AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 1 óra 53 perc
2022. május 13.

ESB-2022.2337 - [Ubuntu] Linux kernel: CVSS (Max): 8.8*

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2337 USN-5415-1: Linux kernel vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-27223 CVE-2022-26490 CVE-2022-25375 CVE-2022-25258 CVE-2022-20008 CVE-2022-1016 CVE-2021-26401 CVE-2020-27820 CVE-2017-5715 Original Bulletin: https://ubuntu.com/security/notices/USN-5415-1 Comment: CVSS (Max): 8.8* CVE-2022-27223 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: [NVD], Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * Not all CVSS available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5415-1: Linux kernel vulnerabilities 12 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-azure - Linux kernel for Microsoft Azure Cloud systems o linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems o linux-azure-fde - Linux kernel for Microsoft Azure cloud systems o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems o linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems o linux-gke - Linux kernel for Google Container Engine (GKE) systems o linux-gkeop - Linux kernel for Google Container Engine (GKE) systems o linux-gkeop-5.4 - Linux kernel for Google Container Engine (GKE) systems o linux-hwe-5.4 - Linux hardware enablement (HWE) kernel o linux-ibm - Linux kernel for IBM cloud systems o linux-ibm-5.4 - Linux kernel for IBM cloud systems o linux-kvm - Linux kernel for cloud environments o linux-oracle - Linux kernel for Oracle Cloud systems o linux-oracle-5.4 - Linux kernel for Oracle Cloud systems o linux-raspi - Linux kernel for Raspberry Pi systems o linux-raspi-5.4 - Linux kernel for Raspberry Pi systems Details Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). ( CVE-2020-27820 ) Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. ( CVE-2021-26401 ) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). ( CVE-2022-1016 ) It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-20008 ) It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-25258 ) It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). ( CVE-2022-25375 ) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-26490 ) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-27223 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 o linux-image-5.4.0-1063-kvm - 5.4.0-1063.66 o linux-image-5.4.0-1073-aws - 5.4.0-1073.78 o linux-image-5.4.0-1060-raspi - 5.4.0-1060.68 o linux-image-gkeop - 5.4.0.1040.43 o linux-image-virtual - 5.4.0.110.114 o linux-image-generic - 5.4.0.110.114 o linux-image-5.4.0-110-generic - 5.4.0-110.124 o linux-image-oem - 5.4.0.110.114 o linux-image-5.4.0-1071-gke - 5.4.0-1071.76 o linux-image-raspi - 5.4.0.1060.94 o linux-image-5.4.0-1021-ibm - 5.4.0-1021.23 o linux-image-ibm - 5.4.0.1021.21 o linux-image-oem-osp1 - 5.4.0.110.114 o linux-image-5.4.0-110-lowlatency - 5.4.0-110.124 o linux-image-5.4.0-1078-azure - 5.4.0-1078.81 o linux-image-5.4.0-110-generic-lpae - 5.4.0-110.124 o linux-image-azure-lts-20.04 - 5.4.0.1078.76 o linux-image-gkeop-5.4 - 5.4.0.1040.43 o linux-image-azure-fde - 5.4.0.1078.81+cvm1.22 o linux-image-5.4.0-1040-gkeop - 5.4.0-1040.41 o linux-image-5.4.0-1078-azure-fde - 5.4.0-1078.81+cvm1.1 o linux-image-lowlatency - 5.4.0.110.114 o linux-image-gcp-lts-20.04 - 5.4.0.1073.81 o linux-image-ibm-lts-20.04 - 5.4.0.1021.21 o linux-image-aws-lts-20.04 - 5.4.0.1073.75 o linux-image-raspi2 - 5.4.0.1060.94 o linux-image-gke - 5.4.0.1071.80 o linux-image-5.4.0-1073-gcp - 5.4.0-1073.78 o linux-image-oracle-lts-20.04 - 5.4.0.1071.71 o linux-image-gke-5.4 - 5.4.0.1071.80 o linux-image-kvm - 5.4.0.1063.62 o linux-image-generic-lpae - 5.4.0.110.114 o linux-image-5.4.0-1071-oracle - 5.4.0-1071.77 Ubuntu 18.04 o linux-image-generic-hwe-18.04 - 5.4.0.110.124~18.04.95 o linux-image-snapdragon-hwe-18.04 - 5.4.0.110.124~18.04.95 o linux-image-5.4.0-110-generic - 5.4.0-110.124~18.04.1 o linux-image-oem - 5.4.0.110.124~18.04.95 o linux-image-raspi-hwe-18.04 - 5.4.0.1060.61 o linux-image-5.4.0-1021-ibm - 5.4.0-1021.23~18.04.1 o linux-image-ibm - 5.4.0.1021.38 o linux-image-oem-osp1 - 5.4.0.110.124~18.04.95 o linux-image-5.4.0-110-lowlatency - 5.4.0-110.124~18.04.1 o linux-image-generic-lpae-hwe-18.04 - 5.4.0.110.124~18.04.95 o linux-image-lowlatency-hwe-18.04 - 5.4.0.110.124~18.04.95 o linux-image-5.4.0-110-generic-lpae - 5.4.0-110.124~18.04.1 o linux-image-gkeop-5.4 - 5.4.0.1040.41~18.04.40 o linux-image-5.4.0-1040-gkeop - 5.4.0-1040.41~18.04.1 o linux-image-azure - 5.4.0.1078.57 o linux-image-virtual-hwe-18.04 - 5.4.0.110.124~18.04.95 o linux-image-5.4.0-1060-raspi - 5.4.0-1060.68~18.04.1 o linux-image-gcp - 5.4.0.1073.57 o linux-image-oracle - 5.4.0.1071.77~18.04.50 o linux-image-5.4.0-1078-azure - 5.4.0-1078.81~18.04.1 o linux-image-5.4.0-1073-gcp - 5.4.0-1073.78~18.04.1 o linux-image-5.4.0-1071-oracle - 5.4.0-1071.77~18.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2022-1016 o CVE-2022-20008 o CVE-2022-25258 o CVE-2020-27820 o CVE-2022-25375 o CVE-2022-26490 o CVE-2022-27223 o CVE-2021-26401 Related notices o USN-5381-1 : linux-headers-oem-20.04d, linux-oem-5.14-tools-5.14.0-1033, linux-headers-5.14.0-1033-oem, linux-tools-oem-20.04, linux-oem-20.04c, linux-oem-20.04d, linux-image-oem-20.04b, linux-oem-20.04, linux-oem-20.04b, linux-tools-oem-20.04d, linux-image-oem-20.04c, linux-image-unsigned-5.14.0-1033-oem, linux-image-oem-20.04, linux-modules-5.14.0-1033-oem, linux-image-oem-20.04d, linux-headers-oem-20.04c, linux-oem-5.14-tools-host, linux-tools-5.14.0-1033-oem, linux-image-5.14.0-1033-oem, linux-tools-oem-20.04b, linux-headers-oem-20.04, linux-oem-5.14-headers-5.14.0-1033, linux-headers-oem-20.04b, linux-tools-oem-20.04c, linux-oem-5.14, linux-buildinfo-5.14.0-1033-oem o USN-5383-1 : linux-modules-5.13.0-40-lowlatency, linux-modules-extra-5.13.0-40-generic, linux-aws-headers-5.13.0-1022, linux-source-5.13.0, linux-image-5.13.0-40-lowlatency, linux-tools-lowlatency, linux-tools-virtual-hwe-20.04-edge, linux-headers-5.13.0-40-generic, linux-libc-dev, linux-modules-extra-5.13.0-1011-intel, linux-tools-oem-20.04, linux-headers-raspi, linux-headers-generic-lpae, linux-buildinfo-5.13.0-40-generic-64k, linux-modules-5.13.0-1021-kvm, linux-intel-5.13-tools-host, linux-oem-20.04, linux-tools-generic-hwe-20.04, linux-hwe-5.13-headers-5.13.0-40, linux-aws-5.13, linux-headers-generic-64k-hwe-20.04-edge, linux-intel-5.13-tools-5.13.0-1011, linux-modules-5.13.0-40-generic, linux-modules-extra-5.13.0-1025-raspi, linux-tools-generic-lpae-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-gcp-5.13-tools-5.13.0-1024, linux-headers-5.13.0-1021-kvm, linux-headers-generic-lpae-hwe-20.04, linux-raspi-tools-5.13.0-1025, linux-oracle-5.13-tools-5.13.0-1027, linux-gcp, linux-lowlatency-hwe-20.04, linux-modules-extra-aws-edge, linux-headers-gke, linux-modules-extra-5.13.0-1024-gcp, linux-modules-extra-gcp, linux-tools-5.13.0-1021-kvm, linux-generic-lpae-hwe-20.04-edge, linux-modules-5.13.0-40-generic-64k, linux-image-5.13.0-1011-intel, linux-image-5.13.0-40-generic-lpae, linux-headers-aws-edge, linux-image-generic-lpae, linux-image-unsigned-5.13.0-1022-aws, linux-tools-5.13.0-1025-raspi, linux-tools-virtual, linux-image-gcp, linux-image-aws, linux-generic-lpae, linux-headers-oracle-edge, linux-generic-64k-hwe-20.04-edge, linux-intel-5.13-headers-5.13.0-1011, linux-image-5.13.0-40-generic, linux-tools-5.13.0-40-lowlatency, linux-azure-cloud-tools-5.13.0-1022, linux-modules-5.13.0-1025-raspi-nolpae, linux-kvm-headers-5.13.0-1021, linux-cloud-tools-lowlatency-hwe-20.04, linux-headers-virtual-hwe-20.04-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-20.04-edge, linux-azure-5.13-headers-5.13.0-1022, linux-tools-aws-edge, linux-buildinfo-5.13.0-1025-raspi-nolpae, linux-kvm-tools-5.13.0-1021, linux-image-azure-edge, linux-headers-lowlatency, linux-headers-5.13.0-40-generic-lpae, linux-image-lowlatency-hwe-20.04-edge, linux-image-raspi, linux-tools-virtual-hwe-20.04, linux-cloud-tools-generic, linux-tools-azure-edge, linux-generic-64k-hwe-20.04, linux-doc, linux-image-5.13.0-1025-raspi, linux-gke, linux-image-virtual-hwe-20.04, linux, linux-intel-5.13-source-5.13.0, linux-oracle-5.13-headers-5.13.0-1027, linux-tools-generic-64k, linux-cloud-tools-5.13.0-1022-aws, linux-image-generic-lpae-hwe-20.04-edge, linux-azure-5.13, linux-intel, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-image-5.13.0-1025-raspi-nolpae, linux-headers-azure, linux-cloud-tools-5.13.0-1022-azure, linux-tools-oracle, linux-headers-5.13.0-1024-gcp, linux-image-generic-hwe-20.04, linux-image-azure, linux-intel-5.13-tools-common, linux-kvm, linux-modules-extra-azure-edge, linux-oracle-tools-5.13.0-1027, linux-modules-extra-aws, linux-aws, linux-aws-tools-5.13.0-1022, linux-cloud-tools-5.13.0-40-generic, linux-cloud-tools-5.13.0-40-lowlatency, linux-cloud-tools-virtual-hwe-20.04, linux-lowlatency, linux-modules-extra-5.13.0-1025-raspi-nolpae, linux-tools-5.13.0-40-generic-64k, linux-generic-hwe-20.04, linux-tools-host, linux-image-unsigned-5.13.0-40-generic-64k, linux-tools-raspi, linux-image-unsigned-5.13.0-1021-kvm, linux-aws-edge, linux-image-5.13.0-1022-aws, linux-headers-oracle, linux-buildinfo-5.13.0-1021-kvm, linux-tools-5.13.0-1025-raspi-nolpae, linux-cloud-tools-azure, linux-gcp-5.13, linux-virtual-hwe-20.04, linux-gcp-headers-5.13.0-1024, linux-headers-generic-64k-hwe-20.04, linux-tools-5.13.0-1024-gcp, linux-image-5.13.0-1024-gcp, linux-azure-5.13-tools-5.13.0-1022, linux-image-oracle-edge, linux-image-unsigned-5.13.0-1024-gcp, linux-modules-extra-5.13.0-1022-aws, linux-raspi, linux-cloud-tools-5.13.0-1011-intel, linux-image-5.13.0-1021-kvm, linux-aws-5.13-cloud-tools-5.13.0-1022, linux-tools-gcp, linux-aws-5.13-tools-5.13.0-1022, linux-intel-5.13-cloud-tools-5.13.0-1011, linux-oracle, linux-hwe-5.13-cloud-tools-common, linux-modules-5.13.0-1022-azure, linux-headers-5.13.0-1027-oracle, linux-gcp-edge, linux-headers-generic-64k, linux-image-generic-64k, linux-raspi-headers-5.13.0-1025, linux-image-generic-64k-hwe-20.04-edge, linux-cloud-tools-common, linux-headers-5.13.0-40-lowlatency, linux-image-unsigned-5.13.0-40-generic, linux-modules-5.13.0-1027-oracle, linux-generic, linux-modules-5.13.0-1024-gcp, linux-tools-5.13.0-1027-oracle, linux-buildinfo-5.13.0-40-generic, linux-cloud-tools-virtual-hwe-20.04-edge, linux-tools-5.13.0-1011-intel, linux-buildinfo-5.13.0-40-generic-lpae, linux-hwe-5.13-tools-5.13.0-40, linux-modules-5.13.0-40-generic-lpae, linux-tools-gcp-edge, linux-headers-virtual-hwe-20.04, linux-tools-5.13.0-1022-aws, linux-headers-azure-edge, linux-image-generic, linux-tools-common, linux-buildinfo-5.13.0-1022-aws, linux-headers-5.13.0-1011-intel, linux-modules-extra-gcp-edge, linux-oracle-headers-5.13.0-1027, linux-headers-lowlatency-hwe-20.04-edge, linux-tools-azure, linux-image-extra-virtual, linux-headers-5.13.0-1025-raspi, linux-cloud-tools-azure-edge, linux-headers-5.13.0-1022-azure, linux-cloud-tools-virtual, linux-tools-5.13.0-40-generic-lpae, linux-virtual-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04, linux-modules-extra-azure, linux-tools-oracle-edge, linux-source, linux-aws-5.13-headers-5.13.0-1022, linux-cloud-tools-generic-hwe-20.04, linux-image-generic-hwe-20.04-edge, linux-image-oracle, linux-tools-aws, linux-hwe-5.13-cloud-tools-5.13.0-40, linux-cloud-tools-lowlatency, linux-image-unsigned-5.13.0-1011-intel, linux-tools-gke, linux-image-gcp-edge, linux-tools-kvm, linux-image-virtual-hwe-20.04-edge, linux-hwe-5.13-tools-host, linux-tools-5.13.0-40-generic, linux-azure, linux-headers-generic-hwe-20.04, linux-tools-raspi-nolpae, linux-image-unsigned-5.13.0-40-lowlatency, linux-buildinfo-5.13.0-1011-intel, linux-modules-5.13.0-1011-intel, linux-generic-hwe-20.04-edge, linux-buildinfo-5.13.0-1022-azure, linux-image-extra-virtual-hwe-20.04, linux-image-intel, linux-headers-5.13.0-40-generic-64k, linux-headers-aws, linux-image-5.13.0-1022-azure, linux-image-gke, linux-image-aws-edge, linux-raspi-nolpae, linux-headers-raspi-nolpae, linux-buildinfo-5.13.0-1024-gcp, linux-image-unsigned-5.13.0-1027-oracle, linux-headers-5.13.0-1025-raspi-nolpae, linux-image-5.13.0-1027-oracle, linux-azure-headers-5.13.0-1022, linux-intel-5.13-cloud-tools-common, linux-headers-generic, linux-tools-generic, linux-image-extra-virtual-hwe-20.04-edge, linux-aws-cloud-tools-5.13.0-1022, linux-tools-lowlatency-hwe-20.04-edge, linux-oracle-edge, linux-image-5.13.0-40-generic-64k, linux-hwe-5.13-tools-common, linux-buildinfo-5.13.0-1027-oracle, linux-image-oem-20.04, linux-image-kvm, linux-lowlatency-hwe-20.04-edge, linux-cloud-tools-5.13.0-40, linux-virtual, linux-headers-5.13.0-40, linux-gcp-5.13-headers-5.13.0-1024, linux-image-raspi-nolpae, linux-modules-extra-gke, linux-headers-gcp, linux-modules-5.13.0-1022-aws, linux-tools-generic-lpae, linux-image-generic-64k-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-buildinfo-5.13.0-40-lowlatency, linux-tools-generic-64k-hwe-20.04, linux-image-lowlatency-hwe-20.04, linux-azure-tools-5.13.0-1022, linux-tools-5.13.0-1022-azure, linux-hwe-5.13, linux-generic-lpae-hwe-20.04, linux-modules-5.13.0-1025-raspi, linux-intel-5.13, linux-headers-oem-20.04, linux-buildinfo-5.13.0-1025-raspi, linux-tools-intel, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-hwe-5.13-source-5.13.0, linux-modules-extra-5.13.0-1027-oracle, linux-oracle-5.13, linux-tools-generic-lpae-hwe-20.04-edge, linux-modules-extra-raspi, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-5.13.0-1022-aws, linux-modules-extra-raspi-nolpae, linux-generic-64k, linux-gcp-tools-5.13.0-1024, linux-headers-intel, linux-headers-kvm, linux-headers-lowlatency-hwe-20.04, linux-azure-5.13-cloud-tools-5.13.0-1022, linux-headers-gcp-edge, linux-image-unsigned-5.13.0-1022-azure, linux-tools-5.13.0-40, linux-modules-extra-5.13.0-1022-azure, linux-image-virtual, linux-azure-edge, linux-cloud-tools-intel o USN-5390-1 : linux-modules-extra-5.15.0-27-generic, linux-ibm-headers-5.15.0-1003, linux-headers-5.15.0-1003-gke, linux-image-lowlatency-64k-hwe-22.04, linux-tools-lowlatency, linux-cloud-tools-lowlatency-hwe-22.04, linux-kvm-headers-5.15.0-1005, linux-buildinfo-5.15.0-1003-oracle, linux-libc-dev, linux-image-generic-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1005-aws, linux-headers-generic-lpae-hwe-22.04, linux-tools-lowlatency-hwe-22.04, linux-headers-5.15.0-27-lowlatency-64k, linux-headers-generic-lpae, linux-tools-oem-20.04, linux-modules-5.15.0-27-generic-64k, linux-oem-20.04, linux-tools-generic-hwe-20.04, linux-headers-generic-64k-hwe-20.04-edge, linux-tools-lowlatency-64k-hwe-22.04, linux-azure-cloud-tools-5.15.0-1005, linux-tools-lowlatency-64k, linux-tools-generic-lpae-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04, linux-buildinfo-5.15.0-27-generic, linux-image-5.15.0-27-lowlatency-64k, linux-cloud-tools-virtual-hwe-22.04, linux-gcp, linux-image-extra-virtual-hwe-22.04-edge, linux-lowlatency-hwe-20.04, linux-cloud-tools-5.15.0-27-generic, linux-headers-gke, linux-tools-virtual-hwe-22.04, linux-modules-extra-gcp, linux-headers-5.15.0-27-generic-64k, linux-generic-lpae-hwe-20.04-edge, linux-azure-tools-5.15.0-1005, linux-headers-5.15.0-27-generic, linux-virtual-hwe-22.04, linux-headers-5.15.0-27, linux-modules-5.15.0-27-generic, linux-tools-lowlatency-64k-hwe-20.04, linux-image-generic-lpae, linux-tools-virtual, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-headers-generic-64k-hwe-22.04, linux-image-5.15.0-1005-kvm, linux-image-gcp, linux-image-aws, linux-generic-lpae, linux-tools-virtual-hwe-22.04-edge, linux-aws-tools-5.15.0-1005, linux-generic-64k-hwe-20.04-edge, linux-kvm-tools-5.15.0-1005, linux-image-lowlatency-64k, linux-cloud-tools-lowlatency-hwe-20.04, linux-headers-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-27-lowlatency, linux-image-generic-lpae-hwe-22.04, linux-lowlatency-64k-hwe-22.04, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-20.04-edge, linux-buildinfo-5.15.0-1003-gke, linux-cloud-tools-5.15.0-1005-aws, linux-gke-tools-5.15.0-1003, linux-image-lowlatency-64k-hwe-22.04-edge, linux-headers-5.15.0-1004-gcp, linux-tools-5.15.0-27, linux-headers-lowlatency, linux-ibm-source-5.15.0, linux-image-lowlatency-hwe-20.04-edge, linux-tools-virtual-hwe-20.04, linux-tools-5.15.0-27-generic-lpae, linux-image-virtual-hwe-22.04, linux-cloud-tools-generic, linux-modules-5.15.0-1005-kvm, linux-tools-5.15.0-1004-gcp, linux-generic-64k-hwe-20.04, linux-gke-headers-5.15.0-1003, linux-doc, linux-image-unsigned-5.15.0-1003-ibm, linux-tools-generic-64k, linux-gke, linux-image-unsigned-5.15.0-1005-kvm, linux, linux-image-virtual-hwe-20.04, linux-image-5.15.0-27-generic-64k, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1004-gcp, linux-oracle-headers-5.15.0-1003, linux-image-generic-lpae-hwe-20.04-edge, linux-tools-5.15.0-1005-aws, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-buildinfo-5.15.0-1005-azure, linux-headers-azure, linux-tools-oracle, linux-image-generic-hwe-20.04, linux-image-azure, linux-kvm, linux-image-unsigned-5.15.0-1005-azure, linux-tools-5.15.0-27-lowlatency-64k, linux-modules-extra-aws, linux-aws, linux-cloud-tools-virtual-hwe-20.04, linux-lowlatency, linux-tools-host, linux-cloud-tools-5.15.0-1005-azure, linux-generic-hwe-20.04, linux-generic-hwe-22.04-edge, linux-image-lowlatency-64k-hwe-20.04-edge, linux-image-unsigned-5.15.0-1003-gke, linux-tools-gke-5.15, linux-image-extra-virtual-hwe-22.04, linux-headers-oracle, linux-modules-extra-5.15.0-1003-gke, linux-cloud-tools-azure, linux-image-lowlatency-64k-hwe-20.04, linux-virtual-hwe-20.04, linux-cloud-tools-generic-hwe-22.04-edge, linux-generic-64k-hwe-22.04-edge, linux-headers-gke-5.15, linux-headers-generic-