successful exploit could allow the attacker to execute arbitrary commands
as root .
Bug ID(s): CSCvy30903 CSCvy16608
CVE ID: CVE-2022-20677
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.1
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20727: Cisco IOx Application Hosting Environment Privilege
Escalation
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, local attacker to
gain escalated privileges.
This vulnerability is due to improper input validation when loading Cisco
IOx applications. An attacker could exploit this vulnerability by modifying
application content while a Cisco IOx application is loading. A successful
exploit could allow the attacker to gain privileges equivalent to the root
user.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy35914
CVE ID: CVE-2022-20727
Security Impact Rating (SIR): Medium
CVSS Base Score: 5.1
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CVE-2022-20721: Cisco IOx Application Hosting Environment Arbitrary File
Read Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
read arbitrary files from the underlying operating system.
This vulnerability is due to insufficient path validation of command
arguments within the Cisco IOx API. An attacker could exploit this
vulnerability by sending a crafted command request using the API. A
successful exploit could allow the attacker to read the contents of any
file that is located on the host device filesystem.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86598
CVE ID: CVE-2022-20721
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.9
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE-2022-20722: Cisco IOx Application Hosting Environment Path Traversal
Vulnerability
A vulnerability in the Cisco IOx application hosting environment of
multiple Cisco platforms could allow an authenticated, remote attacker to
read arbitrary files from the underlying host filesystem.
This vulnerability is due to insufficient path validation of command
arguments within the Cisco IOx API. An attacker could exploit this
vulnerability by sending a crafted command request using the API. A
successful exploit could allow the attacker to read the contents of any
file that is located on the underlying host filesystem.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
Bug ID(s): CSCvy86602
CVE ID: CVE-2022-20722
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.9
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Workarounds
o There are no workarounds that address these vulnerabilities. However, there
is a mitigation.
Customers who do not want to use the Cisco IOx application hosting
environment can disable IOx permanently on the device by using the no iox
configuration command.
While this mitigation has been deployed and was proven successful in a test
environment, customers should determine the applicability and effectiveness
in their own environment and under their own use conditions. Customers
should be aware that any workaround or mitigation that is implemented may
negatively impact the functionality or performance of their network based
on intrinsic customer deployment scenarios and limitations. Customers
should not deploy any workarounds or mitigations before first evaluating
the applicability to their own environment and any impact to such
environment.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
At the time of publication, the release information in the following table
(s) was accurate. See the Details section in the bug ID(s) at the top of
this advisory for the most complete and current information.
Cisco Platform First Fixed Release
800 Series Industrial ISRs Cisco IOS Software Release 15.9(3)M5 and later.
800 Series ISRs Not fixed; IOx has reached end of life on Cisco
800 Series ISRs.
CGR1000 Compute Modules IOx image for CGR1000 Compute Module 1.15.0.1
IC3000 Industrial Compute Industrial Compute Gateway Software Release
Gateways 1.4.1
IE 4000 Series Switches Not fixed; IOx has reached end of life on the
Cisco IE 4000 Series Switches.
IOS XE devices:
o 1000 Series ISRs Cisco IOS XE Software releases:
o 4000 Series ISRs
o ASR 1000 Series o 16.12(7) (All but CSCvy16608 are resolved
Aggregation Services in 16.12(6))
Routers o 17.3(5)
o Catalyst 9x00 Series o 17.6(2)
Switches o 17.7(1) and later
o Catalyst IE3400 Rugged
Series Switches For more information, see the Cisco IOS and IOS
o Embedded Services 3300 XE Software Checker section below.
Series Switches
IR510 WPAN Industrial TBD. Fix planned for the next IR510 operating
Routers system release.
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Cisco IOS and IOS XE Software
To help customers determine their exposure to vulnerabilities in Cisco IOS
and IOS XE Software, Cisco provides the Cisco Software Checker to identify
any Cisco Security Advisories that impact a specific software release and
the earliest release that fixes the vulnerabilities described in each
advisory ("First Fixed"). If applicable, the tool also returns the earliest
release that fixes all the vulnerabilities described in all the advisories
identified ("Combined First Fixed").