64k-hwe-20.04, linux-azure-headers-5.15.0-1005, linux-headers-virtual-hwe-22.04, linux-lowlatency-tools-common, linux-modules-5.15.0-1003-gke, linux-tools-generic-64k-hwe-22.04, linux-tools-generic-lpae-hwe-22.04-edge, linux-buildinfo-5.15.0-27-generic-64k, linux-image-lowlatency-hwe-22.04-edge, linux-cloud-tools-virtual-hwe-22.04-edge, linux-modules-5.15.0-1005-azure, linux-lowlatency-headers-5.15.0-27, linux-modules-5.15.0-1003-oracle, linux-tools-gcp, linux-buildinfo-5.15.0-27-lowlatency-64k, linux-generic-hwe-22.04, linux-gcp-headers-5.15.0-1004, linux-oracle-tools-5.15.0-1003, linux-oracle, linux-headers-generic-64k-hwe-22.04-edge, linux-tools-generic-hwe-22.04-edge, linux-image-5.15.0-1005-aws, linux-tools-generic-hwe-22.04, linux-gke-5.15, linux-image-unsigned-5.15.0-1004-gcp, linux-headers-lowlatency-64k, linux-lowlatency-tools-5.15.0-27, linux-modules-5.15.0-1003-ibm, linux-headers-generic-64k, linux-image-generic-64k, linux-image-unsigned-5.15.0-1005-aws, linux-image-generic-64k-hwe-20.04-edge, linux-gcp-tools-5.15.0-1004, linux-cloud-tools-common, linux-image-5.15.0-27-generic-lpae, linux-modules-extra-5.15.0-1003-ibm, linux-source-5.15.0, linux-lowlatency-64k, linux-generic, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-modules-extra-5.15.0-1005-azure, linux-cloud-tools-generic-hwe-22.04, linux-tools-5.15.0-1003-gke, linux-buildinfo-5.15.0-27-generic-lpae, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-5.15.0-1005-kvm, linux-headers-5.15.0-1003-oracle, linux-headers-lowlatency-hwe-22.04, linux-tools-5.15.0-1003-ibm, linux-image-5.15.0-1004-gcp, linux-generic-lpae-hwe-22.04, linux-headers-generic-hwe-22.04, linux-image-generic, linux-image-generic-hwe-22.04-edge, linux-lowlatency-cloud-tools-5.15.0-27, linux-tools-common, linux-lowlatency-hwe-22.04-edge, linux-aws-headers-5.15.0-1005, linux-tools-azure, linux-headers-lowlatency-hwe-20.04-edge, linux-image-extra-virtual, linux-tools-ibm, linux-modules-5.15.0-1004-gcp, linux-headers-5.15.0-1005-aws, linux-ibm-cloud-tools-common, linux-tools-5.15.0-27-lowlatency, linux-headers-lowlatency-64k-hwe-22.04, linux-virtual-hwe-22.04-edge, linux-virtual-hwe-20.04-edge, linux-cloud-tools-virtual, linux-image-5.15.0-1003-ibm, linux-buildinfo-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-20.04, linux-cloud-tools-5.15.0-27-lowlatency, linux-image-5.15.0-27-lowlatency, linux-lowlatency-64k-hwe-20.04-edge, linux-modules-5.15.0-27-lowlatency, linux-modules-extra-azure, linux-tools-lowlatency-64k-hwe-20.04-edge, linux-generic-lpae-hwe-22.04-edge, linux-headers-virtual-hwe-22.04-edge, linux-lowlatency-cloud-tools-common, linux-source, linux-tools-5.15.0-1003-oracle, linux-cloud-tools-generic-hwe-20.04, linux-image-5.15.0-1003-gke, linux-image-generic-hwe-20.04-edge, linux-image-oracle, linux-modules-5.15.0-27-generic-lpae, linux-tools-aws, linux-cloud-tools-lowlatency, linux-tools-gke, linux-tools-kvm, linux-tools-generic-lpae-hwe-22.04, linux-image-virtual-hwe-20.04-edge, linux-azure, linux-headers-generic-hwe-20.04, linux-tools-generic-64k-hwe-22.04-edge, linux-image-unsigned-5.15.0-27-lowlatency-64k, linux-generic-hwe-20.04-edge, linux-image-extra-virtual-hwe-20.04, linux-lowlatency-64k-hwe-20.04, linux-headers-aws, linux-buildinfo-5.15.0-1003-ibm, linux-image-gke, linux-image-gke-5.15, linux-image-lowlatency-hwe-22.04, linux-buildinfo-5.15.0-27-lowlatency, linux-tools-virtual-hwe-20.04-edge, linux-headers-5.15.0-27-lowlatency, linux-image-virtual-hwe-22.04-edge, linux-cloud-tools-5.15.0-27, linux-headers-generic, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-tools-generic, linux-image-5.15.0-27-generic, linux-ibm-tools-common, linux-image-generic-hwe-22.04, linux-image-extra-virtual-hwe-20.04-edge, linux-image-ibm, linux-tools-5.15.0-1005-kvm, linux-tools-lowlatency-hwe-20.04-edge, linux-modules-5.15.0-1005-aws, linux-modules-extra-5.15.0-1003-oracle, linux-image-generic-lpae-hwe-22.04-edge, linux-modules-5.15.0-27-lowlatency-64k, linux-headers-ibm, linux-headers-generic-lpae-hwe-22.04-edge, linux-image-oem-20.04, linux-image-kvm, linux-lowlatency-hwe-20.04-edge, linux-lowlatency-tools-host, linux-tools-5.15.0-27-generic-64k, linux-virtual, linux-buildinfo-5.15.0-1005-kvm, linux-image-unsigned-5.15.0-27-generic, linux-tools-5.15.0-27-generic, linux-headers-gcp, linux-ibm, linux-tools-generic-lpae, linux-headers-lowlatency-64k-hwe-20.04, linux-image-generic-64k-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-tools-generic-64k-hwe-20.04, linux-headers-5.15.0-1003-ibm, linux-tools-5.15.0-1005-azure, linux-image-lowlatency-hwe-20.04, linux-buildinfo-5.15.0-1005-aws, linux-generic-64k-hwe-22.04, linux-generic-lpae-hwe-20.04, linux-image-generic-64k-hwe-22.04, linux-headers-generic-hwe-22.04-edge, linux-image-5.15.0-1005-azure, linux-headers-oem-20.04, linux-lowlatency-64k-hwe-22.04-edge, linux-image-unsigned-5.15.0-27-generic-64k, linux-lowlatency-hwe-22.04, linux-headers-lowlatency-hwe-22.04-edge, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-tools-generic-lpae-hwe-20.04-edge, linux-cloud-tools-generic-hwe-20.04-edge, linux-aws-cloud-tools-5.15.0-1005, linux-tools-lowlatency-hwe-22.04-edge, linux-image-5.15.0-1003-oracle, linux-generic-64k, linux-headers-kvm, linux-image-unsigned-5.15.0-1003-oracle, linux-headers-lowlatency-hwe-20.04, linux-headers-5.15.0-27-generic-lpae, linux-image-virtual, linux-ibm-tools-5.15.0-1003, linux-headers-5.15.0-1005-azure, linux-headers-virtual-hwe-20.04 o USN-5390-2 : linux-image-5.15.0-1006-raspi-nolpae, linux-modules-extra-5.15.0-1006-raspi, linux-tools-5.15.0-1006-raspi, linux-headers-raspi, linux-headers-5.15.0-1006-raspi, linux-buildinfo-5.15.0-1006-raspi-nolpae, linux-tools-raspi, linux-image-raspi-nolpae, linux-buildinfo-5.15.0-1006-raspi, linux-modules-5.15.0-1006-raspi-nolpae, linux-modules-extra-5.15.0-1006-raspi-nolpae, linux-headers-5.15.0-1006-raspi-nolpae, linux-image-5.15.0-1006-raspi, linux-tools-5.15.0-1006-raspi-nolpae, linux-raspi-headers-5.15.0-1006, linux-raspi, linux-modules-extra-raspi, linux-tools-raspi-nolpae, linux-modules-extra-raspi-nolpae, linux-image-raspi, linux-raspi-tools-5.15.0-1006, linux-raspi-nolpae, linux-headers-raspi-nolpae, linux-modules-5.15.0-1006-raspi o USN-5417-1 : linux-source-5.13.0, linux-azure-5.13-cloud-tools-5.13.0-1023, linux-headers-5.13.0-1026-raspi, linux-tools-lowlatency, linux-tools-virtual-hwe-20.04-edge, linux-modules-5.13.0-41-generic, linux-libc-dev, linux-tools-oem-20.04, linux-aws-headers-5.13.0-1023, linux-buildinfo-5.13.0-1023-azure, linux-headers-generic-lpae, linux-headers-raspi, linux-buildinfo-5.13.0-41-generic, linux-oem-20.04, linux-tools-generic-hwe-20.04, linux-aws-5.13, linux-cloud-tools-5.13.0-41-lowlatency, linux-headers-generic-64k-hwe-20.04-edge, linux-headers-5.13.0-41-generic-64k, linux-headers-5.13.0-1026-raspi-nolpae, linux-aws-tools-5.13.0-1023, linux-tools-generic-lpae-hwe-20.04, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04, linux-gcp, linux-headers-5.13.0-41-lowlatency, linux-lowlatency-hwe-20.04, linux-modules-extra-aws-edge, linux-image-5.13.0-41-generic-lpae, linux-headers-gke, linux-aws-cloud-tools-5.13.0-1023, linux-buildinfo-5.13.0-41-generic-lpae, linux-hwe-5.13-cloud-tools-5.13.0-41, linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-5.13.0-1028-oracle, linux-image-generic-lpae, linux-headers-aws-edge, linux-image-5.13.0-41-generic, linux-tools-virtual, linux-image-gcp, linux-headers-5.13.0-41-generic-lpae, linux-generic-lpae, linux-image-aws, linux-generic-64k-hwe-20.04-edge, linux-tools-5.13.0-1023-azure, linux-cloud-tools-lowlatency-hwe-20.04, linux-hwe-5.13-tools-5.13.0-41, linux-headers-virtual-hwe-20.04-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-generic-hwe-20.04-edge, linux-modules-extra-5.13.0-1025-gcp, linux-tools-aws-edge, linux-image-5.13.0-1022-kvm, linux-azure-5.13-headers-5.13.0-1023, linux-headers-5.13.0-1028-oracle, linux-image-azure-edge, linux-headers-lowlatency, linux-image-lowlatency-hwe-20.04-edge, linux-image-raspi, linux-tools-virtual-hwe-20.04, linux-cloud-tools-generic, linux-tools-azure-edge, linux-azure-headers-5.13.0-1023, linux-generic-64k-hwe-20.04, linux-doc, linux-headers-5.13.0-41, linux-gke, linux-image-virtual-hwe-20.04, linux, linux-tools-generic-64k, linux-image-generic-lpae-hwe-20.04-edge, linux-azure-5.13, linux-tools-5.13.0-41-lowlatency, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-headers-azure, linux-tools-oracle, linux-azure-tools-5.13.0-1023, linux-image-5.13.0-1026-raspi, linux-image-generic-hwe-20.04, linux-modules-extra-5.13.0-1023-aws, linux-image-azure, linux-image-unsigned-5.13.0-41-lowlatency, linux-modules-extra-azure-edge, linux-kvm, linux-modules-extra-aws, linux-aws, linux-cloud-tools-virtual-hwe-20.04, linux-lowlatency, linux-cloud-tools-5.13.0-41-generic, linux-tools-host, linux-modules-extra-5.13.0-1028-oracle, linux-generic-hwe-20.04, linux-tools-raspi, linux-aws-edge, linux-azure-cloud-tools-5.13.0-1023, linux-headers-oracle, linux-cloud-tools-azure, linux-gcp-5.13, linux-virtual-hwe-20.04, linux-headers-generic-64k-hwe-20.04, linux-headers-5.13.0-41-generic, linux-buildinfo-5.13.0-1022-kvm, linux-raspi, linux-kvm-tools-5.13.0-1022, linux-aws-5.13-cloud-tools-5.13.0-1023, linux-buildinfo-5.13.0-1026-raspi, linux-tools-gcp, linux-raspi-headers-5.13.0-1026, linux-headers-5.13.0-1025-gcp, linux-oracle, linux-oracle-headers-5.13.0-1028, linux-hwe-5.13-cloud-tools-common, linux-gcp-tools-5.13.0-1025, linux-image-5.13.0-1028-oracle, linux-image-unsigned-5.13.0-1023-aws, linux-gcp-edge, linux-headers-generic-64k, linux-image-generic-64k, linux-tools-5.13.0-41, linux-buildinfo-5.13.0-1023-aws, linux-image-generic-64k-hwe-20.04-edge, linux-cloud-tools-common, linux-buildinfo-5.13.0-41-lowlatency, linux-cloud-tools-5.13.0-1023-azure, linux-tools-5.13.0-1026-raspi, linux-generic, linux-tools-gcp-edge, linux-cloud-tools-virtual-hwe-20.04-edge, linux-image-5.13.0-1023-aws, linux-modules-extra-5.13.0-1026-raspi-nolpae, linux-hwe-5.13-headers-5.13.0-41, linux-image-5.13.0-41-lowlatency, linux-headers-azure-edge, linux-image-generic, linux-tools-5.13.0-1025-gcp, linux-modules-5.13.0-1023-aws, linux-tools-common, linux-modules-extra-gcp-edge, linux-tools-azure, linux-headers-lowlatency-hwe-20.04-edge, linux-image-5.13.0-41-generic-64k, linux-image-extra-virtual, linux-image-unsigned-5.13.0-1022-kvm, linux-buildinfo-5.13.0-1025-gcp, linux-tools-5.13.0-1026-raspi-nolpae, linux-tools-5.13.0-41-generic-64k, linux-tools-5.13.0-1022-kvm, linux-modules-extra-5.13.0-1026-raspi, linux-cloud-tools-azure-edge, linux-cloud-tools-5.13.0-1023-aws, linux-cloud-tools-virtual, linux-virtual-hwe-20.04-edge, linux-gcp-5.13-tools-5.13.0-1025, linux-headers-5.13.0-1023-azure, linux-image-generic-lpae-hwe-20.04, linux-image-unsigned-5.13.0-41-generic-64k, linux-aws-5.13-tools-5.13.0-1023, linux-gcp-5.13-headers-5.13.0-1025, linux-modules-extra-azure, linux-source, linux-headers-5.13.0-1023-aws, linux-cloud-tools-generic-hwe-20.04, linux-modules-5.13.0-41-lowlatency, linux-image-generic-hwe-20.04-edge, linux-image-oracle, linux-tools-aws, linux-tools-gke, linux-cloud-tools-lowlatency, linux-modules-5.13.0-41-generic-64k, linux-oracle-tools-5.13.0-1028, linux-image-gcp-edge, linux-tools-kvm, linux-image-virtual-hwe-20.04-edge, linux-hwe-5.13-tools-host, linux-image-unsigned-5.13.0-1025-gcp, linux-azure, linux-headers-generic-hwe-20.04, linux-modules-5.13.0-1023-azure, linux-modules-5.13.0-41-generic-lpae, linux-tools-raspi-nolpae, linux-generic-hwe-20.04-edge, linux-raspi-nolpae, linux-image-extra-virtual-hwe-20.04, linux-headers-aws, linux-image-gke, linux-aws-5.13-headers-5.13.0-1023, linux-image-aws-edge, linux-headers-raspi-nolpae, linux-raspi-tools-5.13.0-1026, linux-buildinfo-5.13.0-1026-raspi-nolpae, linux-tools-5.13.0-1023-aws, linux-buildinfo-5.13.0-1028-oracle, linux-modules-extra-5.13.0-41-generic, linux-headers-generic, linux-kvm-headers-5.13.0-1022, linux-tools-generic, linux-image-extra-virtual-hwe-20.04-edge, linux-modules-5.13.0-1022-kvm, linux-tools-5.13.0-41-generic-lpae, linux-tools-lowlatency-hwe-20.04-edge, linux-buildinfo-5.13.0-41-generic-64k, linux-hwe-5.13-tools-common, linux-modules-5.13.0-1028-oracle, linux-image-oem-20.04, linux-image-kvm, linux-lowlatency-hwe-20.04-edge, linux-modules-5.13.0-1026-raspi-nolpae, linux-virtual, linux-image-raspi-nolpae, linux-cloud-tools-5.13.0-41, linux-image-5.13.0-1026-raspi-nolpae, linux-image-5.13.0-1025-gcp, linux-image-unsigned-5.13.0-41-generic, linux-modules-extra-gke, linux-headers-gcp, linux-tools-generic-lpae, linux-azure-5.13-tools-5.13.0-1023, linux-image-generic-64k-hwe-20.04, linux-headers-5.13.0-1022-kvm, linux-tools-lowlatency-hwe-20.04, linux-tools-generic-64k-hwe-20.04, linux-image-lowlatency-hwe-20.04, linux-modules-5.13.0-1025-gcp, linux-tools-5.13.0-41-generic, linux-hwe-5.13, linux-generic-lpae-hwe-20.04, linux-image-unsigned-5.13.0-1023-azure, linux-headers-oem-20.04, linux-gcp-headers-5.13.0-1025, linux-modules-5.13.0-1026-raspi, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-hwe-5.13-source-5.13.0, linux-tools-generic-lpae-hwe-20.04-edge, linux-modules-extra-raspi, linux-cloud-tools-generic-hwe-20.04-edge, linux-modules-extra-5.13.0-1023-azure, linux-modules-extra-raspi-nolpae, linux-image-5.13.0-1023-azure, linux-generic-64k, linux-headers-kvm, linux-headers-lowlatency-hwe-20.04, linux-headers-gcp-edge, linux-image-unsigned-5.13.0-1028-oracle, linux-image-virtual, linux-azure-edge, linux-headers-virtual-hwe-20.04 o USN-5418-1 : linux-image-aws-hwe, linux-snapdragon-headers-4.15.0-1127, linux-modules-4.15.0-177-generic-lpae, linux-modules-extra-4.15.0-177-generic, linux-signed-lowlatency-hwe-16.04, linux-tools-4.15.0-1127-snapdragon, linux-headers-aws-lts-18.04, linux-tools-lowlatency, linux-libc-dev, linux-signed-image-lowlatency-hwe-16.04, linux-headers-generic-lpae, linux-signed-lowlatency-hwe-16.04-edge, linux-signed-oracle-lts-18.04, linux-tools-4.15.0-177-generic-lpae, linux-headers-dell300x, linux-image-4.15.0-1128-aws-hwe, linux-modules-extra-4.15.0-1128-aws, linux-buildinfo-4.15.0-1128-aws, linux-modules-4.15.0-1122-gcp, linux-tools-lowlatency-hwe-16.04, linux-signed-image-azure, linux-tools-generic-hwe-16.04-edge, linux-buildinfo-4.15.0-1127-snapdragon, linux-buildinfo-4.15.0-177-generic-lpae, linux-image-generic-lpae-hwe-16.04, linux-gcp, linux-generic-hwe-16.04-edge, linux-kvm-tools-4.15.0-1114, linux-headers-gke, linux-image-4.15.0-177-generic, linux-modules-extra-gcp, linux-generic-hwe-16.04, linux-gcp-tools-4.15.0-1122, linux-image-generic-lpae, linux-signed-image-generic-hwe-16.04, linux-cloud-tools-azure-lts-18.04, linux-tools-virtual, linux-image-extra-virtual-hwe-16.04-edge, linux-image-gcp, linux-generic-lpae, linux-headers-virtual-hwe-16.04, linux-image-oem, linux-cloud-tools-4.15.0-177, linux-gcp-4.15, linux-image-4.15.0-1122-gcp, linux-image-virtual-hwe-16.04-edge, linux-tools-4.15.0-1138-azure, linux-tools-gcp-lts-18.04, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-headers-oracle-lts-18.04, linux-image-azure-edge, linux-gcp-4.15-tools-4.15.0-1122, linux-buildinfo-4.15.0-1093-oracle, linux-buildinfo-4.15.0-1114-kvm, linux-headers-lowlatency, linux-image-4.15.0-177-generic-lpae, linux-headers-4.15.0-1093-oracle, linux-tools-4.15.0-1122-gcp, linux-cloud-tools-generic, linux-tools-azure-edge, linux-image-extra-virtual-hwe-16.04, linux-doc, linux-image-oracle-lts-18.04, linux-image-unsigned-4.15.0-1138-azure, linux-headers-4.15.0-1114-kvm, linux-gke, linux-hwe-tools-4.15.0-177, linux, linux-headers-gcp-lts-18.04, linux-aws-lts-18.04, linux-cloud-tools-4.15.0-1128-aws, linux-gcp-4.15-headers-4.15.0-1122, linux-aws-hwe-tools-4.15.0-1128, linux-image-unsigned-4.15.0-1093-oracle, linux-azure-headers-4.15.0-1138, linux-image-4.15.0-1093-oracle, linux-modules-4.15.0-1114-kvm, linux-image-aws-lts-18.04, linux-signed-azure-lts-18.04, linux-signed-generic-hwe-16.04, linux-headers-4.15.0-1127-snapdragon, linux-headers-azure, linux-tools-oracle, linux-headers-virtual-hwe-16.04-edge, linux-tools-virtual-hwe-16.04-edge, linux-virtual-hwe-16.04-edge, linux-oem, linux-image-azure, linux-modules-4.15.0-1138-azure, linux-modules-extra-azure-edge, linux-kvm, linux-buildinfo-4.15.0-177-generic, linux-signed-azure-edge, linux-aws-headers-4.15.0-1128, linux-signed-lowlatency, linux-aws, linux-lowlatency, linux-cloud-tools-generic-hwe-16.04-edge, linux-signed-image-oem, linux-tools-host, linux-tools-generic-lpae-hwe-16.04-edge, linux-buildinfo-4.15.0-1122-gcp, linux-headers-lowlatency-hwe-16.04-edge, linux-azure-lts-18.04, linux-dell300x, linux-aws-edge, linux-cloud-tools-virtual-hwe-16.04-edge, linux-image-4.15.0-1138-azure, linux-snapdragon, linux-aws-cloud-tools-4.15.0-1128, linux-headers-oracle, linux-tools-dell300x, linux-signed-image-lowlatency, linux-cloud-tools-azure, linux-headers-4.15.0-177-generic-lpae, linux-headers-4.15.0-1128-aws, linux-tools-4.15.0-1093-oracle, linux-modules-4.15.0-1128-aws, linux-image-generic-hwe-16.04-edge, linux-modules-4.15.0-177-generic, linux-modules-extra-azure-lts-18.04, linux-dell300x-tools-4.15.0-1042, linux-headers-4.15.0-177, linux-tools-gcp, linux-headers-generic-hwe-16.04-edge, linux-buildinfo-4.15.0-1138-azure, linux-oracle, linux-signed-oracle, linux-tools-lowlatency-hwe-16.04-edge, linux-generic-lpae-hwe-16.04, linux-cloud-tools-lowlatency-hwe-16.04, linux-signed-image-generic, linux-azure-4.15-headers-4.15.0-1138, linux-image-unsigned-4.15.0-177-lowlatency, linux-modules-extra-aws-lts-18.04, linux-cloud-tools-common, linux-signed-generic, linux-azure-cloud-tools-4.15.0-1138, linux-tools-4.15.0-1042-dell300x, linux-gcp-lts-18.04, linux-generic, linux-tools-azure-lts-18.04, linux-azure-tools-4.15.0-1138, linux-source-4.15.0, linux-oracle-tools-4.15.0-1093, linux-cloud-tools-generic-hwe-16.04, linux-tools-virtual-hwe-16.04, linux-headers-generic-hwe-16.04, linux-lowlatency-hwe-16.04, linux-headers-azure-edge, linux-image-generic, linux-headers-lowlatency-hwe-16.04, linux-tools-common, linux-image-4.15.0-1114-kvm, linux-tools-azure, linux-image-extra-virtual, linux-oracle-headers-4.15.0-1093, linux-headers-generic-lpae-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04-edge, linux-tools-oem, linux-image-generic-lpae-hwe-16.04-edge, linux-cloud-tools-azure-edge, linux-cloud-tools-virtual, linux-azure-4.15-cloud-tools-4.15.0-1138, linux-modules-extra-azure, linux-source, linux-image-azure-lts-18.04, linux-image-generic-hwe-16.04, linux-image-oracle, linux-signed-generic-hwe-16.04-edge, linux-signed-image-lowlatency-hwe-16.04-edge, linux-cloud-tools-lowlatency, linux-azure-4.15-tools-4.15.0-1138, linux-tools-gke, linux-image-dell300x, linux-tools-4.15.0-1114-kvm, linux-tools-kvm, linux-image-snapdragon, linux-azure, linux-aws-hwe, linux-signed-image-azure-edge, linux-headers-snapdragon, linux-dell300x-headers-4.15.0-1042, linux-lowlatency-hwe-16.04-edge, linux-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1042-dell300x, linux-tools-aws-hwe, linux-image-4.15.0-1127-snapdragon, linux-cloud-tools-virtual-hwe-16.04, linux-image-gke, linux-image-virtual-hwe-16.04, linux-image-unsigned-4.15.0-1122-gcp, linux-modules-4.15.0-1093-oracle, linux-signed-image-oracle-lts-18.04, linux-kvm-headers-4.15.0-1114, linux-azure-4.15, linux-buildinfo-4.15.0-1042-dell300x, linux-cloud-tools-4.15.0-177-generic, linux-generic-lpae-hwe-16.04-edge, linux-headers-aws-hwe, linux-headers-generic, linux-image-gcp-lts-18.04, linux-tools-4.15.0-177-lowlatency, linux-tools-generic, linux-tools-snapdragon, linux-headers-4.15.0-1138-azure, linux-modules-4.15.0-1127-snapdragon, linux-image-unsigned-4.15.0-177-generic, linux-buildinfo-4.15.0-177-lowlatency, linux-tools-aws-lts-18.04, linux-headers-generic-lpae-hwe-16.04, linux-headers-oem, linux-snapdragon-tools-4.15.0-1127, linux-headers-4.15.0-177-generic, linux-headers-azure-lts-18.04, linux-image-kvm, linux-modules-extra-4.15.0-1093-oracle, linux-oracle-lts-18.04, linux-tools-generic-hwe-16.04, linux-virtual, linux-modules-extra-gke, linux-tools-oracle-lts-18.04, linux-headers-gcp, linux-tools-generic-lpae, linux-signed-image-generic-hwe-16.04-edge, linux-hwe, linux-hwe-cloud-tools-4.15.0-177, linux-modules-4.15.0-1042-dell300x, linux-headers-4.15.0-1122-gcp, linux-modules-4.15.0-177-lowlatency, linux-gcp-headers-4.15.0-1122, linux-signed-image-azure-lts-18.04, linux-headers-4.15.0-1042-dell300x, linux-modules-extra-4.15.0-1138-azure, linux-signed-image-oracle, linux-tools-4.15.0-1128-aws, linux-image-4.15.0-1042-dell300x, linux-image-4.15.0-177-lowlatency, linux-headers-4.15.0-177-lowlatency, linux-cloud-tools-4.15.0-1138-azure, linux-image-lowlatency-hwe-16.04, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-signed-oem, linux-image-4.15.0-1128-aws, linux-aws-tools-4.15.0-1128, linux-cloud-tools-4.15.0-177-lowlatency, linux-tools-4.15.0-177, linux-tools-4.15.0-177-generic, linux-tools-generic-lpae-hwe-16.04, linux-image-unsigned-4.15.0-1128-aws, linux-headers-kvm, linux-aws-hwe-cloud-tools-4.15.0-1128, linux-signed-azure, linux-modules-extra-aws-hwe, linux-modules-extra-gcp-lts-18.04, linux-image-virtual, linux-modules-extra-4.15.0-1122-gcp, linux-azure-edge o USN-5265-1 : linux-modules-extra-5.11.0-1029-gcp, linux-buildinfo-5.13.0-28-generic-lpae, linux-image-unsigned-5.13.0-1029-oem, linux-source-5.13.0, linux-buildinfo-5.13.0-1029-oem, linux-image-unsigned-5.11.0-1029-gcp, linux-tools-lowlatency, linux-raspi-headers-5.13.0-1016, linux-tools-oem-20.04, linux-libc-dev, linux-oem-20.04c, linux-tools-virtual-hwe-20.04-edge, linux-headers-raspi, linux-headers-generic-lpae, linux-modules-5.13.0-1016-raspi-nolpae, linux-modules-5.13.0-28-lowlatency, linux-oem-20.04, linux-tools-generic-hwe-20.04, linux-aws-5.13, linux-headers-generic-64k-hwe-20.04-edge, linux-tools-5.13.0-1016-raspi-nolpae, linux-aws-5.13-cloud-tools-5.13.0-1012, linux-modules-extra-5.11.0-1028-aws, linux-headers-5.11.0-1028-oracle, linux-tools-generic-lpae-hwe-20.04, linux-modules-extra-5.11.0-1028-oracle, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-5.13.0-1016-raspi-nolpae, linux-headers-generic-lpae-hwe-20.04, linux-raspi-tools-5.13.0-1016, linux-headers-5.13.0-28, linux-gcp, linux-headers-5.13.0-28-generic, linux-image-5.11.0-1028-oracle, linux-lowlatency-hwe-20.04, linux-modules-extra-5.13.0-1016-oracle, linux-modules-extra-aws-edge, linux-tools-5.13.0-1012-aws, linux-headers-gke, linux-modules-extra-gcp, linux-generic-lpae-hwe-20.04-edge, linux-modules-5.13.0-28-generic-lpae, linux-headers-5.13.0-1029-oem, linux-modules-5.11.0-1029-gcp, linux-gcp-5.11-headers-5.11.0-1029, linux-image-generic-lpae, linux-headers-aws-edge, linux-tools-virtual, linux-image-gcp, linux-image-aws, linux-generic-lpae, linux-generic-64k-hwe-20.04-edge, linux-buildinfo-5.13.0-1013-gcp, linux-image-5.13.0-1016-raspi, linux-image-unsigned-5.11.0-1028-azure, linux-gcp-5.11, linux-cloud-tools-lowlatency-hwe-20.04, linux-headers-virtual-hwe-20.04-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-aws-5.13-tools-5.13.0-1012, linux-tools-5.13.0-1016-raspi, linux-tools-generic-hwe-20.04-edge, linux-buildinfo-5.11.0-1029-gcp, linux-oracle-5.11, linux-tools-aws-edge, linux-tools-5.13.0-1013-gcp, linux-cloud-tools-5.13.0-28-generic, linux-headers-lowlatency, linux-image-5.13.0-1013-gcp, linux-headers-5.13.0-28-generic-64k, linux-image-lowlatency-hwe-20.04-edge, linux-cloud-tools-5.13.0-28, linux-image-raspi, linux-tools-5.13.0-28-generic-lpae, linux-tools-virtual-hwe-20.04, linux-oracle-tools-5.13.0-1016, linux-modules-5.13.0-28-generic-64k, linux-cloud-tools-generic, linux-image-unsigned-5.11.0-1028-aws, linux-generic-64k-hwe-20.04, linux-doc, linux-modules-5.13.0-1016-oracle, linux-headers-5.11.0-1028-azure, linux-tools-generic-64k, linux-gke, linux-image-unsigned-5.13.0-1011-kvm, linux, linux-image-virtual-hwe-20.04, linux-kvm-tools-5.13.0-1011, linux-modules-extra-5.11.0-1028-azure, linux-image-5.13.0-1029-oem, linux-oracle-5.11-tools-5.11.0-1028, linux-oracle-headers-5.13.0-1016, linux-image-5.13.0-1016-oracle, linux-tools-5.13.0-1016-oracle, linux-image-generic-lpae-hwe-20.04-edge, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-lpae-hwe-20.04-edge, linux-cloud-tools-5.11.0-1028-azure, linux-headers-azure, linux-buildinfo-5.11.0-1028-azure, linux-tools-oracle, linux-headers-5.13.0-28-generic-lpae, linux-image-generic-hwe-20.04, linux-image-azure, linux-kvm, linux-modules-extra-aws, linux-azure-5.11-headers-5.11.0-1028, linux-aws, linux-cloud-tools-virtual-hwe-20.04, linux-lowlatency, linux-modules-5.13.0-1012-aws, linux-tools-host, linux-hwe-5.13-headers-5.13.0-28, linux-generic-hwe-20.04, linux-tools-raspi, linux-cloud-tools-5.13.0-28-lowlatency, linux-modules-extra-5.13.0-1016-raspi, linux-oem-5.13-tools-5.13.0-1029, linux-image-unsigned-5.11.0-1028-oracle, linux-modules-extra-5.13.0-1016-raspi-nolpae, linux-aws-5.13-headers-5.13.0-1012, linux-aws-edge, linux-modules-5.13.0-1013-gcp, linux-headers-oracle, linux-modules-extra-5.13.0-1012-aws, linux-cloud-tools-azure, linux-virtual-hwe-20.04, linux-buildinfo-5.13.0-1016-raspi, linux-aws-5.11-cloud-tools-5.11.0-1028, linux-headers-generic-64k-hwe-20.04, linux-azure-5.11-cloud-tools-5.11.0-1028, linux-headers-5.13.0-1012-aws, linux-image-5.13.0-28-lowlatency, linux-buildinfo-5.13.0-1016-oracle, linux-tools-5.13.0-1029-oem, linux-headers-5.11.0-1028-aws, linux-raspi, linux-tools-5.11.0-1029-gcp, linux-buildinfo-5.13.0-28-lowlatency, linux-modules-extra-5.13.0-28-generic, linux-headers-5.13.0-1016-raspi, linux-modules-5.13.0-28-generic, linux-modules-extra-5.13.0-1013-gcp, linux-image-5.13.0-1012-aws, linux-modules-5.13.0-1011-kvm, linux-tools-gcp, linux-image-5.11.0-1028-azure, linux-image-unsigned-5.13.0-28-generic-64k, linux-oracle, linux-hwe-5.13-cloud-tools-common, linux-buildinfo-5.11.0-1028-oracle, linux-tools-5.13.0-28-lowlatency, linux-headers-generic-64k, linux-image-generic-64k, linux-image-generic-64k-hwe-20.04-edge, linux-headers-5.13.0-1011-kvm, linux-cloud-tools-common, linux-tools-5.13.0-28-generic-64k, linux-image-5.13.0-28-generic-lpae, linux-headers-5.13.0-28-lowlatency, linux-generic, linux-headers-5.13.0-1016-oracle, linux-cloud-tools-virtual-hwe-20.04-edge, linux-gcp-5.11-tools-5.11.0-1029, linux-image-5.13.0-1016-raspi-nolpae, linux-image-oem-20.04c, linux-buildinfo-5.13.0-1016-raspi-nolpae, linux-cloud-tools-5.13.0-1012-aws, linux-image-generic, linux-gcp-tools-5.13.0-1013, linux-aws-5.11-headers-5.11.0-1028, linux-tools-common, linux-hwe-5.13-tools-5.13.0-28, linux-image-unsigned-5.13.0-28-generic, linux-tools-azure, linux-headers-lowlatency-hwe-20.04-edge, linux-image-5.13.0-28-generic, linux-image-extra-virtual, linux-tools-5.13.0-28, linux-image-unsigned-5.13.0-1012-aws, linux-buildinfo-5.13.0-1011-kvm, linux-cloud-tools-5.11.0-1028-aws, linux-tools-5.11.0-1028-oracle, linux-headers-oem-20.04c, linux-cloud-tools-virtual, linux-modules-5.13.0-1016-raspi, linux-azure-5.11, linux-virtual-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04, linux-oem-5.13-headers-5.13.0-1029, linux-modules-5.11.0-1028-azure, linux-modules-extra-azure, linux-aws-headers-5.13.0-1012, linux-headers-5.13.0-1013-gcp, linux-aws-5.11-tools-5.11.0-1028, linux-cloud-tools-generic-hwe-20.04, linux-image-5.13.0-1011-kvm, linux-image-generic-hwe-20.04-edge, linux-image-oracle, linux-buildinfo-5.13.0-28-generic, linux-modules-5.11.0-1028-oracle, linux-cloud-tools-lowlatency, linux-oracle-5.11-headers-5.11.0-1028, linux-tools-aws, linux-tools-gke, linux-tools-kvm, linux-image-virtual-hwe-20.04-edge, linux-hwe-5.13-tools-host, linux-azure, linux-headers-generic-hwe-20.04, linux-tools-raspi-nolpae, linux-headers-5.11.0-1029-gcp, linux-hwe-5.13-cloud-tools-5.13.0-28, linux-image-unsigned-5.13.0-1013-gcp, linux-generic-hwe-20.04-edge, linux-azure-5.11-tools-5.11.0-1028, linux-image-extra-virtual-hwe-20.04, linux-raspi-nolpae, linux-headers-aws, linux-image-gke, linux-image-aws-edge, linux-headers-raspi-nolpae, linux-image-5.11.0-1029-gcp, linux-tools-5.13.0-1011-kvm, linux-headers-generic, linux-tools-generic, linux-buildinfo-5.13.0-1012-aws, linux-image-extra-virtual-hwe-20.04-edge, linux-tools-lowlatency-hwe-20.04-edge, linux-buildinfo-5.11.0-1028-aws, linux-aws-tools-5.13.0-1012, linux-oem-5.13-tools-host, linux-hwe-5.13-tools-common, linux-aws-cloud-tools-5.13.0-1012, linux-image-oem-20.04, linux-image-kvm, linux-lowlatency-hwe-20.04-edge, linux-virtual, linux-tools-5.11.0-1028-aws, linux-image-raspi-nolpae, linux-modules-5.13.0-1029-oem, linux-modules-extra-gke, linux-tools-5.13.0-28-generic, linux-headers-gcp, linux-aws-5.11, linux-source, linux-oem-5.13, linux-tools-generic-lpae, linux-image-generic-64k-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-tools-generic-64k-hwe-20.04, linux-image-lowlatency-hwe-20.04, linux-kvm-headers-5.13.0-1011, linux-hwe-5.13, linux-generic-lpae-hwe-20.04, linux-headers-oem-20.04, linux-image-unsigned-5.13.0-28-lowlatency, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-hwe-5.13-source-5.13.0, linux-image-unsigned-5.13.0-1016-oracle, linux-tools-generic-lpae-hwe-20.04-edge, linux-modules-extra-raspi, linux-cloud-tools-generic-hwe-20.04-edge, linux-gcp-headers-5.13.0-1013, linux-modules-extra-raspi-nolpae, linux-tools-5.11.0-1028-azure, linux-tools-oem-20.04c, linux-generic-64k, linux-headers-kvm, linux-buildinfo-5.13.0-28-generic-64k, linux-headers-lowlatency-hwe-20.04, linux-modules-5.11.0-1028-aws, linux-image-virtual, linux-image-5.13.0-28-generic-64k, linux-headers-virtual-hwe-20.04 o USN-5278-1 : linux-headers-5.14.0-1022-oem, linux-image-unsigned-5.14.0-1022-oem, linux-oem-5.14-tools-host, linux-image-5.14.0-1022-oem, linux-headers-oem-20.04d, linux-tools-5.14.0-1022-oem, linux-tools-oem-20.04d, linux-oem-5.14-headers-5.14.0-1022, linux-oem-20.04d, linux-oem-5.14, linux-image-oem-20.04d, linux-modules-5.14.0-1022-oem, linux-buildinfo-5.14.0-1022-oem, linux-oem-5.14-tools-5.14.0-1022 o USN-5413-1 : linux-modules-4.4.0-1105-kvm, linux-tools-4.4.0-224-lowlatency, linux-tools-lowlatency, linux-headers-4.4.0-224-generic, linux-libc-dev, linux-tools-lowlatency-lts-xenial, linux-cloud-tools-generic-lts-xenial, linux-tools-lowlatency-lts-vivid, linux-headers-lowlatency-lts-utopic, linux-headers-virtual-lts-wily, linux-cloud-tools-virtual-lts-wily, linux-cloud-tools-virtual-lts-xenial, linux-buildinfo-4.4.0-1105-kvm, linux-lts-xenial-tools-4.4.0-224, linux-image-unsigned-4.4.0-224-generic, linux-image-hwe-virtual-trusty, linux-tools-generic-lts-vivid, linux-cloud-tools-lowlatency-lts-vivid, linux-headers-generic-lts-utopic, linux-signed-generic-lts-utopic, linux-image-lowlatency-lts-xenial, linux-image-hwe-generic-trusty, linux-generic-lts-vivid, linux-lowlatency-lts-xenial, linux-signed-lowlatency-lts-xenial, linux-tools-virtual, linux-image-4.4.0-224-lowlatency, linux-modules-4.4.0-224-lowlatency, linux-image-aws, linux-image-generic-lts-utopic, linux-tools-4.4.0-1140-aws, linux-headers-4.4.0-1140-aws, linux-image-lowlatency-lts-utopic, linux-headers-lowlatency-lts-wily, linux-headers-lowlatency, linux-image-unsigned-4.4.0-224-lowlatency, linux-signed-generic-lts-vivid, linux-cloud-tools-generic, linux-modules-extra-4.4.0-224-generic, linux-doc, linux, linux-signed-generic-lts-xenial, linux-signed-image-lowlatency-lts-wily, linux-image-lowlatency-lts-vivid, linux-lowlatency-lts-utopic, linux-signed-image-generic-lts-utopic, linux-cloud-tools-lowlatency-lts-xenial, linux-kvm, linux-cloud-tools-lowlatency-lts-utopic, linux-cloud-tools-lowlatency-lts-wily, linux-lts-xenial, linux-modules-extra-aws, linux-signed-lowlatency, linux-aws, linux-lowlatency, linux-tools-host, linux-headers-generic-lts-xenial, linux-cloud-tools-generic-lts-wily, linux-image-4.4.0-1105-kvm, linux-tools-4.4.0-1105-kvm, linux-generic-lts-wily, linux-signed-image-lowlatency, linux-kvm-headers-4.4.0-1105, linux-cloud-tools-4.4.0-224-generic, linux-tools-virtual-lts-wily, linux-tools-4.4.0-224-generic, linux-hwe-virtual-trusty, linux-hwe-generic-trusty, linux-cloud-tools-generic-lts-utopic, linux-tools-generic-lts-utopic, linux-aws-headers-4.4.0-1140, linux-cloud-tools-4.4.0-1140-aws, linux-virtual-lts-wily, linux-tools-4.4.0-224, linux-image-virtual-lts-utopic, linux-headers-4.4.0-224, linux-kvm-cloud-tools-4.4.0-1105, linux-signed-image-generic, linux-virtual-lts-vivid, linux-cloud-tools-generic-lts-vivid, linux-cloud-tools-common, linux-source-4.4.0, linux-headers-virtual-lts-vivid, linux-signed-generic, linux-aws-tools-4.4.0-1140, linux-generic, linux-headers-generic-lts-wily, linux-headers-4.4.0-1105-kvm, linux-signed-image-generic-lts-wily, linux-signed-lowlatency-lts-wily, linux-image-generic, linux-generic-lts-utopic, linux-aws-cloud-tools-4.4.0-1140, linux-image-virtual-lts-xenial, linux-generic-lts-xenial, linux-image-virtual-lts-vivid, linux-modules-4.4.0-1140-aws, linux-tools-common, linux-image-extra-virtual, linux-lowlatency-lts-vivid, linux-tools-generic-lts-xenial, linux-cloud-tools-virtual, linux-image-generic-lts-xenial, linux-image-4.4.0-1140-aws, linux-image-4.4.0-224-generic, linux-tools-lts-utopic, linux-cloud-tools-4.4.0-1105-kvm, linux-source, linux-image-generic-lts-vivid, linux-tools-aws, linux-image-extra-virtual-lts-wily, linux-tools-kvm, linux-tools-generic-lts-wily, linux-cloud-tools-lowlatency, linux-signed-image-lowlatency-lts-xenial, linux-image-extra-virtual-lts-xenial, linux-image-generic-lts-wily, linux-virtual-lts-utopic, linux-lts-xenial-cloud-tools-4.4.0-224, linux-image-extra-virtual-lts-vivid, linux-cloud-tools-4.4.0-224, linux-headers-lowlatency-lts-vivid, linux-headers-4.4.0-224-lowlatency, linux-headers-aws, linux-signed-image-generic-lts-xenial, linux-cloud-tools-virtual-lts-vivid, linux-buildinfo-4.4.0-1140-aws, linux-image-lowlatency-lts-wily, linux-tools-lowlatency-lts-wily, linux-modules-4.4.0-224-generic, linux-lowlatency-lts-wily, linux-headers-generic, linux-image-virtual-lts-wily, linux-tools-generic, linux-tools-virtual-lts-xenial, linux-headers-virtual-lts-utopic, linux-cloud-tools-4.4.0-224-lowlatency, linux-image-kvm, linux-virtual, linux-buildinfo-4.4.0-224-lowlatency, linux-tools-virtual-lts-vivid, linux-cloud-tools-virtual-lts-utopic, linux-image-extra-virtual-lts-utopic, linux-virtual-lts-xenial, linux-signed-image-generic-lts-vivid, linux-modules-extra-4.4.0-1140-aws, linux-headers-generic-lts-vivid, linux-kvm-tools-4.4.0-1105, linux-buildinfo-4.4.0-224-generic, linux-headers-lowlatency-lts-xenial, linux-crashdump, linux-image-lowlatency, linux-headers-virtual, linux-headers-virtual-lts-xenial, linux-headers-kvm, linux-tools-lowlatency-lts-utopic, linux-tools-virtual-lts-utopic, linux-image-virtual, linux-signed-generic-lts-wily - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LK8kNZI30y1K9AQgoAhAAmNExAbgMi6QSqyrQ9or+BDs4hCTnyOZ8 efJxd+mjgm3WMkf+x9s9QJE8SdcCGuSLPoqHvnf7zFz7jUkqQdeWMSToN9JyH7Uy XSlH9UgiRSra5MoloaGF10Tkd89T0I5Kwg3FMEfbejM6vNZnSrMNS7tDzCNy6Erw 3VVa2Bp1kpaDnZJkHd2BON3WWEQbOekVUlYPEah+HrlySdwKlbk4IMjKDncIJRFq aqiCShO18AhgacnZW2IhexgR/QAWxNlGhMHaxGCaEIjhqfpBltDpxccYzCct4UQ8 Yu3mUrc1hTZOd9/qyxpNP1vzlF3Rsr1oHdGz+6uBIMybG3s9Bj2Ll6gYQJvu2z7F U48KQ7aPeHwOz3cYjzWE0Xhn7c+N7vVmlHiqEKZt7XvNcm03BBvF7Xwckj2qV7o/ D8fpPv9aKnxfMmPToP8wKKnup+e1U8J8I8RexMQ7G4Fx3XMusnlooWVZCxZAjaah 2nvu0ZBaVGh9OdrsSWcAIm4j+tLe7cvdsGuzpIxNbOpJjwHd8auna5hFIOKweHob lUzTCI7HVH34XgK7wGz9eeGey4OnLIT/7ybSwfqQGsC4atjmX5UIAsiSSMkAg126 OXz7QPiUNrKD0GOko0+EaCjWPnAaQeJwHgYET4N+lqf2HjIJ5ePuM6DCvr9hFLeu 9Rgj28pwZ1E= =8sra -----END PGP SIGNATURE-----
2022. május 13.