Customers can use the Cisco Software Checker to search advisories in the
following ways:
Choose the software and one or more releases
Upload a .txt file that includes a list of specific releases
Enter the output of the show version command
After initiating a search, customers can customize the search to include
all Cisco Security Advisories, a specific advisory, or all advisories in
the most recent bundled publication.
By default, the Cisco Software Checker includes results only for
vulnerabilities that have a Critical or High Security Impact Rating (SIR).
To include results for Medium SIR vulnerabilities, customers can use the
Cisco Software Checker on Cisco.com and check the Medium check box in the
drop-down list under Impact Rating when customizing a search.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerabilities that are described in this advisory.
Source
o Cisco would like to thank Cyrille CHATRAS of Orange group for reporting the
following vulnerabilities: CVE-2022-20718, CVE-2022-20719, CVE-2022-20720,
CVE-2022-20721, CVE-2022-20722, CVE-2022-20723, CVE-2022-20724,
CVE-2022-20725.
CVE-2022-20718 and CVE-2022-20720: These vulnerabilities were also found
during internal security testing by X.B. of the Cisco Advanced Security
Initiatives Group (ASIG).
CVE-2022-20677: This vulnerability was found during internal security
testing by X.B. of the Cisco ASIG.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Related to This Advisory
o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software
Security Advisory Bundled Publication
Cross-Site Scripting
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldifeNLKJtyKPYoAQiWuhAAsFMzRdKECpVcgTFA/MycVfKW6Iu3eEh3
tGh7DtbUCLTqrWglCWXrTNvaq1kaYwtGpP72e1O2BKzmbzK+qNk01XkgTw+BOQqO
DZ9MGhWEfoqtyuWmJZrg6rUrm3BGXcsMF8VLuqeuIuy7LVmgm0LF5Tdt0YH7bg8C
/o64IU504qT1EZmAXJuvmh97HLYVsY4YfuPJOGd3sLvtbK4gx4wpInvPJuuXFS88
cYEmrjGKUlr28xQmzYmi61Y8oqJoNi4FJCX0n+/oT4tbjSHlEbFScwbYNSxoQwoy
7v3z6Lgs9731PHffBrBqPr/DgQFEU6e5kb/46c3jFAUcTqjPLX0M8z5Gohz8IS9S
wvf18oPtsA9cmBd7U1EdxqncWVvL+ZJwI0XM7tCVhFHsRFusf/m5m2361qt6pgRq
ToKUMzHJjCADr02TWe4S1CtKKZI5uZFFDfHKGTMMfCQc/53XI9s0HCeMKrYbfgr+
NXLUstCI15jd4lynpNCxAPVMUkTmvGObS6SAu96+2sUnXJ9NrQhkH8OMRWmkj/SI
PfR9AXfu90auki2FsuDVWRtWapfEkIVDfdjAGrRjzIzJOJrDfDh9H31jxSzsUths
4PE+9i8WM7PzXn5LCvBOCzSU2bbXDubDvwqADAqrcNpn67RXi1w2Ilsha+5y9dgT
bSlZQCRJ22c=
=GcfY
-----END PGP SIGNATURE-----
ESB-2022.1616 - [Cisco] Cisco IOS and IOS XE Software: CVSS (Max): 8.6
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1616
Cisco IOS and IOS XE Software Web Services Denial of Service Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco IOS and IOS XE Software
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20697
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS
Comment: CVSS (Max): 8.6 CVE-2022-20697 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco IOS and IOS XE Software Web Services Denial of Service Vulnerability
Priority: High
Advisory ID: cisco-sa-http-dos-svOdkdBS
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvx42406
CVE Names: CVE-2022-20697
CWEs: CWE-691
Summary
o A vulnerability in the web services interface of Cisco IOS Software and
Cisco IOS XE Software could allow an authenticated, remote attacker to
cause a denial of service (DoS) condition.
This vulnerability is due to improper resource management in the HTTP
server code. An attacker could exploit this vulnerability by sending a
large number of HTTP requests to an affected device. A successful exploit
could allow the attacker to cause the device to reload, resulting in a DoS
condition.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS
This advisory is part of the April 2022 release of the Cisco IOS and IOS XE
Software Security Advisory Bundled Publication. For a complete list of the
advisories and links to them, see Cisco Event Response: April 2022
Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled
Publication.