ESB-2022.2336 - [Ubuntu] Linux kernel: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2336 USN-5413-1: Linux kernel vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux kernel Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-28390 CVE-2022-27223 CVE-2022-26490 CVE-2021-39713 CVE-2021-4157 CVE-2020-27820 Original Bulletin: https://ubuntu.com/security/notices/USN-5413-1 Comment: CVSS (Max): 9.8 CVE-2021-39713 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5413-1: Linux kernel vulnerabilities 12 May 2022 Several security issues were fixed in the Linux kernel. Releases o Ubuntu 16.04 ESM o Ubuntu 14.04 ESM Packages o linux - Linux kernel o linux-aws - Linux kernel for Amazon Web Services (AWS) systems o linux-kvm - Linux kernel for cloud environments o linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty Details Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service (system crash). ( CVE-2020-27820 ) It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2021-39713 ) It was discovered that the Parallel NFS (pNFS) implementation in the Linux kernel did not properly perform bounds checking in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2021-4157 ) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ( CVE-2022-26490 ) It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). ( CVE-2022-27223 ) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). ( CVE-2022-28390 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o linux-image-virtual - 4.4.0.224.231 Available with UA Infra or UA Desktop o linux-image-generic - 4.4.0.224.231 Available with UA Infra or UA Desktop o linux-image-aws - 4.4.0.1140.145 Available with UA Infra or UA Desktop o linux-image-4.4.0-224-lowlatency - 4.4.0-224.257 Available with UA Infra or UA Desktop o linux-image-4.4.0-1105-kvm - 4.4.0-1105.114 Available with UA Infra or UA Desktop o linux-image-4.4.0-1140-aws - 4.4.0-1140.154 Available with UA Infra or UA Desktop o linux-image-kvm - 4.4.0.1105.103 Available with UA Infra or UA Desktop o linux-image-4.4.0-224-generic - 4.4.0-224.257 Available with UA Infra or UA Desktop o linux-image-lowlatency - 4.4.0.224.231 Available with UA Infra or UA Desktop Ubuntu 14.04 o linux-image-generic-lts-xenial - 4.4.0.224.195 Available with UA Infra or UA Desktop o linux-image-4.4.0-224-generic - 4.4.0-224.257~14.04.1 Available with UA Infra or UA Desktop o linux-image-lowlatency-lts-xenial - 4.4.0.224.195 Available with UA Infra or UA Desktop o linux-image-4.4.0-224-lowlatency - 4.4.0-224.257~14.04.1 Available with UA Infra or UA Desktop o linux-image-virtual-lts-xenial - 4.4.0.224.195 Available with UA Infra or UA Desktop After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References o CVE-2021-4157 o CVE-2022-26490 o CVE-2022-28390 o CVE-2021-39713 o CVE-2022-27223 o CVE-2020-27820 Related notices o USN-5381-1 : linux-buildinfo-5.14.0-1033-oem, linux-oem-5.14-tools-5.14.0-1033, linux-headers-oem-20.04d, linux-tools-oem-20.04, linux-modules-5.14.0-1033-oem, linux-oem-20.04d, linux-tools-5.14.0-1033-oem, linux-oem-5.14-tools-host, linux-image-oem-20.04b, linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d, linux-oem-20.04, linux-image-oem-20.04d, linux-oem-20.04b, linux-tools-oem-20.04b, linux-image-5.14.0-1033-oem, linux-headers-oem-20.04b, linux-oem-5.14, linux-image-oem-20.04, linux-oem-5.14-headers-5.14.0-1033, linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c, linux-headers-5.14.0-1033-oem, linux-image-unsigned-5.14.0-1033-oem o USN-5390-1 : linux-headers-5.15.0-27, linux-kvm-tools-5.15.0-1005, linux-ibm-tools-5.15.0-1003, linux-tools-lowlatency-hwe-22.04, linux-cloud-tools-5.15.0-27-generic, linux-cloud-tools-lowlatency-hwe-22.04-edge, linux-headers-5.15.0-1003-oracle, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-generic-hwe-22.04, linux-image-gke, linux-tools-5.15.0-1005-aws, linux-headers-gke, linux-image-generic-64k, linux-tools-virtual-hwe-22.04-edge, linux-image-unsigned-5.15.0-1003-gke, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-modules-5.15.0-27-generic, linux-lowlatency-64k-hwe-22.04, linux-tools-5.15.0-27-lowlatency-64k, linux-headers-5.15.0-27-generic, linux-aws-headers-5.15.0-1005, linux-cloud-tools-5.15.0-1005-azure, linux-generic-hwe-22.04, linux-buildinfo-5.15.0-27-lowlatency-64k, linux-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-tools-5.15.0-27-generic-lpae, linux-image-5.15.0-1005-azure, linux-crashdump, linux-image-5.15.0-1003-oracle, linux-virtual-hwe-20.04, linux-tools-common, linux-buildinfo-5.15.0-27-generic, linux-image-5.15.0-1005-aws, linux-image-generic-lpae-hwe-22.04-edge, linux-tools-lowlatency-64k-hwe-22.04, linux-modules-5.15.0-27-generic-lpae, linux-buildinfo-5.15.0-1003-oracle, linux-generic-64k, linux-tools-virtual, linux-headers-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-22.04, linux-image-unsigned-5.15.0-1003-oracle, linux-tools-5.15.0-1005-kvm, linux-modules-extra-aws, linux-tools-gke-5.15, linux-image-extra-virtual-hwe-22.04-edge, linux-gke-tools-5.15.0-1003, linux-gke-5.15, linux-headers-lowlatency-64k-hwe-22.04-edge, linux-headers-ibm, linux-headers-virtual-hwe-22.04-edge, linux-tools-generic-64k-hwe-20.04, linux-cloud-tools-lowlatency, linux-image-unsigned-5.15.0-1005-aws, linux-lowlatency-64k, linux-tools-5.15.0-1003-gke, linux-tools-lowlatency-hwe-20.04-edge, linux-cloud-tools-generic-hwe-20.04-edge, linux-cloud-tools-generic-hwe-22.04, linux-headers-oem-20.04, linux-image-5.15.0-27-generic-lpae, linux-kvm, linux-headers-generic-64k-hwe-22.04-edge, linux-virtual-hwe-20.04-edge, linux-headers-5.15.0-27-lowlatency-64k, linux-modules-extra-5.15.0-1003-oracle, linux-image-generic-64k-hwe-20.04, linux-modules-5.15.0-1003-ibm, linux-gcp-tools-5.15.0-1004, linux-gke, linux-buildinfo-5.15.0-27-generic-lpae, linux-headers-5.15.0-1003-gke, linux-gcp-headers-5.15.0-1004, linux-image-unsigned-5.15.0-27-generic-64k, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-modules-5.15.0-1003-gke, linux-headers-kvm, linux-tools-lowlatency, linux-headers-virtual, linux-modules-5.15.0-27-generic-64k, linux-modules-extra-5.15.0-1005-aws, linux-image-generic-hwe-20.04-edge, linux-buildinfo-5.15.0-1005-azure, linux-ibm-cloud-tools-common, linux-headers-generic-lpae-hwe-22.04-edge, linux-headers-lowlatency-64k-hwe-20.04-edge, linux-image-gcp, linux-modules-extra-5.15.0-1003-ibm, linux-tools-virtual-hwe-20.04-edge, linux-image-kvm, linux-headers-generic-lpae-hwe-22.04, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-headers-virtual-hwe-22.04, linux-headers-generic-64k-hwe-20.04, linux-image-unsigned-5.15.0-27-generic, linux-headers-5.15.0-27-generic-lpae, linux-lowlatency-hwe-20.04-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-gke, linux-lowlatency-hwe-22.04-edge, linux-tools-5.15.0-27-generic-64k, linux-source, linux-generic-lpae-hwe-22.04-edge, linux-headers-lowlatency-hwe-20.04, linux-image-aws, linux-modules-extra-5.15.0-1004-gcp, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-headers-5.15.0-27-lowlatency, linux-image-5.15.0-27-generic-64k, linux-image-generic-64k-hwe-22.04, linux-image-lowlatency-64k-hwe-22.04-edge, linux-tools-oracle, linux-tools-ibm, linux-image-extra-virtual-hwe-22.04, linux-modules-5.15.0-1003-oracle, linux-lowlatency-cloud-tools-common, linux-image-5.15.0-1003-ibm, linux-image-unsigned-5.15.0-27-lowlatency, linux-image-virtual-hwe-22.04-edge, linux-image-oracle, linux-image-generic-hwe-20.04, linux-tools-5.15.0-1004-gcp, linux-image-generic-lpae-hwe-20.04, linux-ibm-headers-5.15.0-1003, linux-image-lowlatency-64k-hwe-20.04-edge, linux-tools-lowlatency-hwe-22.04-edge, linux-doc, linux-image-unsigned-5.15.0-1005-kvm, linux-lowlatency-hwe-22.04, linux-tools-azure, linux-image-extra-virtual-hwe-20.04, linux-modules-5.15.0-27-lowlatency-64k, linux-tools-generic-hwe-20.04-edge, linux-tools-lowlatency-hwe-20.04, linux-generic-hwe-20.04, linux-oracle-headers-5.15.0-1003, linux-cloud-tools-5.15.0-27, linux-modules-5.15.0-1005-aws, linux-image-lowlatency-64k, linux-headers-lowlatency-hwe-22.04-edge, linux-tools-5.15.0-1005-azure, linux-image-azure, linux-azure, linux-tools-kvm, linux-buildinfo-5.15.0-1003-ibm, linux-headers-generic-lpae-hwe-20.04-edge, linux-modules-extra-5.15.0-27-generic, linux-headers-lowlatency-hwe-22.04, linux-image-virtual-hwe-20.04, linux-headers-generic-hwe-22.04-edge, linux-tools-generic-hwe-22.04, linux-azure-cloud-tools-5.15.0-1005, linux-lowlatency-64k-hwe-20.04, linux-tools-generic-lpae-hwe-20.04, linux-virtual-hwe-22.04, linux-image-ibm, linux-modules-5.15.0-1005-kvm, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-headers-lowlatency-64k-hwe-20.04, linux-image-extra-virtual-hwe-20.04-edge, linux-image-unsigned-5.15.0-27-lowlatency-64k, linux-tools-generic-hwe-22.04-edge, linux-lowlatency-tools-5.15.0-27, linux-tools-host, linux-buildinfo-5.15.0-1003-gke, linux-buildinfo-5.15.0-1005-kvm, linux-oem-20.04, linux-lowlatency-tools-host, linux-cloud-tools-virtual-hwe-20.04, linux-azure-headers-5.15.0-1005, linux-tools-virtual-hwe-20.04, linux-gke-headers-5.15.0-1003, linux-tools-generic-lpae-hwe-22.04-edge, linux-lowlatency-cloud-tools-5.15.0-27, linux-cloud-tools-5.15.0-27-lowlatency, linux-tools-generic-lpae, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-5.15.0-27-lowlatency, linux-headers-5.15.0-1005-kvm, linux-image-5.15.0-27-lowlatency-64k, linux-lowlatency-64k-hwe-22.04-edge, linux-headers-generic-hwe-22.04, linux-tools-generic, linux-ibm-source-5.15.0, linux-modules-extra-5.15.0-1003-gke, linux-lowlatency-headers-5.15.0-27, linux-tools-lowlatency-64k, linux-tools-generic-lpae-hwe-22.04, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-azure, linux-headers-5.15.0-1005-aws, linux-image-lowlatency-hwe-22.04-edge, linux-cloud-tools-azure, linux-gcp, linux-image-virtual-hwe-20.04-edge, linux-buildinfo-5.15.0-1004-gcp, linux-image-5.15.0-27-generic, linux-image-gke-5.15, linux-cloud-tools-generic-hwe-22.04-edge, linux-headers-generic-64k, linux-ibm, linux-tools-generic-64k-hwe-22.04-edge, linux-buildinfo-5.15.0-1005-aws, linux-tools-generic-64k, linux-tools-generic-64k-hwe-22.04, linux-buildinfo-5.15.0-27-generic-64k, linux-generic-64k-hwe-22.04-edge, linux-tools-generic-lpae-hwe-20.04-edge, linux-image-lowlatency-64k-hwe-22.04, linux-image-generic, linux-modules-extra-5.15.0-1005-azure, linux-generic-lpae-hwe-20.04, linux-generic-lpae-hwe-22.04, linux-headers-virtual-hwe-20.04-edge, linux-image-5.15.0-1003-gke, linux-generic-lpae, linux-headers-oracle, linux-image-generic-hwe-22.04-edge, linux-headers-gcp, linux-image-lowlatency, linux-image-5.15.0-1004-gcp, linux-headers-lowlatency-64k, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-headers-generic-64k-hwe-22.04, linux-aws-cloud-tools-5.15.0-1005, linux-image-virtual-hwe-22.04, linux-kvm-headers-5.15.0-1005, linux, linux-oracle-tools-5.15.0-1003, linux-image-lowlatency-hwe-22.04, linux-headers-generic-hwe-20.04, linux-lowlatency-tools-common, linux-aws-tools-5.15.0-1005, linux-source-5.15.0, linux-headers-lowlatency, linux-tools-5.15.0-1003-ibm, linux-cloud-tools-generic, linux-headers-5.15.0-1005-azure, linux-headers-lowlatency-64k-hwe-22.04, linux-image-lowlatency-64k-hwe-20.04, linux-tools-virtual-hwe-22.04, linux-headers-5.15.0-1003-ibm, linux-headers-5.15.0-27-generic-64k, linux-headers-generic-lpae, linux-image-generic-64k-hwe-22.04-edge, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-generic-64k-hwe-22.04, linux-headers-gke-5.15, linux-modules-5.15.0-1005-azure, linux-tools-lowlatency-64k-hwe-22.04-edge, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-image-unsigned-5.15.0-1005-azure, linux-virtual-hwe-22.04-edge, linux-modules-5.15.0-1004-gcp, linux-tools-5.15.0-27-generic, linux-libc-dev, linux-image-5.15.0-27-lowlatency, linux-oracle, linux-modules-5.15.0-27-lowlatency, linux-cloud-tools-lowlatency-hwe-22.04, linux-tools-aws, linux-tools-lowlatency-64k-hwe-20.04-edge, linux-cloud-tools-virtual-hwe-22.04, linux-headers-aws, linux-image-5.15.0-1005-kvm, linux-image-oem-20.04, linux-image-unsigned-5.15.0-1004-gcp, linux-aws, linux-tools-5.15.0-27, linux-tools-lowlatency-64k-hwe-20.04, linux-cloud-tools-5.15.0-1005-aws, linux-lowlatency-64k-hwe-20.04-edge, linux-image-unsigned-5.15.0-1003-ibm, linux-tools-5.15.0-1003-oracle, linux-ibm-tools-common, linux-image-virtual, linux-cloud-tools-virtual-hwe-22.04-edge, linux-modules-extra-azure, linux-generic-hwe-22.04-edge, linux-azure-tools-5.15.0-1005, linux-buildinfo-5.15.0-27-lowlatency o USN-5390-2 : linux-headers-5.15.0-1006-raspi, linux-modules-extra-5.15.0-1006-raspi-nolpae, linux-raspi, linux-modules-5.15.0-1006-raspi, linux-buildinfo-5.15.0-1006-raspi-nolpae, linux-raspi-headers-5.15.0-1006, linux-image-raspi-nolpae, linux-tools-5.15.0-1006-raspi-nolpae, linux-image-5.15.0-1006-raspi, linux-raspi-tools-5.15.0-1006, linux-tools-raspi, linux-tools-5.15.0-1006-raspi, linux-image-raspi, linux-modules-extra-raspi, linux-headers-5.15.0-1006-raspi-nolpae, linux-modules-5.15.0-1006-raspi-nolpae, linux-modules-extra-raspi-nolpae, linux-tools-raspi-nolpae, linux-raspi-nolpae, linux-image-5.15.0-1006-raspi-nolpae, linux-headers-raspi-nolpae, linux-headers-raspi, linux-buildinfo-5.15.0-1006-raspi, linux-modules-extra-5.15.0-1006-raspi o USN-5415-1 : linux-modules-extra-azure-lts-20.04, linux-image-unsigned-5.4.0-1073-gcp, linux-tools-generic-hwe-18.04, linux-image-unsigned-5.4.0-110-lowlatency, linux-image-snapdragon-hwe-18.04, linux-tools-generic-lpae-hwe-18.04-edge, linux-modules-extra-oracle, linux-headers-gke, linux-oracle-headers-5.4.0-1071, linux-image-aws-lts-20.04, linux-cloud-tools-common, linux-lowlatency, linux-image-oracle-edge, linux-ibm-tools-5.4.0-1021, linux-tools-common, linux-image-gkeop-5.4, linux-buildinfo-5.4.0-1060-raspi, linux-image-azure-fde, linux-generic-hwe-18.04-edge, linux-headers-azure-edge, linux-cloud-tools-lowlatency, linux-modules-extra-5.4.0-1021-ibm, linux-headers-raspi-hwe-18.04-edge, linux-oem, linux-tools-5.4.0-1021-ibm, linux-tools-oracle-lts-20.04, linux-headers-5.4.0-110-generic, linux-headers-virtual, linux-hwe-5.4-cloud-tools-common, linux-oracle-lts-20.04, linux-ibm-cloud-tools-common, linux-gcp-headers-5.4.0-1073, linux-headers-generic-lpae-hwe-18.04, linux-image-5.4.0-1063-kvm, linux-modules-extra-5.4.0-1073-gcp, linux-snapdragon-hwe-18.04, linux-image-5.4.0-1060-raspi, linux-tools-gcp, linux-generic, linux-raspi-5.4-tools-5.4.0-1060, linux-tools-5.4.0-110, linux-doc, linux-image-azure, linux-azure-5.4-cloud-tools-5.4.0-1078, linux-image-oracle-lts-20.04, linux-cloud-tools-5.4.0-1040-gkeop, linux-tools-ibm-lts-20.04, linux-azure-fde, linux-image-extra-virtual, linux-modules-5.4.0-110-lowlatency, linux-signed-image-oracle-edge, linux-azure-cloud-tools-5.4.0-1078, linux-headers-azure-lts-20.04, linux-gkeop-5.4-tools-5.4.0-1040, linux-image-5.4.0-1071-gke, linux-hwe-5.4-tools-5.4.0-110, linux-headers-5.4.0-110, linux-cloud-tools-azure, linux-headers-oracle-lts-20.04, linux-modules-extra-5.4.0-1071-gke, linux-modules-extra-aws-lts-20.04, linux-headers-snapdragon-hwe-18.04, linux-ibm, linux-generic-lpae-hwe-18.04-edge, linux-raspi-5.4, linux-image-gkeop, linux-hwe-5.4-source-5.4.0, linux-ibm-lts-20.04, linux-modules-5.4.0-1073-aws, linux-generic-lpae, linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-headers-generic-hwe-18.04-edge, linux-headers-gcp, linux-aws-lts-20.04, linux-gke-tools-5.4.0-1071, linux-buildinfo-5.4.0-110-lowlatency, linux-raspi2, linux-headers-raspi2-hwe-18.04-edge, linux-modules-extra-oracle-edge, linux-oracle-5.4-headers-5.4.0-1071, linux-tools-5.4.0-1060-raspi, linux-gcp-5.4, linux-azure-5.4-headers-5.4.0-1078, linux-headers-generic-lpae, linux-cloud-tools-5.4.0-1078-azure, linux-image-oem-osp1, linux-gkeop-tools-5.4.0-1040, linux-lowlatency-hwe-18.04, linux-tools-azure-edge, linux-oem-osp1, linux-libc-dev, linux-image-virtual-hwe-18.04-edge, linux-tools-5.4.0-1040-gkeop, linux-ibm-5.4-cloud-tools-common, linux-gkeop-5.4-source-5.4.0, linux-ibm-tools-common, linux-aws-headers-5.4.0-1073, linux-hwe-5.4-cloud-tools-5.4.0-110, linux-headers-5.4.0-1071-oracle, linux-oracle-edge, linux-cloud-tools-gkeop, linux-raspi-tools-5.4.0-1060, linux-kvm-tools-5.4.0-1063, linux-modules-extra-5.4.0-1071-oracle, linux-tools-lowlatency-hwe-18.04-edge, linux-image-raspi2-hwe-18.04-edge, linux-buildinfo-5.4.0-1078-azure, linux-tools-lowlatency-hwe-18.04, linux-tools-azure-lts-20.04, linux-image-azure-lts-20.04, linux-image-unsigned-5.4.0-1078-azure, linux-ibm-source-5.4.0, linux-tools-virtual, linux-signed-azure-edge, linux-tools-gcp-lts-20.04, linux-modules-5.4.0-1040-gkeop, linux-headers-ibm, linux-headers-5.4.0-1078-azure, linux-image-5.4.0-1071-oracle, linux-azure-tools-5.4.0-1078, linux-image-5.4.0-1078-azure, linux-tools-5.4.0-110-generic-lpae, linux-headers-virtual-hwe-18.04, linux-image-5.4.0-110-generic-lpae, linux-gke, linux-cloud-tools-5.4.0-110-generic, linux-tools-lowlatency, linux-modules-extra-5.4.0-1078-azure, linux-raspi2-hwe-18.04, linux-tools-ibm-edge, linux-image-unsigned-5.4.0-1063-kvm, linux-modules-extra-5.4.0-1073-aws, linux-image-gcp, linux-image-ibm-lts-20.04, linux-headers-oem, linux-modules-extra-gkeop-5.4, linux-tools-generic-hwe-18.04-edge, linux-headers-ibm-edge, linux-source-5.4.0, linux-tools-oracle, linux-image-raspi2-hwe-18.04, linux-image-oracle, linux-tools-azure, linux-headers-5.4.0-1073-gcp, linux-image-raspi-hwe-18.04-edge, linux-ibm-5.4-tools-5.4.0-1021, linux-signed-image-azure, linux-ibm-5.4-tools-common, linux-raspi, linux-headers-raspi2, linux-image-oem, linux-headers-lowlatency-hwe-18.04, linux-gcp-tools-5.4.0-1073, linux-gkeop-headers-5.4.0-1040, linux-modules-5.4.0-1073-gcp, linux-headers-5.4.0-1060-raspi, linux-image-generic-lpae-hwe-18.04, linux-tools-raspi, linux-tools-generic, linux-image-gke-5.4, linux-oem-tools-host, linux-headers-5.4.0-110-generic-lpae, linux-buildinfo-5.4.0-110-generic, linux-cloud-tools-azure-edge, linux-buildinfo-5.4.0-1073-gcp, linux-buildinfo-5.4.0-1021-ibm, linux-modules-5.4.0-1060-raspi, linux-ibm-edge, linux-headers-oracle, linux-image-extra-virtual-hwe-18.04-edge, linux-modules-extra-gke-5.4, linux-tools-gcp-edge, linux-image-5.4.0-1073-gcp, linux-modules-extra-gcp, linux-image-lowlatency-hwe-18.04, linux-modules-extra-ibm, linux-tools-gkeop, linux-modules-extra-ibm-lts-20.04, linux-cloud-tools-5.4.0-110, linux-modules-extra-gke, linux-buildinfo-5.4.0-1063-kvm, linux-image-unsigned-5.4.0-1078-azure-fde, linux-headers-azure-fde, linux-image-5.4.0-1073-aws, linux-tools-snapdragon-hwe-18.04, linux-buildinfo-5.4.0-1073-aws, linux-headers-5.4.0-1063-kvm, linux-buildinfo-5.4.0-110-generic-lpae, linux-gkeop-cloud-tools-5.4.0-1040, linux-gcp-edge, linux-hwe-5.4-headers-5.4.0-110, linux-modules-5.4.0-1078-azure, linux-gcp-5.4-tools-5.4.0-1073, linux-image-5.4.0-1021-ibm, linux-tools-oracle-edge, linux-headers-5.4.0-1021-ibm, linux-cloud-tools-gkeop-5.4, linux-tools-azure-fde, linux-oracle-tools-5.4.0-1071, linux-image-unsigned-5.4.0-1021-ibm, linux-image-lowlatency-hwe-18.04-edge, linux-hwe-5.4, linux-headers-raspi, linux-image-virtual-hwe-18.04, linux-kvm, linux-gkeop-source-5.4.0, linux-modules-extra-virtual-hwe-18.04, linux-headers-5.4.0-1073-aws, linux-headers-5.4.0-110-lowlatency, linux-headers-gcp-lts-20.04, linux-headers-kvm, linux-image-kvm, linux-image-generic-lpae, linux-tools-5.4.0-1063-kvm, linux-tools-5.4.0-110-lowlatency, linux-aws-cloud-tools-5.4.0-1073, linux-image-5.4.0-1040-gkeop, linux-tools-gke, linux-source, linux-modules-5.4.0-110-generic-lpae, linux-tools-virtual-hwe-18.04-edge, linux-tools-ibm, linux-tools-raspi2-hwe-18.04, linux-signed-oracle, linux-headers-oracle-edge, linux-headers-aws-lts-20.04, linux-tools-5.4.0-1073-gcp, linux-tools-raspi-hwe-18.04, linux-azure, linux-tools-kvm, linux-buildinfo-5.4.0-1040-gkeop, linux-image-raspi-hwe-18.04, linux-tools-gkeop-5.4, linux-raspi-hwe-18.04, linux-image-unsigned-5.4.0-1040-gkeop, linux-tools-host, linux-image-extra-virtual-hwe-18.04, linux-headers-generic, linux-tools-5.4.0-1071-oracle, linux-cloud-tools-5.4.0-110-lowlatency, linux-headers-raspi2-hwe-18.04, linux-oracle-5.4-tools-5.4.0-1071, linux-gcp, linux-headers-gkeop, linux-ibm-headers-5.4.0-1021, linux-oracle-5.4, linux-cloud-tools-generic-hwe-18.04, linux-image-generic, linux-headers-snapdragon-hwe-18.04-edge, linux-gcp-5.4-headers-5.4.0-1073, linux-signed-image-azure-edge, linux-cloud-tools-virtual-hwe-18.04-edge, linux-image-snapdragon-hwe-18.04-edge, linux-ibm-5.4-headers-5.4.0-1021, linux-kvm-headers-5.4.0-1063, linux-image-unsigned-5.4.0-1071-gke, linux-headers-lowlatency-hwe-18.04-edge, linux-signed-image-oracle, linux-raspi-headers-5.4.0-1060, linux-cloud-tools-generic-hwe-18.04-edge, linux-gke-5.4, linux-headers-generic-hwe-18.04, linux-gkeop-5.4-cloud-tools-5.4.0-1040, linux-modules-5.4.0-1063-kvm, linux-image-gcp-lts-20.04, linux-cloud-tools-azure-lts-20.04, linux-aws, linux-cloud-tools-azure-fde, linux-modules-extra-gcp-lts-20.04, linux-image-virtual, linux-modules-extra-azure, linux-image-gcp-edge, linux-modules-extra-5.4.0-1040-gkeop, linux-tools-5.4.0-1078-azure, linux-tools-5.4.0-110-generic, linux-tools-generic-lpae-hwe-18.04, linux-headers-virtual-hwe-18.04-edge, linux-image-gke, linux-azure-edge, linux-modules-extra-virtual-hwe-18.04-edge, linux-crashdump, linux-virtual-hwe-18.04, linux-image-generic-hwe-18.04, linux-tools-5.4.0-1073-aws, linux-modules-extra-azure-fde, linux-image-raspi, linux-image-ibm-edge, linux-image-5.4.0-110-lowlatency, linux-tools-oem-osp1, linux-cloud-tools-5.4.0-1073-aws, linux-gkeop-5.4, linux-image-raspi2, linux-headers-oem-osp1, linux-generic-lpae-hwe-18.04, linux-gcp-lts-20.04, linux-modules-5.4.0-1071-oracle, linux-snapdragon-hwe-18.04-edge, linux-headers-gkeop-5.4, linux-virtual, linux-headers-5.4.0-1071-gke, linux-modules-5.4.0-1071-gke, linux-image-generic-lpae-hwe-18.04-edge, linux-azure-lts-20.04, linux-ibm-5.4, linux-cloud-tools-virtual, linux-modules-extra-azure-edge, linux-modules-5.4.0-110-generic, linux-azure-headers-5.4.0-1078, linux-buildinfo-5.4.0-1071-oracle, linux-modules-5.4.0-1021-ibm, linux-gkeop, linux-headers-ibm-lts-20.04, linux-lowlatency-hwe-18.04-edge, linux-image-5.4.0-1078-azure-fde, linux-headers-generic-lpae-hwe-18.04-edge, linux-tools-raspi-hwe-18.04-edge, linux-tools-aws-lts-20.04, linux-gke-headers-5.4.0-1071, linux-headers-gke-5.4, linux-modules-extra-ibm-edge, linux-raspi-5.4-headers-5.4.0-1060, linux-cloud-tools-virtual-hwe-18.04, linux-raspi2-hwe-18.04-edge, linux-azure-5.4-tools-5.4.0-1078, linux-virtual-hwe-18.04-edge, linux-tools-virtual-hwe-18.04, linux-azure-5.4, linux-image-ibm, linux-headers-5.4.0-1040-gkeop, linux-raspi-hwe-18.04-edge, linux-modules-extra-5.4.0-110-generic, linux-modules-extra-gkeop, linux-signed-oracle-edge, linux-tools-generic-lpae, linux-tools-snapdragon-hwe-18.04-edge, linux-tools-gke-5.4, linux-headers-azure, linux-signed-azure, linux-headers-gcp-edge, linux-cloud-tools-lowlatency-hwe-18.04, linux-tools-raspi2-hwe-18.04-edge, linux-aws-tools-5.4.0-1073, linux-tools-5.4.0-1071-gke, linux-image-5.4.0-110-generic, linux-oem-osp1-tools-host, linux-buildinfo-5.4.0-1071-gke, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-generic-hwe-18.04, linux-ibm-5.4-source-5.4.0, linux, linux-image-unsigned-5.4.0-1071-oracle, linux-headers-lowlatency, linux-headers-raspi-hwe-18.04, linux-cloud-tools-generic, linux-image-generic-hwe-18.04-edge, linux-tools-oem, linux-hwe-5.4-tools-common, linux-oracle, linux-image-unsigned-5.4.0-110-generic, linux-image-azure-edge, linux-gkeop-5.4-headers-5.4.0-1040, linux-image-unsigned-5.4.0-1073-aws, linux-tools-raspi2 o USN-5417-1 : linux-buildinfo-5.13.0-1025-gcp, linux-tools-5.13.0-1026-raspi-nolpae, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-gke, linux-raspi-headers-5.13.0-1026, linux-headers-gke, linux-image-generic-64k, linux-azure-headers-5.13.0-1023, linux-modules-5.13.0-1028-oracle, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-gcp-edge, linux-image-raspi-nolpae, linux-lowlatency, linux-azure-edge, linux-tools-5.13.0-41-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-crashdump, linux-gcp-5.13, linux-modules-extra-5.13.0-1025-gcp, linux-tools-common, linux-virtual-hwe-20.04, linux-image-unsigned-5.13.0-41-generic, linux-tools-5.13.0-1022-kvm, linux-modules-extra-5.13.0-41-generic, linux-aws-cloud-tools-5.13.0-1023, linux-image-5.13.0-41-generic, linux-generic-64k, linux-image-raspi, linux-tools-virtual, linux-modules-extra-aws, linux-buildinfo-5.13.0-1023-azure, linux-cloud-tools-5.13.0-41, linux-tools-5.13.0-41, linux-modules-extra-raspi, linux-aws-tools-5.13.0-1023, linux-tools-generic-64k-hwe-20.04, linux-tools-5.13.0-1023-azure, linux-headers-azure-edge, linux-modules-extra-raspi-nolpae, linux-modules-extra-5.13.0-1026-raspi, linux-cloud-tools-5.13.0-1023-azure, linux-cloud-tools-lowlatency, linux-tools-aws-edge, linux-tools-lowlatency-hwe-20.04-edge, linux-azure-5.13, linux-tools-5.13.0-41-generic, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-oem-20.04, linux-headers-raspi-nolpae, linux-headers-raspi, linux-kvm, linux-virtual-hwe-20.04-edge, linux-image-generic-64k-hwe-20.04, linux-gke, linux-modules-5.13.0-41-generic-lpae, linux-cloud-tools-5.13.0-1023-aws, linux-kvm-headers-5.13.0-1022, linux-cloud-tools-5.13.0-41-lowlatency, linux-modules-5.13.0-1022-kvm, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-tools-lowlatency, linux-headers-kvm, linux-tools-5.13.0-1028-oracle, linux-headers-virtual, linux-image-generic-hwe-20.04-edge, linux-gcp-5.13-tools-5.13.0-1025, linux-image-gcp, linux-tools-virtual-hwe-20.04-edge, linux-cloud-tools-5.13.0-41-generic, linux-image-kvm, linux-tools-5.13.0-41-generic-lpae, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-lowlatency-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04, linux-modules-extra-azure-edge, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-gke, linux-buildinfo-5.13.0-41-generic-64k, linux-source, linux-headers-lowlatency-hwe-20.04, linux-image-aws, linux-buildinfo-5.13.0-41-generic-lpae, linux-image-5.13.0-1028-oracle, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-tools-gcp, linux-hwe-5.13, linux-tools-oracle, linux-headers-5.13.0-1028-oracle, linux-image-oracle, linux-headers-aws-edge, linux-image-5.13.0-41-generic-lpae, linux-image-generic-hwe-20.04, linux-image-generic-lpae-hwe-20.04, linux-doc, linux-tools-azure, linux-tools-generic-hwe-20.04-edge, linux-aws-headers-5.13.0-1023, linux-image-5.13.0-1026-raspi-nolpae, linux-image-5.13.0-1025-gcp, linux-image-extra-virtual-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-generic-hwe-20.04, linux-azure-cloud-tools-5.13.0-1023, linux-azure-5.13-cloud-tools-5.13.0-1023, linux-image-azure, linux-azure, linux-aws-5.13-headers-5.13.0-1023, linux-image-5.13.0-1023-azure, linux-tools-kvm, linux-headers-5.13.0-1023-aws, linux-aws-5.13, linux-headers-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-source-5.13.0, linux-image-virtual-hwe-20.04, linux-buildinfo-5.13.0-1026-raspi-nolpae, linux-kvm-tools-5.13.0-1022, linux-raspi, linux-tools-generic-lpae-hwe-20.04, linux-modules-extra-5.13.0-1028-oracle, linux-modules-5.13.0-41-generic-64k, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-image-extra-virtual-hwe-20.04-edge, linux-oracle-tools-5.13.0-1028, linux-image-5.13.0-1022-kvm, linux-gcp-5.13-headers-5.13.0-1025, linux-headers-5.13.0-41-lowlatency, linux-gcp-tools-5.13.0-1025, linux-tools-host, linux-image-aws-edge, linux-headers-5.13.0-1026-raspi, linux-oem-20.04, linux-gcp-headers-5.13.0-1025, linux-cloud-tools-virtual-hwe-20.04, linux-headers-5.13.0-1022-kvm, linux-hwe-5.13-tools-host, linux-tools-virtual-hwe-20.04, linux-headers-5.13.0-1025-gcp, linux-modules-5.13.0-1026-raspi-nolpae, linux-tools-generic-lpae, linux-buildinfo-5.13.0-41-generic, linux-headers-generic, linux-image-lowlatency-hwe-20.04, linux-tools-generic, linux-tools-raspi, linux-buildinfo-5.13.0-41-lowlatency, linux-azure-tools-5.13.0-1023, linux-image-5.13.0-1026-raspi, linux-cloud-tools-virtual-hwe-20.04-edge, linux-headers-azure, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-headers-gcp-edge, linux-aws-edge, linux-hwe-5.13-tools-5.13.0-41, linux-image-virtual-hwe-20.04-edge, linux-modules-5.13.0-41-lowlatency, linux-headers-generic-64k, linux-tools-raspi-nolpae, linux-image-unsigned-5.13.0-41-lowlatency, linux-aws-5.13-tools-5.13.0-1023, linux-raspi-nolpae, linux-tools-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge, linux-modules-5.13.0-41-generic, linux-hwe-5.13-cloud-tools-5.13.0-41, linux-image-unsigned-5.13.0-41-generic-64k, linux-image-generic, linux-generic-lpae-hwe-20.04, linux-azure-5.13-headers-5.13.0-1023, linux-hwe-5.13-tools-common, linux-headers-virtual-hwe-20.04-edge, linux-raspi-tools-5.13.0-1026, linux-generic-lpae, linux-headers-oracle, linux-headers-5.13.0-41-generic, linux-hwe-5.13-headers-5.13.0-41, linux-modules-5.13.0-1026-raspi, linux-headers-5.13.0-1023-azure, linux-tools-5.13.0-41-generic-64k, linux-headers-gcp, linux-image-lowlatency, linux-modules-extra-gcp-edge, linux-buildinfo-5.13.0-1028-oracle, linux-modules-extra-aws-edge, linux-image-unsigned-5.13.0-1022-kvm, linux-tools-gcp-edge, linux-oracle-headers-5.13.0-1028, linux-buildinfo-5.13.0-1022-kvm, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-image-5.13.0-41-generic-64k, linux-image-unsigned-5.13.0-1025-gcp, linux-modules-extra-gcp, linux-tools-oem-20.04, linux-azure-5.13-tools-5.13.0-1023, linux, linux-modules-extra-5.13.0-1023-aws, linux-headers-generic-hwe-20.04, linux-headers-lowlatency, linux-cloud-tools-generic, linux-modules-extra-5.13.0-1026-raspi-nolpae, linux-aws-5.13-cloud-tools-5.13.0-1023, linux-image-unsigned-5.13.0-1023-azure, linux-image-unsigned-5.13.0-1028-oracle, linux-tools-5.13.0-1023-aws, linux-headers-generic-lpae, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-tools-azure-edge, linux-image-unsigned-5.13.0-1023-aws, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-5.13.0-1026-raspi-nolpae, linux-headers-5.13.0-41-generic-lpae, linux-image-5.13.0-41-lowlatency, linux-source-5.13.0, linux-tools-5.13.0-1025-gcp, linux-modules-extra-5.13.0-1023-azure, linux-libc-dev, linux-image-5.13.0-1023-aws, linux-oracle, linux-tools-aws, linux-buildinfo-5.13.0-1023-aws, linux-modules-extra-gke, linux-modules-5.13.0-1023-azure, linux-image-azure-edge, linux-headers-aws, linux-image-oem-20.04, linux-buildinfo-5.13.0-1026-raspi, linux-aws, linux-modules-5.13.0-1023-aws, linux-modules-5.13.0-1025-gcp, linux-headers-5.13.0-41-generic-64k, linux-image-virtual, linux-modules-extra-azure, linux-tools-5.13.0-1026-raspi, linux-image-gcp-edge, linux-hwe-5.13-cloud-tools-common, linux-headers-5.13.0-41 o USN-5418-1 : linux-hwe-cloud-tools-4.15.0-177, linux-signed-generic, linux-tools-gcp-lts-18.04, linux-image-virtual-hwe-16.04, linux-snapdragon-headers-4.15.0-1127, linux-modules-extra-4.15.0-177-generic, linux-hwe-tools-4.15.0-177, linux-cloud-tools-4.15.0-177-generic, linux-signed-image-lowlatency-hwe-16.04-edge, linux-tools-generic-hwe-16.04, linux-headers-4.15.0-177-generic, linux-buildinfo-4.15.0-1138-azure, linux-gcp-lts-18.04, linux-image-4.15.0-1042-dell300x, linux-signed-image-generic, linux-cloud-tools-lowlatency-hwe-16.04-edge, linux-image-gke, linux-headers-gke, linux-image-4.15.0-177-lowlatency, linux-image-4.15.0-1138-azure, linux-tools-virtual-hwe-16.04-edge, linux-snapdragon-tools-4.15.0-1127, linux-cloud-tools-common, linux-virtual-hwe-16.04, linux-tools-azure-lts-18.04, linux-dell300x-headers-4.15.0-1042, linux-cloud-tools-virtual-hwe-16.04, linux-azure-edge, linux-image-unsigned-4.15.0-1128-aws, linux-lowlatency, linux-modules-4.15.0-177-generic-lpae, linux-crashdump, linux-tools-common, linux-azure-4.15-cloud-tools-4.15.0-1138, linux-tools-4.15.0-1127-snapdragon, linux-modules-4.15.0-1114-kvm, linux-buildinfo-4.15.0-1128-aws, linux-modules-extra-azure-lts-18.04, linux-headers-gcp-lts-18.04, linux-signed-azure-lts-18.04, linux-signed-image-lowlatency, linux-tools-virtual, linux-image-4.15.0-177-generic, linux-signed-azure-edge, linux-gcp-headers-4.15.0-1122, linux-azure-headers-4.15.0-1138, linux-headers-4.15.0-1042-dell300x, linux-image-4.15.0-177-generic-lpae, linux-generic-lpae-hwe-16.04, linux-image-aws-hwe, linux-image-generic-lpae-hwe-16.04, linux-signed-generic-hwe-16.04, linux-signed-oem, linux-gcp-4.15-headers-4.15.0-1122, linux-headers-azure-edge, linux-azure-4.15-headers-4.15.0-1138, linux-kvm-headers-4.15.0-1114, linux-cloud-tools-lowlatency, linux-modules-extra-aws-hwe, linux-tools-virtual-hwe-16.04, linux-azure-4.15-tools-4.15.0-1138, linux-kvm, linux-headers-generic-hwe-16.04, linux-image-azure-lts-18.04, linux-tools-aws-hwe, linux-gke, linux-image-gcp-lts-18.04, linux-oem, linux-aws-tools-4.15.0-1128, linux-azure-lts-18.04, linux-tools-4.15.0-1093-oracle, linux-virtual, linux-tools-lowlatency, linux-headers-kvm, linux-image-generic-hwe-16.04, linux-headers-virtual, linux-image-lowlatency-hwe-16.04-edge, linux-image-gcp, linux-oracle-tools-4.15.0-1093, linux-cloud-tools-4.15.0-177, linux-azure-tools-4.15.0-1138, linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-oem, linux-modules-extra-4.15.0-1122-gcp, linux-image-kvm, linux-buildinfo-4.15.0-1114-kvm, linux-buildinfo-4.15.0-1042-dell300x, linux-cloud-tools-virtual, linux-image-generic-lpae, linux-modules-extra-azure-edge, linux-tools-gke, linux-generic-hwe-16.04-edge, linux-azure-cloud-tools-4.15.0-1138, linux-source, linux-tools-gcp, linux-generic, linux-cloud-tools-azure-lts-18.04, linux-image-4.15.0-1128-aws, linux-tools-oracle, linux-aws-lts-18.04, linux-buildinfo-4.15.0-1093-oracle, linux-modules-extra-aws-lts-18.04, linux-image-aws-lts-18.04, linux-modules-4.15.0-1042-dell300x, linux-headers-lowlatency-hwe-16.04, linux-signed-image-oracle-lts-18.04, linux-image-oracle, linux-signed-oracle, linux-headers-4.15.0-1093-oracle, linux-modules-4.15.0-1122-gcp, linux-headers-oracle-lts-18.04, linux-tools-lowlatency-hwe-16.04-edge, linux-cloud-tools-generic-hwe-16.04, linux-doc, linux-lowlatency-hwe-16.04, linux-tools-azure, linux-gcp-tools-4.15.0-1122, linux-headers-virtual-hwe-16.04-edge, linux-kvm-tools-4.15.0-1114, linux-tools-dell300x, linux-tools-4.15.0-177-generic, linux-signed-image-azure, linux-image-azure, linux-azure, linux-tools-kvm, linux-tools-generic-lpae-hwe-16.04-edge, linux-headers-lowlatency-hwe-16.04-edge, linux-buildinfo-4.15.0-1122-gcp, linux-image-unsigned-4.15.0-177-lowlatency, linux-signed-lowlatency-hwe-16.04, linux-image-unsigned-4.15.0-1138-azure, linux-headers-azure-lts-18.04, linux-buildinfo-4.15.0-177-lowlatency, linux-modules-4.15.0-1127-snapdragon, linux-headers-generic-hwe-16.04-edge, linux-image-4.15.0-1127-snapdragon, linux-image-unsigned-4.15.0-1042-dell300x, linux-tools-4.15.0-1114-kvm, linux-generic-lpae-hwe-16.04-edge, linux-image-extra-virtual, linux-image-oem, linux-image-unsigned-4.15.0-177-generic, linux-modules-4.15.0-177-generic, linux-modules-extra-4.15.0-1138-azure, linux-snapdragon, linux-tools-4.15.0-1128-aws, linux-tools-aws-lts-18.04, linux-headers-dell300x, linux-signed-image-lowlatency-hwe-16.04, linux-gcp-4.15, linux-headers-generic-lpae-hwe-16.04-edge, linux-tools-host, linux-gcp-4.15-tools-4.15.0-1122, linux-modules-extra-gcp-lts-18.04, linux-headers-4.15.0-1128-aws, linux-aws-headers-4.15.0-1128, linux-signed-image-azure-lts-18.04, linux-tools-4.15.0-177, linux-buildinfo-4.15.0-1127-snapdragon, linux-tools-snapdragon, linux-tools-generic-lpae-hwe-16.04, linux-cloud-tools-generic-hwe-16.04-edge, linux-image-lowlatency-hwe-16.04, linux-image-unsigned-4.15.0-1093-oracle, linux-aws-cloud-tools-4.15.0-1128, linux-cloud-tools-4.15.0-1128-aws, linux-headers-generic, linux-tools-generic-lpae, linux-signed-image-oem, linux-tools-generic, linux-tools-4.15.0-1042-dell300x, linux-modules-4.15.0-177-lowlatency, linux-signed-image-generic-hwe-16.04, linux-headers-4.15.0-1138-azure, linux-buildinfo-4.15.0-177-generic-lpae, linux-tools-lowlatency-hwe-16.04, linux-headers-azure, linux-image-snapdragon, linux-cloud-tools-azure, linux-cloud-tools-azure-edge, linux-gcp, linux-headers-4.15.0-177-generic-lpae, linux-aws-edge, linux-image-4.15.0-1128-aws-hwe, linux-signed-azure, linux-source-4.15.0, linux-tools-generic-hwe-16.04-edge, linux-oracle-lts-18.04, linux-headers-4.15.0-1127-snapdragon, linux-headers-4.15.0-1122-gcp, linux-generic-hwe-16.04, linux-image-virtual-hwe-16.04-edge, linux-signed-image-generic-hwe-16.04-edge, linux-image-generic-lpae-hwe-16.04-edge, linux-image-unsigned-4.15.0-1122-gcp, linux-modules-extra-4.15.0-1128-aws, linux-image-generic, linux-signed-oracle-lts-18.04, linux-image-4.15.0-1093-oracle, linux-tools-oracle-lts-18.04, linux-aws-hwe-tools-4.15.0-1128, linux-generic-lpae, linux-headers-aws-lts-18.04, linux-dell300x, linux-headers-oracle, linux-modules-4.15.0-1128-aws, linux-dell300x-tools-4.15.0-1042, linux-virtual-hwe-16.04-edge, linux-headers-gcp, linux-image-lowlatency, linux-modules-4.15.0-1093-oracle, linux-signed-image-azure-edge, linux-image-dell300x, linux-image-generic-hwe-16.04-edge, linux-aws-hwe-cloud-tools-4.15.0-1128, linux-oracle-headers-4.15.0-1093, linux-image-extra-virtual-hwe-16.04, linux-image-4.15.0-1114-kvm, linux-modules-extra-gcp, linux, linux-signed-image-oracle, linux-headers-generic-lpae-hwe-16.04, linux-headers-lowlatency, linux-headers-snapdragon, linux-cloud-tools-generic, linux-signed-generic-hwe-16.04-edge, linux-signed-lowlatency, linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-generic-lpae, linux-modules-4.15.0-1138-azure, linux-tools-oem, linux-modules-extra-4.15.0-1093-oracle, linux-tools-azure-edge, linux-azure-4.15, linux-headers-4.15.0-1114-kvm, linux-aws-hwe, linux-headers-4.15.0-177, linux-libc-dev, linux-headers-4.15.0-177-lowlatency, linux-headers-aws-hwe, linux-hwe, linux-lowlatency-hwe-16.04-edge, linux-oracle, linux-signed-lowlatency-hwe-16.04-edge, linux-tools-4.15.0-1138-azure, linux-headers-virtual-hwe-16.04, linux-modules-extra-gke, linux-image-azure-edge, linux-buildinfo-4.15.0-177-generic, linux-cloud-tools-4.15.0-1138-azure, linux-aws, linux-image-extra-virtual-hwe-16.04-edge, linux-tools-4.15.0-177-generic-lpae, linux-image-oracle-lts-18.04, linux-image-4.15.0-1122-gcp, linux-image-virtual, linux-modules-extra-azure, linux-tools-4.15.0-177-lowlatency, linux-tools-4.15.0-1122-gcp, linux-cloud-tools-4.15.0-177-lowlatency o USN-5416-1 : linux-image-5.14.0-1036-oem, linux-tools-5.14.0-1036-oem, linux-oem-5.14-headers-5.14.0-1036, linux-buildinfo-5.14.0-1036-oem, linux-headers-oem-20.04d, linux-tools-oem-20.04, linux-oem-20.04d, linux-oem-5.14-tools-host, linux-image-oem-20.04b, linux-modules-5.14.0-1036-oem, linux-image-oem-20.04c, linux-oem-20.04c, linux-tools-oem-20.04d, linux-oem-20.04, linux-image-oem-20.04d, linux-oem-20.04b, linux-tools-oem-20.04b, linux-headers-oem-20.04b, linux-oem-5.14, linux-image-unsigned-5.14.0-1036-oem, linux-image-oem-20.04, linux-oem-5.14-tools-5.14.0-1036, linux-headers-5.14.0-1036-oem, linux-headers-oem-20.04, linux-tools-oem-20.04c, linux-headers-oem-20.04c o USN-5265-1 : linux-modules-5.11.0-1028-aws, linux-buildinfo-5.13.0-28-generic-lpae, linux-modules-extra-5.11.0-1028-aws, linux-raspi-tools-5.13.0-1016, linux-headers-5.13.0-1013-gcp, linux-oracle-5.11, linux-image-5.11.0-1028-azure, linux-modules-5.13.0-1011-kvm, linux-image-lowlatency-hwe-20.04-edge, linux-image-generic-lpae-hwe-20.04-edge, linux-image-gke, linux-headers-gke, linux-image-generic-64k, linux-cloud-tools-common, linux-image-generic-64k-hwe-20.04-edge, linux-image-raspi-nolpae, linux-buildinfo-5.13.0-1013-gcp, linux-lowlatency, linux-oem-20.04c, linux-cloud-tools-5.13.0-28-lowlatency, linux-cloud-tools-generic-hwe-20.04, linux-headers-generic-lpae-hwe-20.04, linux-crashdump, linux-virtual-hwe-20.04, linux-tools-common, linux-modules-extra-5.13.0-1016-raspi, linux-headers-5.13.0-1011-kvm, linux-buildinfo-5.13.0-1012-aws, linux-generic-64k, linux-image-raspi, linux-image-5.13.0-28-generic, linux-hwe-5.13-cloud-tools-5.13.0-28, linux-modules-5.11.0-1029-gcp, linux-tools-5.13.0-1011-kvm, linux-modules-extra-aws, linux-tools-5.13.0-1012-aws, linux-tools-virtual, linux-modules-extra-raspi, linux-aws-5.11-cloud-tools-5.11.0-1028, linux-modules-5.11.0-1028-azure, linux-tools-generic-64k-hwe-20.04, linux-cloud-tools-5.11.0-1028-azure, linux-headers-5.13.0-28-generic-64k, linux-hwe-5.13-headers-5.13.0-28, linux-modules-extra-raspi-nolpae, linux-cloud-tools-lowlatency, linux-tools-lowlatency-hwe-20.04-edge, linux-aws-5.11, linux-tools-aws-edge, linux-buildinfo-5.13.0-28-lowlatency, linux-cloud-tools-generic-hwe-20.04-edge, linux-headers-oem-20.04, linux-headers-raspi-nolpae, linux-headers-raspi, linux-kvm, linux-modules-5.13.0-28-lowlatency, linux-buildinfo-5.13.0-1016-raspi, linux-virtual-hwe-20.04-edge, linux-tools-5.13.0-28-generic, linux-image-generic-64k-hwe-20.04, linux-gke, linux-oracle-5.11-headers-5.11.0-1028, linux-cloud-tools-5.11.0-1028-aws, linux-cloud-tools-5.13.0-28-generic, linux-buildinfo-5.11.0-1028-azure, linux-oem-5.13-tools-5.13.0-1029, linux-aws-5.11-tools-5.11.0-1028, linux-kvm-tools-5.13.0-1011, linux-virtual, linux-cloud-tools-lowlatency-hwe-20.04, linux-tools-generic-hwe-20.04, linux-tools-lowlatency, linux-headers-kvm, linux-image-unsigned-5.13.0-28-lowlatency, linux-headers-virtual, linux-image-generic-hwe-20.04-edge, linux-aws-tools-5.13.0-1012, linux-image-gcp, linux-modules-extra-5.13.0-1013-gcp, linux-tools-virtual-hwe-20.04-edge, linux-image-kvm, linux-headers-5.13.0-28-generic-lpae, linux-headers-lowlatency-hwe-20.04-edge, linux-image-generic-lpae, linux-cloud-tools-virtual, linux-lowlatency-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04, linux-image-oem-20.04c, linux-modules-5.13.0-1013-gcp, linux-modules-5.13.0-1016-raspi-nolpae, linux-tools-generic-64k-hwe-20.04-edge, linux-tools-gke, linux-modules-5.13.0-1016-raspi, linux-image-unsigned-5.11.0-1029-gcp, linux-source, linux-gcp-5.11-tools-5.11.0-1029, linux-tools-5.13.0-28, linux-aws-5.13-tools-5.13.0-1012, linux-headers-lowlatency-hwe-20.04, linux-headers-5.11.0-1028-oracle, linux-image-aws, linux-buildinfo-5.13.0-1029-oem, linux-headers-generic-hwe-20.04-edge, linux-headers-generic-64k-hwe-20.04-edge, linux-generic, linux-cloud-tools-5.13.0-1012-aws, linux-tools-gcp, linux-oracle-tools-5.13.0-1016, linux-hwe-5.13, linux-modules-5.13.0-1029-oem, linux-tools-oracle, linux-gcp-headers-5.13.0-1013, linux-headers-5.13.0-1016-raspi-nolpae, linux-image-5.13.0-1011-kvm, linux-azure-5.11, linux-image-5.13.0-1016-oracle, linux-image-unsigned-5.13.0-1016-oracle, linux-image-oracle, linux-headers-aws-edge, linux-image-generic-hwe-20.04, linux-azure-5.11-headers-5.11.0-1028, linux-image-5.11.0-1028-oracle, linux-image-5.13.0-1013-gcp, linux-image-generic-lpae-hwe-20.04, linux-doc, linux-tools-azure, linux-tools-generic-hwe-20.04-edge, linux-image-extra-virtual-hwe-20.04, linux-tools-lowlatency-hwe-20.04, linux-buildinfo-5.11.0-1028-aws, linux-generic-hwe-20.04, linux-tools-5.11.0-1028-aws, linux-modules-extra-5.11.0-1028-azure, linux-gcp-5.11, linux-image-azure, linux-azure, linux-tools-kvm, linux-oracle-5.11-tools-5.11.0-1028, linux-aws-5.13, linux-buildinfo-5.13.0-1011-kvm, linux-headers-generic-lpae-hwe-20.04-edge, linux-hwe-5.13-source-5.13.0, linux-image-virtual-hwe-20.04, linux-azure-5.11-cloud-tools-5.11.0-1028, linux-aws-5.13-headers-5.13.0-1012, linux-image-unsigned-5.11.0-1028-azure, linux-raspi, linux-tools-5.13.0-28-generic-64k, linux-tools-generic-lpae-hwe-20.04, linux-modules-5.13.0-28-generic-lpae, linux-image-unsigned-5.13.0-1011-kvm, linux-image-5.13.0-1016-raspi-nolpae, linux-gcp-5.11-headers-5.11.0-1029, linux-image-extra-virtual, linux-headers-virtual-hwe-20.04, linux-image-unsigned-5.11.0-1028-aws, linux-headers-5.13.0-28-generic, linux-image-extra-virtual-hwe-20.04-edge, linux-buildinfo-5.13.0-1016-raspi-nolpae, linux-image-5.11.0-1029-gcp, linux-headers-5.13.0-1012-aws, linux-tools-host, linux-image-aws-edge, linux-image-5.13.0-1012-aws, linux-oem-20.04, linux-cloud-tools-virtual-hwe-20.04, linux-buildinfo-5.11.0-1028-oracle, linux-gcp-tools-5.13.0-1013, linux-buildinfo-5.11.0-1029-gcp, linux-buildinfo-5.13.0-28-generic, linux-hwe-5.13-tools-host, linux-image-5.13.0-1029-oem, linux-image-unsigned-5.13.0-1029-oem, linux-modules-extra-5.13.0-1016-raspi-nolpae, linux-oem-5.13-headers-5.13.0-1029, linux-tools-virtual-hwe-20.04, linux-oem-5.13-tools-host, linux-tools-generic-lpae, linux-image-unsigned-5.13.0-1012-aws, linux-headers-generic, linux-buildinfo-5.13.0-28-generic-64k, linux-image-lowlatency-hwe-20.04, linux-aws-cloud-tools-5.13.0-1012, linux-tools-generic, linux-tools-raspi, linux-tools-5.13.0-28-lowlatency, linux-tools-5.11.0-1028-oracle, linux-cloud-tools-virtual-hwe-20.04-edge, linux-modules-5.13.0-1016-oracle, linux-modules-5.13.0-1012-aws, linux-aws-5.11-headers-5.11.0-1028, linux-headers-azure, linux-modules-extra-5.13.0-1016-oracle, linux-cloud-tools-azure, linux-gcp, linux-oracle-headers-5.13.0-1016, linux-aws-edge, linux-image-virtual-hwe-20.04-edge, linux-headers-generic-64k, linux-tools-raspi-nolpae, linux-headers-5.13.0-1016-oracle, linux-tools-5.11.0-1029-gcp, linux-raspi-headers-5.13.0-1016, linux-raspi-nolpae, linux-tools-generic-64k, linux-tools-generic-lpae-hwe-20.04-edge, linux-tools-oem-20.04c, linux-image-generic, linux-tools-5.13.0-1016-oracle, linux-generic-lpae-hwe-20.04, linux-hwe-5.13-tools-common, linux-headers-5.11.0-1028-azure, linux-tools-5.13.0-1016-raspi, linux-headers-virtual-hwe-20.04-edge, linux-oem-5.13, linux-generic-lpae, linux-headers-oracle, linux-headers-5.13.0-28, linux-headers-gcp, linux-image-lowlatency, linux-modules-extra-5.11.0-1029-gcp, linux-modules-5.13.0-28-generic, linux-modules-extra-aws-edge, linux-generic-hwe-20.04-edge, linux-generic-64k-hwe-20.04-edge, linux-generic-lpae-hwe-20.04-edge, linux-image-5.13.0-1016-raspi, linux-modules-extra-gcp, linux-tools-oem-20.04, linux, linux-azure-5.11-tools-5.11.0-1028, linux-headers-generic-hwe-20.04, linux-headers-lowlatency, linux-headers-5.11.0-1028-aws, linux-image-5.13.0-28-generic-lpae, linux-cloud-tools-generic, linux-cloud-tools-5.13.0-28, linux-modules-5.13.0-28-generic-64k, linux-image-unsigned-5.13.0-28-generic-64k, linux-aws-5.13-cloud-tools-5.13.0-1012, linux-tools-5.13.0-1029-oem, linux-buildinfo-5.13.0-1016-oracle, linux-headers-5.13.0-1029-oem, linux-headers-generic-lpae, linux-modules-extra-5.13.0-1012-aws, linux-generic-64k-hwe-20.04, linux-lowlatency-hwe-20.04, linux-hwe-5.13-tools-5.13.0-28, linux-cloud-tools-lowlatency-hwe-20.04-edge, linux-headers-5.13.0-1016-raspi, linux-modules-5.11.0-1028-oracle, linux-source-5.13.0, linux-image-unsigned-5.13.0-1013-gcp, linux-libc-dev, linux-tools-aws, linux-oracle, linux-aws-headers-5.13.0-1012, linux-image-5.13.0-28-generic-64k, linux-tools-5.13.0-28-generic-lpae, linux-modules-extra-gke, linux-headers-5.13.0-28-lowlatency, linux-headers-aws, linux-image-oem-20.04, linux-image-unsigned-5.11.0-1028-oracle, linux-headers-5.11.0-1029-gcp, linux-aws, linux-image-5.13.0-28-lowlatency, linux-kvm-headers-5.13.0-1011, linux-modules-extra-5.11.0-1028-oracle, linux-modules-extra-5.13.0-28-generic, linux-tools-5.11.0-1028-azure, linux-tools-5.13.0-1016-raspi-nolpae, linux-image-unsigned-5.13.0-28-generic, linux-image-virtual, linux-modules-extra-azure, linux-tools-5.13.0-1013-gcp, linux-headers-oem-20.04c, linux-hwe-5.13-cloud-tools-common o USN-5278-1 : linux-oem-20.04d, linux-oem-5.14-tools-host, linux-headers-5.14.0-1022-oem, linux-buildinfo-5.14.0-1022-oem, linux-oem-5.14-headers-5.14.0-1022, linux-tools-5.14.0-1022-oem, linux-image-unsigned-5.14.0-1022-oem, linux-modules-5.14.0-1022-oem, linux-tools-oem-20.04d, linux-oem-5.14-tools-5.14.0-1022, linux-headers-oem-20.04d, linux-image-5.14.0-1022-oem, linux-image-oem-20.04d, linux-oem-5.14 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LHckNZI30y1K9AQgcKhAAtbg5gL8W7JRGEMJdjoIl+sN1Z80Y8KnC T5GTSXEta8CQKvph9kRr0OoH7s2TfBkhZRNb7SGQdcXyCrtyl8lmRNJmoaTu/00F xXCTa5EK8kWGZs9/7Bv81gRMofH71Sw3rsZjg7rYO1pnFi4Z+kQEFYuixW4mEaUZ 7DFvNyJGiwj/Yftfk5KtgzKIhGD4qTrqhjcMuaKYBgpfZZy6D7doVetrZYpJsPyN 4Uv9HG/r4QLIBp0YBvTkIh52S9IE+75rYkNsWBsP+q+VPhV+B10biEjbDstrdQhu Bqu9q819asby3DVwup3Ys4pif49Ec4XH9Gk8Fme/6vqR8ZvwtcDO4lArA66T0ITp icTh20wTvKE3Z74luyZYnmyE3PVO3Sz8Qf6KRWPWAY9hrJu36VXLuHhfd4WZZzy5 Pex/OCfT7FZ+A22wrq3VReM61M4vMmjsMQ4rhX+c4CXmCSBfQO8DKmongLmyq24U hMGVk6UajFxuJMy/dZObMNsR5g/vDkEuyJgqtJLWPOm54V5+ixEz4l7wbSxoaQb4 uxc1zbf0kngKhYD/bxaBDrbi5IAAXKLFQJyK8bjC+mNgNoCFgzSZ9trIuSvSBvq/ PHiQeBTMUdoZ0Zc98OUHL7qMepUxOCNut/T7TpWKf6ej3S0LgOr0RXwHw/9v5eri PxyQDeOu4xY= =4Oq9 -----END PGP SIGNATURE-----
2022. május 13.

ESB-2022.2335 - [SUSE] clamav: CVSS (Max): 7.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2335 Security update for clamav 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: clamav Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-20796 CVE-2022-20792 CVE-2022-20785 CVE-2022-20771 CVE-2022-20770 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221644-1 Comment: CVSS (Max): 7.8 CVE-2022-20792 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for clamav ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1644-1 Rating: important References: #1199242 #1199244 #1199245 #1199246 #1199274 Cross-References: CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796 Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for clamav fixes the following issues: o CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser (bsc#1199242). o CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check (bsc#1199246). o CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser (bsc#1199244). o CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer (bsc#1199245). o CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module (bsc#1199274). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1644=1 o openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1644=1 o SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1644=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1644=1 Package List: o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): clamav-0.103.6-150000.3.38.1 clamav-debuginfo-0.103.6-150000.3.38.1 clamav-debugsource-0.103.6-150000.3.38.1 clamav-devel-0.103.6-150000.3.38.1 libclamav9-0.103.6-150000.3.38.1 libclamav9-debuginfo-0.103.6-150000.3.38.1 libfreshclam2-0.103.6-150000.3.38.1 libfreshclam2-debuginfo-0.103.6-150000.3.38.1 o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): clamav-0.103.6-150000.3.38.1 clamav-debuginfo-0.103.6-150000.3.38.1 clamav-debugsource-0.103.6-150000.3.38.1 clamav-devel-0.103.6-150000.3.38.1 libclamav9-0.103.6-150000.3.38.1 libclamav9-debuginfo-0.103.6-150000.3.38.1 libfreshclam2-0.103.6-150000.3.38.1 libfreshclam2-debuginfo-0.103.6-150000.3.38.1 o SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): clamav-0.103.6-150000.3.38.1 clamav-debuginfo-0.103.6-150000.3.38.1 clamav-debugsource-0.103.6-150000.3.38.1 clamav-devel-0.103.6-150000.3.38.1 libclamav9-0.103.6-150000.3.38.1 libclamav9-debuginfo-0.103.6-150000.3.38.1 libfreshclam2-0.103.6-150000.3.38.1 libfreshclam2-debuginfo-0.103.6-150000.3.38.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): clamav-0.103.6-150000.3.38.1 clamav-debuginfo-0.103.6-150000.3.38.1 clamav-debugsource-0.103.6-150000.3.38.1 clamav-devel-0.103.6-150000.3.38.1 libclamav9-0.103.6-150000.3.38.1 libclamav9-debuginfo-0.103.6-150000.3.38.1 libfreshclam2-0.103.6-150000.3.38.1 libfreshclam2-debuginfo-0.103.6-150000.3.38.1 References: o https://www.suse.com/security/cve/CVE-2022-20770.html o https://www.suse.com/security/cve/CVE-2022-20771.html o https://www.suse.com/security/cve/CVE-2022-20785.html o https://www.suse.com/security/cve/CVE-2022-20792.html o https://www.suse.com/security/cve/CVE-2022-20796.html o https://bugzilla.suse.com/1199242 o https://bugzilla.suse.com/1199244 o https://bugzilla.suse.com/1199245 o https://bugzilla.suse.com/1199246 o https://bugzilla.suse.com/1199274 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2LD8kNZI30y1K9AQjn4hAAgpFh0+qbFBC1F2DwL0WLX1v/kokfNvUs pkIG5PHzaFR9N28+pvLDjCV9W3Z6HjF/Nmkle4tiy79J56LQF1DypSxnN88MaIKQ FA+7N3GKh6nOcsvdq6meINrSjhP43YV51EvbCELC2LtcT87eIfYyzPJD4pVz/Yid /oH7k4csdu9XhNB9E8bDWmmkdFL9k8xvf9izSz5J39EBfVxC0+PwVyFz544MzSDK 5aPCOMSdd7XSKB+LRn+3nZ/N7ItSCig9GWIVaq39XtDAU5BnXZK7cn8dL0DUBSHT IdQD4iYzF+YQwBGORCfvMTRQt8En//FnZt7oxn+UQ/FzRw7toIQaWRWexNKo4Rfc cQUt4sVBigy40E3AwsnuO9pbUq/1saRCJ1qaaHm/RpBGXWbSCMajJQ/CiBfMnTkZ n4x2aoP28PgIC7gm4SGCcNU7St+N5yBBqhCJHnCd9v1HbKaz9U8pTkNBzqlNsRgL UFjs57EOdz0VyQobSc4w0lqVsjOsFCuI6ad9eBz0do6D/nST4Styppn9oVZPPgvx sfKyrRtgtrrY6LySP4eDVeeql/isKC10pmAKKzOkdDqbcDkRPDov7Qg3fELu7CV1 ZlzLCVQBLx7grm05jWWNWKyWm1IS1xT3eMBWMje2OfW2yzzDeEAT08f+rMwVeE70 1Y+hMzccAK8= =7AMH -----END PGP SIGNATURE-----
2022. május 13.