Affected Products
o Vulnerable Products
This vulnerability affects Cisco devices if they are running a vulnerable
release of Cisco IOS Software or Cisco IOS XE Software and have the HTTP
feature enabled. All vulnerable releases of Cisco IOS XE Software are
within the 3SE and 3E release trains.
For more information about which Cisco software releases are vulnerable,
see the Fixed Software section of this advisory.
Determine the HTTP Server Configuration
To determine whether the HTTP Server feature is enabled for a device, log
in to the device and use the show running-config | include ip http server|
secure|active command in the CLI to check for the presence of the ip http
server command or the ip http secure-server command in the global
configuration. If either command is present, the HTTP Server feature is
enabled for the device.
The following example shows the output of the show running-config | include
ip http server|secure|active command for a device that has the HTTP Server
feature enabled:
Router# show running-config | include ip http server|secure|active
ip http server
ip http secure-server
Note: The presence of either command or both commands in the device
configuration indicates that the web UI feature is enabled.
If the ip http server command is present and the configuration also
contains ip http active-session-modules none , the vulnerability is not
exploitable over HTTP.
If the ip http secure-server command is present and the configuration also
contains ip http secure-active-session-modules none , the vulnerability is
not exploitable over HTTPS.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
IOS XR Software
Meraki products
NX-OS Software
Workarounds
o There are no workarounds that address this vulnerability. However, there
are mitigations.
Disabling the HTTP Server feature eliminates the attack vector for this
vulnerability and may be a suitable mitigation until affected devices can
be upgraded. To disable the HTTP Server feature, use the no ip http server
or no ip http secure-server command in global configuration mode. If both
the HTTP server and HTTPS server are in use, both commands are required to
disable the HTTP Server feature.
Disabling HTTP and HTTPS for management functions can also be a suitable
mitigation. Use the ip http active-session-modules none and ip http
secure-active-session-modules none commands.
While these mitigations have been deployed and were proven successful in a
test environment, customers should determine the applicability and
effectiveness in their own environment and under their own use conditions.
Customers should be aware that any workaround or mitigation that is
implemented may negatively impact the functionality or performance of their
network based on intrinsic customer deployment scenarios and limitations.
Customers should not deploy any workarounds or mitigations before first
evaluating the applicability to their own environment and any impact to
such environment.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades,
customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information
about licensing and downloads. This page can also display customer device
support coverage for customers who use the My Devices tool.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Cisco IOS and IOS XE Software
To help customers determine their exposure to vulnerabilities in Cisco IOS
and IOS XE Software, Cisco provides the Cisco Software Checker to identify
any Cisco Security Advisories that impact a specific software release and
the earliest release that fixes the vulnerabilities described in each
advisory ("First Fixed"). If applicable, the tool also returns the earliest
release that fixes all the vulnerabilities described in all the advisories
identified ("Combined First Fixed").
Customers can use the Cisco Software Checker to search advisories in the
following ways:
Choose the software and one or more releases
Upload a .txt file that includes a list of specific releases
Enter the output of the show version command
After initiating a search, customers can customize the search to include
all Cisco Security Advisories, a specific advisory, or all advisories in
the most recent bundled publication.
By default, the Cisco Software Checker includes results only for
vulnerabilities that have a Critical or High Security Impact Rating (SIR).
To include results for Medium SIR vulnerabilities, customers can use the
Cisco Software Checker on Cisco.com and check the Medium check box in the
drop-down list under Impact Rating when customizing a search.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o This vulnerability was found during internal security testing.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Related to This Advisory
o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software
Security Advisory Bundled Publication
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldic+NLKJtyKPYoAQgVug/+OQdeSmOzvKtMTUQFYsqi9th9lCF6mEel
IVFKyjizzrEKxr6S80lCU8ArH837KnYRF4sY8TmpN+ABl/Ls0KJFcQkI4hnHZtPV
jmiOMqhJSQoP2WFFgPeokbdSBBf94nXCfaCAWlUmkX4ft2SsfS5XZbeE7WKZPbaC
80QjBSczM0cfK79x24Sa5urpXqAyFc3/ksVv5vZpdmtNlOC8PzWy3d9ORY1Kw0Ri
N2brxzKcdPv59VZdwL4AhtQqSzQXD0LvFut9OFKEPHacMrFOzx+/tc/qXME5V43X
7VAeUaBF2qMIo6AeitKWw6eRXTUqAGCJQww7xudxfYvRJ8SadvOc8jAziehXQ2+H
M/AaSz+/4nX5xV6QjLtTc/FMm82KfxBJH9Fdc/dVuK7+3HqZOqrVR+4S6rhzgQFC
BJQjhmgOliGeDLREKeIw1Pd+1bm2tzy5Lo21hnNhyTTBxsIKwThYzQv66abETTkB
NoSCh+3SHiVfh0aZmwjueofPVRxtgUNL4AzuYKfWY6lOjcbqaXYty973TJbD0+cG
LqHat4sKNGN2VA06cxXm/wAApPKNViTyYdjGDxcRTwPjCWIlcVQRR+EjZ4sh5VBA
CNzv/nNvdD9Jy+AdhildxFm6uweLzwtNQ88W+YLQDIri7KD+PGXXm2tR8EFeNOx5
HBpCbMz6fss=
=lVTK
-----END PGP SIGNATURE-----
ESB-2022.1615 - [Cisco] Cisco IOS XR Software: CVSS (Max): 8.6
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1615
Cisco IOS XR Software for ASR 9000 Series Routers
Lightspeed-Plus Line Cards Denial of Service Vulnerability
14 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco IOS XR Software
Publisher: Cisco Systems
Operating System: Cisco
Resolution: Patch/Upgrade
CVE Names: CVE-2022-20714
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk
Comment: CVSS (Max): 8.6 CVE-2022-20714 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
CVSS Source: Cisco Systems
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards
Denial of Service Vulnerability
Priority: High
Advisory ID: cisco-sa-lsplus-Z6AQEOjk
First Published: 2022 April 13 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvy48962
CVE Names: CVE-2022-20714
CWEs: CWE-126
Summary
o A vulnerability in the data plane microcode of Lightspeed-Plus line cards
for Cisco ASR 9000 Series Aggregation Services Routers could allow an
unauthenticated, remote attacker to cause the line card to reset.
This vulnerability is due to the incorrect handling of malformed packets
that are received on the Lightspeed-Plus line cards. An attacker could
exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through
an affected device. A successful exploit could allow the attacker to cause
the Lightspeed-Plus line card to reset, resulting in a denial of service
(DoS) condition for any traffic that traverses that line card.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk
This advisory is part of the April 2022 release of the Cisco IOS XR
Software Security Advisory Bundled Publication. For a complete list of the
advisories and links to them, see Cisco Event Response: April 2022 Cisco
IOS XR Software Security Advisory Bundled Publication .
Affected Products
o Vulnerable Products
This vulnerability affects Cisco ASR 9000 Series Aggregation Services
Routers if they are running Cisco IOS-XR 64-bit Software and have a
Lightspeed-Plus-based line card installed.
For information about which Cisco software releases are vulnerable, see the
Fixed Software section of this advisory.
Determine Which Line Cards are Installed
To determine which line cards are installed in the device, use the show
platform CLI command.
The following line cards are Lightspeed-Plus-based:
A9K-4HG-FLEX-SE
A9K-4HG-FLEX-TR
A9K-8HG-FLEX-SE
A9K-8HG-FLEX-TR
A9K-20HG-FLEX-SE
A9K-20HG-FLEX-TR
A99-4HG-FLEX-SE
A99-4HG-FLEX-TR
A99-10X400GE-X-SE
A99-10X400GE-X-TR
A99-32X100GE-X-SE
A99-32X100GE-X-TR
For more information about line card type identification, see ASR 9000
Series Line Card Types .
Note: The Cisco Lightspeed-Plus list of product identifiers was accurate at
the time of publication. For specific questions and further clarification
about a product identifier, contact the Cisco Technical Assistance Center
(TAC).