ESB-2022.1617.2 - UPDATE [Cisco] Cisco IOx Application Hosting Environment:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1617.2 Cisco IOx Application Hosting Environment Vulnerabilities 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOx Application Hosting Environment Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20727 CVE-2022-20726 CVE-2022-20725 CVE-2022-20724 CVE-2022-20723 CVE-2022-20722 CVE-2022-20721 CVE-2022-20720 CVE-2022-20719 CVE-2022-20718 CVE-2022-20677 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj Comment: CVSS (Max): 5.5 CVE-2022-20719 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N Revision History: May 13 2022: Removed individual product IDs from Fixed Software for Cisco IOS XE devices. Updated fixed release information for IR510 WPAN Industrial Router. April 14 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco IOx Application Hosting Environment Vulnerabilities Priority: Medium Advisory ID: cisco-sa-iox-yuXQ6hFj First Published: 2022 April 13 16:00 GMT Last Updated: 2022 May 12 15:50 GMT Version 1.1: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvx27640 CSCvy16608 CSCvy30903 CSCvy30957 CSCvy35913 CSCvy35914 CSCvy86583 CSCvy86598 CSCvy86602 CSCvy86603 CSCvy86604 CSCvy86608 CVE Names: CVE-2022-20677 CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20726 CVE-2022-20727 CWEs: CWE-22 CWE-250 CWE-77 Summary o Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj This advisory is part of the April 2022 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Affected Products o Vulnerable Products At the time of publication, one of more of these vulnerabilities affected the following Cisco products if they were running a vulnerable software release: 800 Series Industrial Integrated Services Routers (Industrial ISRs) 800 Series Integrated Services Routers (ISRs) 1000 Series Connected Grid Router (CGR1000) Compute Modules IC3000 Industrial Compute Gateways Industrial Ethernet (IE) 4000 Series Switches IOS XE-based devices configured with IOx IR510 WPAN Industrial Routers For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Cisco has confirmed that these vulnerabilities do not affect the following Cisco products: IOS XR Software Meraki products NX-OS Software Details o The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities. Details about the vulnerabilities are as follows: CVE-2022-20718: Cisco IOx Application Hosting Environment Parameter Injection Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute a parameter injection using the Cisco IOx API. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy35913 CVE ID: CVE-2022-20718 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20719: Cisco IOx Application Hosting Environment Parameter Injection Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute a parameter injection using the Cisco IOx API. This vulnerability is due to incomplete sanitization of parameters that are passed in as part of the IOx package descriptor. An attacker could exploit this vulnerability by crafting an IOx package descriptor file and then building and deploying an application in the Cisco IOx application hosting environment. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86583 CVE ID: CVE-2022-20719 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20720: Cisco IOx Application Hosting Environment Path Traversal Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read or write arbitrary data on the underlying host operating system. This vulnerability exists because a real path check is not performed on the requested data. An attacker could exploit this vulnerability by creating a symbolic link within the deployed application and requesting data using the API. A successful exploit could allow the attacker to read or execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy30957 CVE ID: CVE-2022-20720 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20723: Cisco IOx Application Hosting Environment Arbitrary Code Execution Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to execute arbitrary code on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary code as root on the underlying host operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86603 CVE ID: CVE-2022-20723 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20725: Cisco IOx Application Hosting Environment Cross-Site Scripting Vulnerability A vulnerability in the web-based Local Manager interface of the Cisco IOx application hosting environment could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based Local Manager interface of an affected device. The attacker must have valid Local Manager credentials. This vulnerability is due to insufficient validation of user-supplied input by the web-based Local Manager interface. An attacker could exploit this vulnerability by injecting malicious code into a system settings tab. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86608 CVE ID: CVE-2022-20725 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N CVE-2022-20724: Cisco IOx Application Hosting Environment User Impersonation Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to bypass authentication and impersonate another authenticated user session. This vulnerability is due to a race condition for allocation of the token. An attacker could exploit this vulnerability by constantly trying a call to the upload API, and if the calls occur at the same time as an authorized administrator deploying an application, the attacker may race the token and be given the ability to bypass authentication. A successful exploit could allow the attacker to bypass authentication. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86604 CVE ID: CVE-2022-20724 Security Impact Rating (SIR): Medium CVSS Base Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-20726: Cisco IOx Application Hosting Environment Denial of Service Vulnerability A vulnerability in the Cisco IOx application hosting environment of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Modules, and Cisco IC3000 Industrial Compute Gateways could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling of socket operations. An attacker could exploit this vulnerability by sending a sustained rate of crated TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvx27640 CVE ID: CVE-2022-20726 Security Impact Rating (SIR): Medium CVSS Base Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-20677: Cisco IOS XE Software Privilege Escalation Vulnerability A vulnerability in the Cisco IOx application hosting environment in Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges from privilege level 15 to root on an affected device. This vulnerability is due to incomplete file protection for the Cisco IOx application hosting environment. An attacker could exploit this vulnerability by modifying the file system with a crafted payload. A successful exploit could allow the attacker to execute arbitrary commands as root . Bug ID(s): CSCvy30903 CSCvy16608 CVE ID: CVE-2022-20677 Security Impact Rating (SIR): Medium CVSS Base Score: 5.1 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20727: Cisco IOx Application Hosting Environment Privilege Escalation A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper input validation when loading Cisco IOx applications. An attacker could exploit this vulnerability by modifying application content while a Cisco IOx application is loading. A successful exploit could allow the attacker to gain privileges equivalent to the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy35914 CVE ID: CVE-2022-20727 Security Impact Rating (SIR): Medium CVSS Base Score: 5.1 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N CVE-2022-20721: Cisco IOx Application Hosting Environment Arbitrary File Read Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability is due to insufficient path validation of command arguments within the Cisco IOx API. An attacker could exploit this vulnerability by sending a crafted command request using the API. A successful exploit could allow the attacker to read the contents of any file that is located on the host device filesystem. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86598 CVE ID: CVE-2022-20721 Security Impact Rating (SIR): Medium CVSS Base Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2022-20722: Cisco IOx Application Hosting Environment Path Traversal Vulnerability A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to read arbitrary files from the underlying host filesystem. This vulnerability is due to insufficient path validation of command arguments within the Cisco IOx API. An attacker could exploit this vulnerability by sending a crafted command request using the API. A successful exploit could allow the attacker to read the contents of any file that is located on the underlying host filesystem. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvy86602 CVE ID: CVE-2022-20722 Security Impact Rating (SIR): Medium CVSS Base Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Workarounds o There are no workarounds that address these vulnerabilities. However, there is a mitigation. Customers who do not want to use the Cisco IOx application hosting environment can disable IOx permanently on the device by using the no iox configuration command. While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Cisco Platform First Fixed Release 800 Series Industrial Cisco IOS Software Release 15.9(3)M5 and later. ISRs 800 Series ISRs Not fixed; IOx has reached end of life on Cisco 800 Series ISRs. CGR1000 Compute Modules IOx image for CGR1000 Compute Module 1.15.0.1 IC3000 Industrial Industrial Compute Gateway Software Release 1.4.1 Compute Gateways IE 4000 Series Switches Not fixed; IOx has reached end of life on the Cisco IE 4000 Series Switches. Cisco IOS XE Software releases: o 16.12(7) (All but CSCvy16608 are resolved in 16.12(6)) IOS XE-based devices o 17.3(5) configured with IOx o 17.6(2) o 17.7(1) and later For more information, see the Cisco IOS and IOS XE Software Checker section below. IR510 WPAN Industrial IR510 Operating System 6.5.9 Routers The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker to identify any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory ("First Fixed"). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified ("Combined First Fixed"). Customers can use the Cisco Software Checker to search advisories in the following ways: Choose the software and one or more releases Upload a .txt file that includes a list of specific releases Enter the output of the show version command After initiating a search, customers can customize the search to include all Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication. Customers can also use the following form to determine whether a release is affected by any Cisco Security Advisory by entering a Cisco IOS or IOS XE Software release-for example, 15.1(4)M2 or 3.13.8S : [ ] [Check] By default, the Cisco Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, customers can use the Cisco Software Checker on Cisco.com and check the Medium check box in the drop-down list under Impact Rating when customizing a search. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. Source o Cisco would like to thank Cyrille CHATRAS of Orange group for reporting the following vulnerabilities: CVE-2022-20718, CVE-2022-20719, CVE-2022-20720, CVE-2022-20721, CVE-2022-20722, CVE-2022-20723, CVE-2022-20724, CVE-2022-20725. CVE-2022-20718 and CVE-2022-20720: These vulnerabilities were also found during internal security testing by X.B. of the Cisco Advanced Security Initiatives Group (ASIG). CVE-2022-20677: This vulnerability was found during internal security testing by X.B. of the Cisco ASIG. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj Revision History o +---------+-----------------------------+----------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+-----------------------------+----------+--------+-------------+ | | Removed individual product | | | | | | IDs from Fixed Software for | | | | | 1.1 | Cisco IOS XE devices. | Fixed | Final | 2022-MAY-12 | | | Updated fixed release | Software | | | | | information for IR510 WPAN | | | | | | Industrial Router. | | | | +---------+-----------------------------+----------+--------+-------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +---------+-----------------------------+----------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2f4skNZI30y1K9AQiSPQ/+O+KgYk6NdiI2YI/QWJ/7xaiw5vG6zv7K L9uS/B60Mx7eVAASrJy31nZ95nMFRoYH60FUhIwKhMv/oIZFOuaazIQ21h52Tq8G sun6nwDi4RosHkkOCjN3mJvLLMqNgwCzZWNNwnf7cz1mTfcRNjPIrwlhixo3UXGj INwWd9YiZuRwq8/n4wiSUNzj4WMoOEuhzUMOzcLSf9X5mIXQrWofqpA+KZ037ZgJ MZmXoK5Y0WUTp/vNS3RvLex4SJYytc0T+3R6C3b6v+v8AiYEk2pZ59X0wW/YKMI/ gbLHXBgyYSN3rTkRXgEQgrwVAiQyRuM1R53tqtUslfK7bWdG832d/xhgvqv4wYaI MgUoQqDS0RkmClzQDdgt0Zo2fafkhHsWH5gcaCdLb8cqah7LfdvpbvcMIIugyqEW WdGTQV0glVVP694KP0Ncie69cHG7mGAR7FWjDXKUaqXkvy2/a+GlTEG12cEG3VEa zYPJpjRReHvaS5R4GP5c90O0HcsQKz6HcgwoPh8yjSlaI7wTC2UY+65OrzYi4t9+ 1hnnZx73bWN05GdfcYjQhiWc22z5p8Lu4plCf1uKmyCPuy0WaXR+FR++fZDfYqXF AXX1i7P6s9gbaODzyCCS0um4jv4dyTR2glUaTiaixnYwtG/5HfektJaTWvWykTj4 Ic9LlRDFRAM= =a8fD -----END PGP SIGNATURE-----
2022. május 13.

ESB-2022.1611.3 - UPDATE [Cisco] Cisco IOS XE Software:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1611.3 Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability 13 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOS XE Software Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20681 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5 Comment: CVSS (Max): 7.8 CVE-2022-20681 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Revision History: May 13 2022: Updated releases in Cisco Software Checker. April 29 2022: Vendor added to vulnerable products list April 14 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability Priority: High Advisory ID: cisco-sa-ewlc-priv-esc-ybvHKO5 First Published: 2022 April 13 16:00 GMT Last Updated: 2022 May 12 19:35 GMT Version 2.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvz37647 CVE Names: CVE-2022-20681 CWEs: CWE-266 Summary o May 12, 2022 Update: The information in the Cisco Software Checker was not complete when this advisory was first published. Customers should use the form in the Fixed Software section of this advisory to get the latest information about vulnerable releases and fixed releases. A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands with level 15 privileges on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5 This advisory is part of the April 2022 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Affected Products o Vulnerable Products This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches or Cisco Catalyst 9000 Family Wireless Controllers: Catalyst 9300 Series Switches Catalyst 9400 Series Switches Catalyst 9500 Series Switches Catalyst 9600 Series Switches Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches Catalyst 9800 Series Wireless Controllers Catalyst 9800-CL Wireless Controllers for Cloud Embedded Wireless Controllers on Catalyst Access Points For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco software: IOS Software IOS XR Software Meraki products NX-OS Software Wireless LAN Controller (WLC) AireOS Software Workarounds o There are no workarounds that address this vulnerability. Fixed Software o Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c /en/us/support/web/tsd-cisco-worldwide-contacts.html Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Cisco IOS and IOS XE Software To help customers determine their exposure to vulnerabilities in Cisco IOS and IOS XE Software, Cisco provides the Cisco Software Checker to identify any Cisco Security Advisories that impact a specific software release and the earliest release that fixes the vulnerabilities described in each advisory ("First Fixed"). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories identified ("Combined First Fixed"). Customers can use the Cisco Software Checker to search advisories in the following ways: Choose the software and one or more releases Upload a .txt file that includes a list of specific releases Enter the output of the show version command After initiating a search, customers can customize the search to include all Cisco Security Advisories, a specific advisory, or all advisories in the most recent bundled publication. Customers can also use the following form to determine whether a release is affected by any Cisco Security Advisory by entering a Cisco IOS or IOS XE Software release-for example, 15.1(4)M2 or 3.13.8S : [ ] [Check] By default, the Cisco Software Checker includes results only for vulnerabilities that have a Critical or High Security Impact Rating (SIR). To include results for Medium SIR vulnerabilities, customers can use the Cisco Software Checker on Cisco.com and check the Medium check box in the drop-down list under Impact Rating when customizing a search. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during the resolution of a Cisco TAC support case. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cisco Event Response: April 2022 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5 Revision History o +---------+----------------------------+-----------+--------+-------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+-----------+--------+-------------+ | | Updated releases in Cisco | Summary | | | | 2.0 | Software Checker. Note | and Fixed | Final | 2022-MAY-12 | | | about update added to | Software | | | | | Summary. | | | | +---------+----------------------------+-----------+--------+-------------+ | 1.1 | Updated vulnerable | Affected | Final | 2022-APR-27 | | | products list. | Products | | | +---------+----------------------------+-----------+--------+-------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-13 | +---------+----------------------------+-----------+--------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYn2fWckNZI30y1K9AQh5GxAApPgXfyrDWcK7R8mnHT+AsaOe2Fi+jExQ w0O2TpdcjQ4RhbF2XMiBQGcPqcbeRbw9lNUTDjLrLyvIBDLvwx6Zg/QN7D9RXyGJ R1QomiRYi5nBlX5F9ccnP3YRHBIZkhJByWrzcBUnkotSAP53bM0vzi4UPDGeivPU hYBX2UpXG6mhWvenZ1YIWdnxwfqL94aV3X+hV7lL4xkIbdv6t5o6IlRnPcSS7f3e NFqzTNK/luIpKmzK5NdrFOqIBPXAjXm736mPSdx9HM/e7x5kU8K65rqClDqcyqIs UuTfjJnOmReSdljZ9cuj8SmsCu5ys5z3nQ5X7Nst6ZXp16hjHQv+kc2mAVMmKglu ECmxvEYdI7stq1CfKdcN2Gxu9MYx1laeGjCdEbP+Wby+GKiQjZGH6MP3mlfqFRZV hI/wZlQxIMPTzISjjtCVPmHua9f7kSuzq7mEJh4F3Tlbp343A+DbZbYOB1P3oMIn JFf7iUQInene6NHPUYYw5Xoy4ZlZe34l7MMwX7vsOa7x2ErCyAVQJbfjeIP9dWeL 0Q2A4g9uJbF5bnD+LhYJCXCALUxY8AIOZcZ76yXoxfF7OBDm+vpNJIpakkhpqITs PzrAOy4OsCQWoy4eOP1boFNMH/Mqnuxl6O7A4FYQPUghW4tJH3vckSz8h84pQhkW c6fXSY2FQ9o= =nSk2 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2334 - [RedHat] subversion:1.10: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2334 subversion:1.10 security update 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: subversion:1.10 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-24070 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2222 Comment: CVSS (Max): 7.5 CVE-2022-24070 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: subversion:1.10 security update Advisory ID: RHSA-2022:2222-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2222 Issue date: 2022-05-11 CVE Names: CVE-2022-24070 ===================================================================== 1. Summary: An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: Subversion's mod_dav_svn is vulnerable to memory corruption (CVE-2022-24070) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol. 5. Bugs fixed (https://bugzilla.redhat.com/): 2074772 - CVE-2022-24070 subversion: Subversion's mod_dav_svn is vulnerable to memory corruption 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.4): Source: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.src.rpm subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.src.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.src.rpm aarch64: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm mod_dav_svn-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-devel-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-gnome-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-tools-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.aarch64.rpm noarch: subversion-javahl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.noarch.rpm ppc64le: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.ppc64le.rpm mod_dav_svn-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-devel-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-gnome-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-tools-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.ppc64le.rpm s390x: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm mod_dav_svn-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-devel-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-gnome-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-tools-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm x86_64: libserf-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm libserf-debuginfo-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm libserf-debugsource-1.3.9-9.module+el8.3.0+6671+2675c974.x86_64.rpm mod_dav_svn-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm mod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-devel-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-devel-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-gnome-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-gnome-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-libs-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-perl-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-tools-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.x86_64.rpm utf8proc-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-24070 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYnw2LdzjgjWX9erEAQh0LQ//VYhAswr3kcY5rS1KJlNONdzroKSAm4wD /KnMzPCtIud+nbmGtU/6uvCzPY4Sy9pRxVU5Yg5wfo1updSp/CrMrGpAPurj/jK2 ya6lBTPaS3aYqjp0sdSHzfRsWHjr2IzcJNBOod8RwJcPKZG3kgvBIRHTUjnUStYA eByv4SU+xTHh6fRKYQNHujNa+YouQFWYiOJjc9HSMb41C4qOFqFg2r+OnX99DWjh 0JG47HrKxpByom/ObjbG+JMRmwbztnWpzu8rzXgeBcmAXYrfbWA8Upy0m4VlDW8d Rg4T7G+xpgDDvEQ2/lpDZUxzJkfR0JFH5daoqlDefCs/rFIV/l+XZ0Jqr87KdteN EhG3dMuAYuHeBolulN7M0NyEm7b2SfEUItvVrbHxHPgOKZWptiDxCUTis8mUvixs Ah/zS+raa8HZI3nxnkb9vGleW1Tmgn25k5CjnrYnklG/f3QoQoF82Sc4ZbLyez63 llpULm7B7eLXJIK52MeUaDVGtoXxUzWWyTvDClqWOrekkHeNKa40yZsVHSFfOVGs YWPBbXKALC+D/FU1K2tJILcbeDEb0Iv6gGurI+/JZ/bCOJfrfgfONwe5Up2mlUiD z/R0d9zR4XdTuwVAlJIsctvT6tX7nQ5xDYVCFyq+36l1K6djsIfSLmaSzMF4dk6P eDZ2Z2o2EoA= =Dgv5 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxiB8kNZI30y1K9AQjkMhAAtIZS6Fc11O4AekliLaeNttvPT+cLYchS SeehmNPYZ7CcF3F8uIjbfQM9oplAPBXyjijOWL3PhrF3lyLnEcC5+hQqOYHQe28C cN7QqNhdCgMl9gQlklUDS0rzXMxPiTQwK8lhHczxneTeCl0QE83iM4x5AFjAwYy4 yfqjeY/p9M/aHdcZjHvsDcm3FC4Igm1541I7qfYdtxmfTBU+HxeVwsNCz87GpCHA pVIPUlwdaexIXIEw3CAcTdaxV1WrZns4r966UcRWq8h3WCJo4HPhqv8so564GraW B51aZMZeS4t4xm+lWvEjhz9RSzVwAfTu8670jlLZ0987LGo6lhi02z1TLKLb8pmQ iCQXUsquBKtbPVwSr7WCLYWmixcUjFFZkkliW8D4jlweXZcChwwASqqp8nGchdgI xIU2tgOpZFRoanJQ90NoOPFtsDz3skiFCrACc7YXuJQyif4OYucQLi85fPj9Rrd4 yslZYff+Oq82wNF8GtY/3jHpXUzQvtAckhwfMnlpm9RVbo32et3rhr+QvqPQkfR4 Jnv1U4mjGtS80Iv/T2i1SQzo9BCQVFM2PBnyxdPRhnCIZs2mVmG0cZDt10xH3Lyk ecwtIuONHwsmDBLKn3LwilqZpk5enWpwE5LIWhpaeUBDgUNbOahbtmhYqVPCygd8 pQ1NWIcwhJw= =fCAA -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2333 - [RedHat] .NET 5.0: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2333 .NET 5.0 security, bug fix, and enhancement update 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: .NET 5.0 Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-29145 CVE-2022-29117 CVE-2022-23267 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:2200 Comment: CVSS (Max): 7.5 CVE-2022-29145 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: .NET 5.0 security, bug fix, and enhancement update Advisory ID: RHSA-2022:2200-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2200 Issue date: 2022-05-11 CVE Names: CVE-2022-23267 CVE-2022-29117 CVE-2022-29145 ===================================================================== 1. Summary: An update for .NET 5.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - x86_64 Red Hat Enterprise Linux AppStream (v. 8) - x86_64 3. Description: .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core Runtime 5.0.17. Security Fix(es): * dotnet: excess memory allocation via HttpClient causes DoS (CVE-2022-23267) * dotnet: malicious content causes high CPU and memory usage (CVE-2022-29117) * dotnet: parsing HTML causes Denial of Service (CVE-2022-29145) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2083647 - CVE-2022-29117 dotnet: malicious content causes high CPU and memory usage 2083649 - CVE-2022-29145 dotnet: parsing HTML causes Denial of Service 2083650 - CVE-2022-23267 dotnet: excess memory allocation via HttpClient causes DoS 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: dotnet5.0-5.0.214-1.el8_6.src.rpm x86_64: aspnetcore-runtime-5.0-5.0.17-1.el8_6.x86_64.rpm aspnetcore-targeting-pack-5.0-5.0.17-1.el8_6.x86_64.rpm dotnet-apphost-pack-5.0-5.0.17-1.el8_6.x86_64.rpm dotnet-apphost-pack-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-hostfxr-5.0-5.0.17-1.el8_6.x86_64.rpm dotnet-hostfxr-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-runtime-5.0-5.0.17-1.el8_6.x86_64.rpm dotnet-runtime-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-sdk-5.0-5.0.214-1.el8_6.x86_64.rpm dotnet-sdk-5.0-debuginfo-5.0.214-1.el8_6.x86_64.rpm dotnet-targeting-pack-5.0-5.0.17-1.el8_6.x86_64.rpm dotnet-templates-5.0-5.0.214-1.el8_6.x86_64.rpm dotnet5.0-debuginfo-5.0.214-1.el8_6.x86_64.rpm dotnet5.0-debugsource-5.0.214-1.el8_6.