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
IOS Software
IOS XE Software
IOS XR Platforms not listed in the Vulnerable Products section of this
advisory
NX-OS Software
Details
o When this vulnerability is successfully exploited, logs will show a warning
message similar to the following:
npu_server[351]: %PLATFORM-NP-4-HARD_RESET_START : NP0: Performing recovery action for an internal network processor error. (PA2REG.ppe_int1)
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades,
customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do
not entitle customers to a new software license, additional software
feature sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information
about licensing and downloads. This page can also display customer device
support coverage for customers who use the My Devices tool.
When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but
are unsuccessful in obtaining fixed software through their point of sale
should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c
/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared
to provide the URL of this advisory as evidence of entitlement to a free
upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases.
The right column indicates whether a release is affected by the
vulnerability described in this advisory and the first release that
includes the fix for this vulnerability. Customers are advised to upgrade
to an appropriate fixed software release as indicated in this section.
Cisco IOS XR Software First Fixed Release
Release
7.0 and earlier Not vulnerable.
7.1 Vulnerable; migrate to a fixed release or apply an
SMU or Service Pack.
7.2 Not vulnerable; no ASR9K support.
7.3 7.3.2
7.4 and later Not affected.
Cisco has released the following SMUs to address this vulnerability.
Customers who require SMUs for releases that are not listed are advised to
contact their support organization.
Cisco IOS XR Software Release Platform SMU Name
7.1.2 ASR9K-X64 asr9k-x64-7.1.2.CSCvy48962
7.1.3 ASR9K-X64 asr9k-x64-7.1.3.CSCvz75757
Cisco has released the following Service Packs that include the SMU to
address this vulnerability.
Cisco IOS XR Software Release Platform Service Pack Name
7.1.2 ASR9K-X64 asr9k-px-7.1.2.k9-sp1.tar
The Cisco Product Security Incident Response Team (PSIRT) validates only
the affected and fixed release information that is documented in this
advisory.
Exploitation and Public Announcements
o The Cisco PSIRT is not aware of any public announcements or malicious use
of the vulnerability that is described in this advisory.
Source
o This vulnerability was found during the resolution of a Cisco TAC support
case.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
Related to This Advisory
o Cisco Event Response: April 2022 Cisco IOS XR Software Security Advisory
Bundled Publication
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2022-APR-13 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYldiaeNLKJtyKPYoAQiWpg//cyU5gXvTNiuQihpEw+cnyG4yk6x/jHiE
2B4TnF0SX6DRaY6468DH6FGg6BCorpu5dXv8NDjBJTNAuXN7Jlsa1CGCWibYezn1
8yZWldtE3/XidX6vI3kLrvqY27gO8CKeBGUQ4kK1MPipBemi8ey71+/ZaI54RWOW
0arC6X0KpnQU1NSvgRwr4/K1OeNRFDKuuBi7r3UGjBI6prcBTp6sEpi/fF0enLfE
UE5JZnLVpOYfw8NfK0K+1ernldJ+hToljY6dYVPLK+HkHAN3cji1PIHK6htI3Tec
HrgjLqz9fU9QiPCVUmFzl5UtTvwGiexqJlUIAfuUc5zi9fLgwliMR9SVy4OAVPE9
YSxWbP8YjUMdIkO8bE8XKGnH03AU+mqmWj+j09gpPy7cT+373Sqxn7Mrcguc2aQ0
6uAlLD/1eSVLnN+p3Hmy8ozNabvcgR6gsRmM3x5rbF5UCypcpx3LMaHnLq/1h4re
94OdlVhnBm1GwlWIwlilCu8qBnmg9vNIQwu8xKwQPwudXnj2kwaWN6iwLU50caJ9
3WN0yWh8xd4ETnodiM7e2J+5Y2IUegwq6zjdGtYFE8DX7Nm/V50sWTUlJyMbq3wV
r+QLFqSwIBGNg+7wAMAONJHH9AbVbb2qSwIB540hJdR/1mSTJtGOEabxXS33JGKE
zNrH13/0LCM=
=uJk+
-----END PGP SIGNATURE-----