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): x86_64: dotnet-apphost-pack-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-hostfxr-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-runtime-5.0-debuginfo-5.0.17-1.el8_6.x86_64.rpm dotnet-sdk-5.0-debuginfo-5.0.214-1.el8_6.x86_64.rpm dotnet-sdk-5.0-source-built-artifacts-5.0.214-1.el8_6.x86_64.rpm dotnet5.0-debuginfo-5.0.214-1.el8_6.x86_64.rpm dotnet5.0-debugsource-5.0.214-1.el8_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-23267 https://access.redhat.com/security/cve/CVE-2022-29117 https://access.redhat.com/security/cve/CVE-2022-29145 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYnxEwtzjgjWX9erEAQgisQ//Vwp7eOOEYNIzw+dNQ8fcpCTukfW1EL8J LB9L/HysLpB/XzdKoxcRKLiu4ZybKnlqrCfroVUw4Fsx+W57VP4hEUVSfpyhuEkw yxO6A9Ee6DUV+u/AKo3JvaLtWEOlA3BJNJGegRA9k/jw0D2BS0j83P835d3xDfJ5 Q2VbZXfT02S3R6Cp0lrhNlgae1uBBithLdw4Y5ziFMcN6xZMKnlHsP3kUtB6eyOH K5ApLhk0AgKcZYU4sysb1q0GnRA47k8uXUpVAr7yseXro2JEm057emV6/1CxUI4+ Dth9W7kcFG8shR2+z8BAdd2oB7IRBlBpMyE7oKyuBZ7fMCiz4S/YsCIBXrERZKyT b+2NrX883ilf9eBIq5HIQUS57C5M/RBbEfDTgpbNftfGYDMSMZlNf1WkJHCqbzgA jNfTtkNCtrvYWBd8yYWYLL2ICt9Ud/QWaREmrqLda5BYPNQKRAtwRcJyU6nfLPzx XBpajny/dGrJ8VYD+VuIju2ircpwY9kK2HaGz2myFhUfbW4hV2QE0WeDBby+U8I0 cDiPCOI7lZraKg5sSi5XdWAD8/k7Ill+FpVu4BNQj3/H/Rf4r8EWE2jDmmHRjA9L XLofyCYsj/p4x3/FPy6F4zwQqUXUhDwF1pg00ZMx9EoR164qPiM88ejjQ6MMAbdo RD3DED7KgFg= =Irx+ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxh/MkNZI30y1K9AQjbkg/+IajL2S50pYhAKwiep4egoEJ14PswXL4J kiGrg528CXSPYTEb1GSMVxmMyxr1wzB+VbpykRs+0i+YpprASElY6CB1Iy1mT+pD bueea0uukXzx14IVjHY+YjVJp9sl6GwFd4jKmSGOtJ1wBPISLBi7IElswZkYiIN/ s/wQfoBD9dzseaPEoXjJNZhVg5ZmlD3RKa8U+322HOicg7Cx2gN8FAHr4iuK4Acy OouKRegK10DLWtKvDvqvyOmpoe2slOBq8Ke4hk/i0tCFJdPSgmtltmHp32WPGhXH I9FF/EYdYrPZ+X2VbB9wApwnYGH0TLk9fRciMRn40SCE1/jxa2JFFL/PQAodrQ/+ kHY5q7xMMSiw3XBIRVXQcrb71OXEvVfM3gEhqJ83Yy1fqsqPBRSpP/3BlRzpZuIn bjKFIn8f/IarcKXuXj9bQ9iQDRIS2RTICSOFJToucn+I1vRJiYAfhsrayvJaZliK kOLioO4r1UenyBh+fuzVxBZmdURDA9X2Ad1h1v4qRXZtfnQcP/NqOZviQarHTVwd zT++5xlshEaTqzLjOfw3Yus9Dttv1eAPJqdJvB3GH0vZrDpqi0VclmHAeUVl9tBI /bsq/PjQuOE2FmPuyjLYSOfmRAaDMj9Uur8FlHEdrydYxwQnXAJOt4sMzKUH7SkN ZPeza7xLyos= =Qaa9 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2332 - [Win][UNIX/Linux] Google Chrome: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2332 Stable Channel Update for Desktop 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Publisher: Google Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2022-1641 CVE-2022-1640 CVE-2022-1639 CVE-2022-1638 CVE-2022-1637 CVE-2022-1636 CVE-2022-1635 CVE-2022-1634 CVE-2022-1633 Original Bulletin: https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- Stable Channel Update for Desktop Tuesday, May 10, 2022 The Stable channel has been updated to 101.0.4951.64 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed. This update includes 13 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$5000][1316990] High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18 [$3000][1314908] High CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani on 2022-04-09 [$3000][1319797] High CVE-2022-1635: Use after free in Permission Prompts. Reported by Anonymous on 2022-04-26 [$NA][1297283] High CVE-2022-1636: Use after free in Performance APIs. Reported by Seth Brenith, Microsoft on 2022-02-15 [$TBD][1311820] High CVE-2022-1637: Inappropriate implementation in Web Contents. Reported by Alesandro Ortiz on 2022-03-31 [$TBD][1316946] High CVE-2022-1638: Heap buffer overflow in V8 Internationalization. Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University on 2022-04-17 [$TBD][1317650] High CVE-2022-1639: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-19 [$TBD][1320592] High CVE-2022-1640: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-28 [$5000][1305068] Medium CVE-2022-1641: Use after free in Web UI Diagnostics. Reported by Rong Jian of VRI on 2022-03-10 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes: o [1323855] Various fixes from internal audits, fuzzing and other initiatives Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. Prudhvikumar Bommana Google Chrome - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxh78kNZI30y1K9AQhqWA/+PxSSPyX6qnm1XZZRUyQrcRrH01MNoV/d v1Tlv9Vm038RN7gBZJHccuLyqxqt3CVj8MH7b8k8PRkkhkbwC3gGqib1P18492Rz qrxRaGfldzLUz5ya8qonMdv/jcSf/s6G60KsH5w7gjCWzoFkEez4qKccZX1R6Q9n NVsX4VNHZwa7ojBAmou61ydEQEe6psaQ3s3NNGqA7YwkRvUWmIwe5Ggk4j76UxKq 8ULxIbZItT8D6rviosPsCfD3GFDuDXuVwzFeFcJ6yO4jnQml7oNUOtKgl9or6dpk u6x8bs5z9pJs8s48CsVnhrc1HJ4J/uu6tacXujNeSjVZoiRnttX0NePhHjRT0JVW M1Apzizihu3Z0y/sBQDzGV3Lvf/o9Gn25zfFf2r5OJPK8+yDiIRKYU1VddeZX7Gk IbaD3myNaMrnabUDb1FnNEjThjfNbLdRBAu+NfneCXyvnJe1054JZJvzqxuxb/lP oPq611GkicAkRri0EpMDC6OJoWlGfl/GU5nVuwxEGiJXPgF3eJEi1E/Q1ed+nLQQ fAw744wta9p4Q8DaAnPBLFLzx0c7G4hCBXU1Z4EFWWOFbSBdmi270p7TTC9pnrSc V+ksJdfEX4wQvUbD9FPKm0Yqg7xWSmtcDg21q25ZLjLPHHJtE9W0+GOf7Fhc5lkz DeYSRaLEfx0= =0RX8 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2331 - [Appliance] Cortex XSOAR: CVSS (Max): 4.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2331 CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cortex XSOAR Publisher: Palo Alto Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-0027 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-0027 Comment: CVSS (Max): 4.3 CVE-2022-0027 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) CVSS Source: Palo Alto Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-0027 CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports 047910 Severity 4.3 . MEDIUM Attack Vector NETWORK Scope UNCHANGED Attack Complexity LOW Confidentiality Impact LOW Privileges Required LOW Integrity Impact NONE User Interaction NONE Availability Impact NONE NVD JSON Published 2022-05-11 Updated 2022-05-11 Reference Discovered externally Description An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049. Product Status Versions Affected Unaffected Cortex XSOAR 6.6 < 6.6.0.2585049 >= 6.6.0.2585049 Cortex XSOAR 6.5 6.5.* Cortex XSOAR 6.2 6.2.* Cortex XSOAR 6.1 6.1.* Severity: MEDIUM CVSSv3.1 Base Score: 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue. Weakness Type CWE-285 Improper Authorization Solution This issue is fixed in Cortex XSOAR 6.6.0 build 6.6.0.2585049 and all later Cortex XSOAR versions. Workarounds and Mitigations There are no known workarounds for this issue. Acknowledgments Palo Alto Networks thanks Nelson M. of Black Lantern Security for discovering and reporting this issue. Timeline 2022-05-11 Initial publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxcpckNZI30y1K9AQh8OA//U2r+SpXEqOZhkRo5twqmPZaDz/sovdix eJJG+TNgFEetukQUDdxyLkLt2SNSlmT/VGvMOSSrYb6QHAk0evJ5p94HcoOhtjOj 5QX9yp0b6Oh+mQpUKvZ1HRqBsEstoSzdhpnDiHqlQT3S9uMZjX0O0o4TpIlxAasj zojzj+eGYywZtm/PXxc5R6y/ssuZ1h37dDXk/M7dSXvFmBL6klBGVOF2/h0rwE1M Eug+2DTj+phuexOfP0QGLGlPa9FcltxUIXNuy77kRgOMSkeBgv+luaqkjoj3aCjN saxz8XTxVzm297h8k9JQT1FqpAtBP8MCyxIGpwwy6hKxa0rNBd1xCrxmoHlrPT4E BRH6JfpRO+tsYDQzRnEep7hBs9KaQFYm/cQ1ZssdgspMgvTO4OGH5EB51FZnP/6T WOUXikeKUJ8CyGW1wb8Jone1o7ZnF64iLCBSwvRUhiF2RJ/7rZ1fcNCnSPTTStJH LoX3dSzFXpygT5jL00K4vv6tcXp41if3qPwoQw3Zkc3WZxx9HEuFZ+5AaImfTEXW jj9I5/HTLDGpllWHBtq29Nc5JZRSVJXIBETsxrw17nE3S7KMP/4dGhYifS3mPyFP Cvv/rqJW37L9WeAZrcUPWscwFDjzUpCpnNuXLRL/bLdkuXHFzYBKRu6jXnuhYbHp fidGVy2Pk00= =zSg3 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2330 - [Win] Cortex XDR Agent: CVSS (Max): 6.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2330 CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cortex XDR Agent Publisher: Palo Alto Networks Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-0026 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-0026 Comment: CVSS (Max): 6.7 CVE-2022-0026 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Palo Alto Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-0026 CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability 047910 Severity 6.7 . MEDIUM Attack Vector LOCAL Scope UNCHANGED Attack Complexity LOW Confidentiality Impact HIGH Privileges Required HIGH Integrity Impact HIGH User Interaction NONE Availability Impact HIGH NVD JSON Published 2022-05-11 Updated 2022-05-11 Reference CPATR-13696 and CPATR-13873 Discovered externally Description A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. Product Status Versions Affected Unaffected Cortex XDR Agent 7.5 7.5.* without CU-330 on 7.5.* with CU-330 on CE Windows Windows Cortex XDR Agent 7.7 7.7.* without CU-330 on 7.7.* with CU-330 on Windows Windows Cortex XDR Agent 7.6 7.6.* without CU-330 on 7.6.* with CU-330 on Windows Windows Cortex XDR Agent 7.5 7.5.* without CU-330 on 7.5.* with CU-330 on Windows Windows Cortex XDR Agent 7.4 7.4.* without CU-330 on 7.4.* with CU-330 on Windows Windows Cortex XDR Agent 6.1 6.1.* without CU-330 on 6.1.* with CU-330 on Windows Windows Severity: MEDIUM CVSSv3.1 Base Score: 6.7 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue. Weakness Type CWE-282 Improper Ownership Management Solution This issue is fixed in all Cortex XDR agent versions with content update 330 and later content update versions. Workarounds and Mitigations There are no known workarounds for this issue. Acknowledgments Palo Alto Networks thanks Xavier DANEST of Decathlon and Yasser Alhazmi for discovering and reporting this issue. Timeline 2022-05-11 Initial publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxcf8kNZI30y1K9AQhr2RAAjhT/UwCijBtX/MMg97y0wTw5ZDRJVahd lXsEwO8nYejZCkJFCuOtsmIVXhNTr2Euq3K5maSoZr8bTslSUL1861qaRuad8Yj8 WN/HQ66KN6MMh3So9CcIHUs+WjogSyajka6/L4czQsrdjhNr1MBdCGhttr3mlcjs B5528brKImHrNpcbe0rFsUXGpKvLE+JFGoeGQyIcMyIeY5h/Z5rn9Lk4JiIeEhbV qj/k3+R6b3clZu80GTvhTI0x/TiWQ984nPMeQRcbT8QkxhnEJYAc031D/DmqM5L/ H53HLwJHvS28FLirFa/qzQADkorRrQIY8d87dYSOZ4R7te2FngnQPJ898VAoipdR gyyjxdyq8NG+MowvzmkNf1hegjnLx4acdwI+wdHtEvjHwxIO7wTmoIhASLz7A+96 uz9/ABs3JJKCYJr1QmkkE8HX76WsHMvmo7w8f7lafQnZrOYWm1LuP8ZXJFot+K6v GuIguKbhWqRzazIqDfmrJdeZGHfQQPkXZvbJG1LWW+05Hg8guD2lR1xDt/WY0WZS wTl+gV4k41CAeZSk9PYuqPZDNCZaxRX7tT9/NWLyhxk0ZHqVHZZXAfqt9UseDzjl eESUgImn8RpsMC5+r0Rk6WBsYxyaA8Uqclivxo8m8pDjzQ4qvjMC9BWlsHClqAjy owiW3k29AQQ= =s3bG -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2329 - [Win] Cortex XDR Agent: CVSS (Max): 6.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2329 CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cortex XDR Agent Publisher: Palo Alto Networks Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-0025 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-0025 Comment: CVSS (Max): 6.7 CVE-2022-0025 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Palo Alto Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-0025 CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability 047910 Severity 6.7 . MEDIUM Attack Vector LOCAL Scope UNCHANGED Attack Complexity LOW Confidentiality Impact HIGH Privileges Required HIGH Integrity Impact HIGH User Interaction NONE Availability Impact HIGH NVD JSON Published 2022-05-11 Updated 2022-05-11 Reference CPATR-16696 Discovered externally Description A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent. Product Status Versions Affected Unaffected Cortex XDR Agent None all 7.5 CE Cortex XDR Agent < 7.7.1.62043 without CU-500 7.7.* with CU-500, >= 7.7 on Windows 7.7.1.62043 on Windows Cortex XDR Agent None all 7.6 Cortex XDR Agent None all 7.5 Cortex XDR Agent None all 7.4 Cortex XDR Agent None all 6.1 Cortex XDR Agent None all 5.0 Severity: MEDIUM CVSSv3.1 Base Score: 6.7 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue. Weakness Type CWE-427 Uncontrolled Search Path Element Solution This issue is fixed in Cortex XDR agent 7.7.0 with content update 500, Cortex XDR agent 7.7.1 build 7.7.1.62043, and all later Cortex XDR agent versions. Ensure that Cortex XDR agent is upgraded to Cortex XDR agent 7.7.1.62043 or a later build when upgrading Cortex XDR agent to Cortex XDR agent 7.7 to prevent exposure to this vulnerability during the upgrade process. Workarounds and Mitigations There are no known workarounds for this issue. Acknowledgments Palo Alto Networks thanks its customers and external security researchers for discovering and reporting this issue. Timeline 2022-05-11 Initial publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxcZ8kNZI30y1K9AQh89A//fCnk5gXSJVzsMv2tuQY79MMIW+cJtkdN n8RFm/fAQHrecXTUQHietC3CMfuFbRBqsWRDvHy5F67gSWyipWwdpJiDcY2qlmgj C6W5jEB/Ffr7H4OcU76AT+YyHGqMgRHZdal3ZrSZBbf+8hK6C3LT5+6P6SUxXdoV rmsMN/NJU8VOEl0ks1LSVaECQjyDk1IXKl99+r13Mjbx7hISmQOes6Z+tfy2zM5n s0gWF3sfPpJy+kztOCcC9aWMxracE5ASHhBmdttwwfxtHgLerrPT6K0r6jBacKLw WJlhW8F2QHxsKpgvKVbs60QJbWgNIZZnMkCYNcFhqKhaE0tOT5QGasx/s17Vb9FE LKeooMdwWO0HgeLfM76Lm+KCQNSydKbhya2VtLLJpgGHSrKik+3TJKPdNDp4uNMW NIoeRBZ6ies5Z4MgNd3V6aO7vP0N21sdHbDozwjgafCW0kMN7wnUJ+PWWTDuWRom gVTzqc1Q+c2rNaL3WKOXXDhsh7n9o6fZmDUiqLU68xpOjg9Lu+7cdFGAJ8GdQcrX AMbYQnKXP2kmi5hsjV/syIbb0hmvUFPrzhgoJRsPToWOPSuAZgnRdxUMSW6JEXKC 6lnskP/u1nKkNldiQD5mp2+ncc+L7FRkeZbS4hyox0AI5y7qTEzcrWVFNBoY027M gFi68Tg8Mek= =B7d9 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2328 - [Appliance] PAN-OS: CVSS (Max): 7.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2328 CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PAN-OS Publisher: Palo Alto Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-0024 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-0024 Comment: CVSS (Max): 7.2 CVE-2022-0024 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Palo Alto Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-0024 CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit 047910 Severity 7.2 . HIGH Attack Vector NETWORK Scope UNCHANGED Attack Complexity LOW Confidentiality Impact HIGH Privileges Required HIGH Integrity Impact HIGH User Interaction NONE Availability Impact HIGH NVD JSON Published 2022-05-11 Updated 2022-05-11 Reference PAN-177551 Discovered internally Description A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. Product Status Versions Affected Unaffected PAN-OS 10.2 None >= 10.2.0 PAN-OS 10.1 < 10.1.5 >= 10.1.5 PAN-OS 10.0 < 10.0.10 >= 10.0.10 PAN-OS 9.1 < 9.1.13 >= 9.1.13 PAN-OS 9.0 < 9.0.16 >= 9.0.16 PAN-OS 8.1 < 8.1.23 >= 8.1.23 Severity: HIGH CVSSv3.1 Base Score: 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue. Weakness Type CWE-138 Improper Neutralization of Special Elements Solution This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions. Workarounds and Mitigations This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices. Acknowledgments This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review. Timeline 2022-05-11 Initial publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxcRskNZI30y1K9AQhxmA//QUV2z6WezyaIWOkYNn9rnWBp13IQv228 5C858Qxahjcadg09npn63y11IXnJjztWKc0fDvFlL6eED5LgqdKReH/aN7aqixmn /X14NMMOSCWVZndm//79qWrogkfQ01EFFd6kzOqvaaXx8jz6e/mKITgarLWbok+a 7MhlYO74xaRlbGGjIX6hrD+huMOucCVWyEL97KOSlTDUuqPN+smbh72IjniCAPZH VDRj6+n6tRrOhRPknLXYPwG0kp/4ZDLABUlfjYc7dkG6FJKZ3kLxV3qd9D033Oyu I7evb9XVy1eTaDLDdhaLC9d1Fng4TUNagZC3ZGMuXOc6ukxI7JWA9zzbKKXbj7mF KWbGAf5NIr2kVCVYcha4cinrCW1FSMoH7DZDsfFc6DpC3EhGYO4FVpyI3NU/8hvF ChGn6ma8BiTgLX2a4B7J3m3Gedpoj5a/C88tcetLATRnaqfsWdFsxAL5VZi/FKH1 FmAd9w65XNjp4yJ3Z8fvzyEY7rodQd4FATlR7nNLMDkD+g2Dv9ljhSTGhGxE/HCP QnDP6X5UMqIznVx5eq9/aEO9hV8/EmxdSETqHR5DKUqR8SOsPMdt/P5scLNLkWjJ 4TE7ALjpH97NAhMnUckAFZVWxI+kczM6SWdTgpP73bs8LPMnD6he5CR0fzXR+55i oa9W2LABnKI= =dFGd -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2327.2 - UPDATE [Win][UNIX/Linux] Intel Processors: CVSS (Max): 6.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2327.2 3rd Generation Intel Xeon Scalable Processors Advisory 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33117 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html Comment: CVSS (Max): 6.5 CVE-2021-33117 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Revision History: May 12 2022: Vendor updated recommendations May 12 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00586 Advisory Category: Firmware Impact of vulnerability : Information Disclosure Severity rating : MEDIUM Original release: 05/10/2022 Last revised: 05/11/2022 Summary: A potential security vulnerability in some 3 ^ rd Generation Intel Xeon Scalable Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33117 Description: Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVSS Base Score: 6.5 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: +-----------------------------------------+----------+---------------+-------------+------------+ |Product Family |Processor |Vertical |CPU ID |Platform ID | | | |Segment | | | +-----------------------------------------+----------+---------------+-------------+------------+ |3 ^rd Generation Intel Xeon Scalable |06_6AH |Server |606AX |0x87 | |Processors | | | | | +-----------------------------------------+----------+---------------+-------------+------------+ Recommendations: Intel recommends that users of affected 3rd Generation Intel Xeon Scalable Processors update to the latest version firmware provided by the system manufacturer that addresses these issues. This CVE requires a Microcode Security Version Number (SVN) update. To address this vulnerability, an SGX TCB recovery is planned for Q2 2022. Refer to: https://www.intel.com/content/www/us/en/security-center/technical-details/ sgx-attestation-technical-details.html for more information on the SGX TCB recovery process. Acknowledgements: This issue was found internally by Intel employees. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release 1.1 05/11/2022 Updated recommendations - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxfMMkNZI30y1K9AQgjaxAAhSkomVSSi6zXLErteiSrgWsnS8HuTFRo eOnU3rFni/nC8Iw7HfvGE71l7Pq8PTb6i1SiROHPnzmjGXBdVt3yswB/6DCtMoyx xGGcYJKe1pYbQxTxRI3/9dlSnJt9oVOkjr7ZnWgatx4jnVEY4v59JddYYZHLdRKZ co3qA3W/xSRKuRcH9Rn5stsWxrPR8fehs6CPxKkckiPe5EtOUGX3fJQ93ZVhB7Fv pVpJc+XYFheJgxhPR+kExffdWG8RVYX/iFOi/V54WDmvW+lzhw3CSavlbScmiqX4 du8sZbnLFl9dmUCp2wUJemYVAzGMf9RIVE2Zk9+kfa1DZpODsJkgj6f3xhKJPo/r Oaee2r9NClDZkRzMKRCjWipAzvV/s8ai1+CDANXd+QttdcVFt4lxM6gWETbItCI6 ppE4f6ra6jp3H+E/HeeCpyTai3vqZOG/fzKFYTm3MizwhfqR0NHtpp5NYqWgIf1S npIReO3MTC5k9WAiVLF16QpwlszvlNjIT8Zr5MEtPzseTiLMRzWg5JEFjclgG7Th jckvfO70HNvo93AErcfiHOPciL4i5ShqmTnI5il9iAyAWFBBejYdkBZFmAIXVn96 /cwtXEa8dyKW19QubSusBHOv41CLZtCyp7R3FC8ssa2ZDzOLmDvkUCJuyj56iUBZ dC9eE0rrTeE= =EDcx -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2166.2 - UPDATE [Appliance] BIG-IP: CVSS (Max): 5.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2166.2 K82034427: BIG-IP FTP profile vulnerability CVE-2022-26130 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: BIG-IP Publisher: F5 Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-26130 Original Bulletin: https://support.f5.com/csp/article/K82034427 Comment: CVSS (Max): 5.3 CVE-2022-26130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSS Source: F5 Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Revision History: May 12 2022: Vendor updated the mitigations May 7 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- K82034427: BIG-IP FTP profile vulnerability CVE-2022-26130 Original Publication Date: 04 May, 2022 Latest Publication Date: 11 May, 2022 Security Advisory Description When an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. (CVE-2022-26130) Impact Traffic is disrupted for active FTP data channel connections. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system, specific to the impacted virtual server. There is no control plane exposure; this is a data plane issue only. Security Advisory Status F5 Product Development has assigned ID 951257 (BIG-IP) to this vulnerability. This issue has been classified as CWE-754: Improper Check for Unusual or Exceptional Conditions. To determine if your product and version have been evaluated for this vulnerability, refer to the Applies to (see versions) box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to K51812227: Understanding security advisory versioning. Note: After a fix is introduced for a given minor branch, that fix applies to all subsequent maintenance and point releases for that branch, and no additional fixes for that branch will be listed in the table. For example, when a fix is introduced in 14.1.2.3, the fix also applies to 14.1.2.4, and all later 14.1.x releases (14.1.3.x., 14.1.4.x). For more information, refer to K51812227: Understanding security advisory versioning. Additionally, software versions preceding those listed in the Applies to (see versions) box of this article have reached the End of Technical Support (EoTS) phase of their lifecycle and are no longer evaluated for security issues. For more information, refer to the Security hotfixes section of K4602: Overview of the F5 security vulnerability response policy. +-----------+------+-----------+----------+----------+------+-----------------+ | | |Versions |Fixes | |CVSSv3|Vulnerable | |Product |Branch|known to be|introduced|Severity |score^|component or | | | |vulnerable |in | |1 |feature | +-----------+------+-----------+----------+----------+------+-----------------+ | |17.x |None |17.0.0 | | | | | +------+-----------+----------+ | | | | |16.x |16.1.0 - |16.1.2.2 | | | | | | |16.1.2 | | | | | | +------+-----------+----------+ | | | | |15.x |15.1.0 - |15.1.5.1 | | | | | | |15.1.5 | | | | | | +------+-----------+----------+ | |Virtual Server | |BIG-IP (all|14.x |14.1.0 - |14.1.4.6 | | |with Active mode | |modules) | |14.1.4 | |Medium |5.3 |enabled FTP | | +------+-----------+----------+ | |profile | | |13.x |13.1.0 - |13.1.5 | | | | | | |13.1.4 | | | | | | +------+-----------+----------+ | | | | |12.x |None |Not | | | | | | | |applicable| | | | | +------+-----------+----------+ | | | | |11.x |None |Not | | | | | | | |applicable| | | | +-----------+------+-----------+----------+----------+------+-----------------+ | |8.x |None |Not | | | | |BIG-IQ | | |applicable|Not | | | |Centralized+------+-----------+----------+vulnerable|None |None | |Management |7.x |None |Not | | | | | | | |applicable| | | | +-----------+------+-----------+----------+----------+------+-----------------+ |F5OS-A |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +-----------+------+-----------+----------+----------+------+-----------------+ |F5OS-C |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +-----------+------+-----------+----------+----------+------+-----------------+ |Traffix SDC|5.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +-----------+------+-----------+----------+----------+------+-----------------+ ^1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by installing a version listed in the Fixes introduced in column. If the Fixes introduced in column does not list a version for your branch, then no update candidate currently exists for that branch and F5 recommends upgrading to a version with the fix (refer to the table). If the Fixes introduced in column lists a version prior to the one you are running, in the same branch, then your version should have the fix. Mitigation To mitigate this vulnerability, you can make modifications to the FTP profile. To do so, perform one of the following procedures: o Set the Data Port to 0 o Enable 'inherit-parent-profile' option in the FTP profile. o Disable the Allow Active Mode option to allow only passive FTP (BIG-IP 14.1.x - 16.1.x only) Set the Data Port to 0 Impact of action: None 1. Go to Local Traffic Management > Profiles > Services > FTP. 2. To create a custom FTP profile, select Create. 3. For Name, enter a name for this new FTP profile. 4. Under Settings, select the Custom box. 5. For Data Port, type 0. 6. To save the new custom FTP profile, select Finished. 7. Associate this FTP profile with your virtual server. Enable 'inherit-parent-profile' option in the FTP profile. Impact of action: Enabling Inherit Parent Profile allows the FTP data channel to inherit the TCP profile used by the control channel. When the setting is disabled (default setting), the data channel uses FastL4 only. Enabling Inherit Parent Profile and consequently not using FastL4 may cause a slight performance impact. 1. Go to Local Traffic Management > Profiles > Services > FTP. 2. To create a custom FTP profile, select Create. 3. For Name, enter a name for this new FTP profile. 4. Under Settings, select the Custom box. 5. Select the Inherit Parent Profile box. 6. To save the new custom FTP profile, select Finished. 7. Associate this FTP profile with your virtual server. Disable the Allow Active Mode option to allow only passive FTP (BIG-IP 14.1.x - 16.1.x only) Impact of action: Users will be able to connect to the FTP server using only passive FTP. 1. Go to Local Traffic Management > Profiles > Services > FTP. 2. To create a custom FTP profile, select Create. 3. For Name, enter a name for this new FTP profile. 4. Under Settings, select the Custom box. 5. To disable this feature, clear the Allow Active Mode box. 6. To save the new custom FTP profile, select Finished. 7. Associate this FTP profile with your virtual server. Acknowledgements This issue was discovered internally by F5. Supplemental Information o K41942608: Overview of security advisory articles o K4602: Overview of the F5 security vulnerability response policy o K4918: Overview of the F5 critical issue hotfix policy o K9502: BIG-IP hotfix and point release matrix o K13123: Managing BIG-IP product hotfixes (11.x - 17.x) o K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM systems (11.4.x and later) o K167: Downloading software and firmware from F5 o K9970: Subscribing to email notifications regarding F5 products o K9957: Creating a custom RSS feed to view new and updated documents - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxju8kNZI30y1K9AQh4Ww/+PdH79AZGQ3PpRb54zyh/Y+Gr6ZH1E4fR rJvOF1hHhGK76S/Qb+L9KavUS4me6If9kj7Vh+p65BUliyijvPZPLyxHEUymgtLZ i3u2/WT+Z8ODn3LKPD3HZLARI91VZe8DVoZ9jlfJ7KmkcdLeaaYBv+HDUWBr5MH2 jlW+tfuznb4baGpygFn+nQgElkOtjst9mz/EQkMgHeI9EFXcKu6zzu5imb9yBMrn dzU4YsN7B5HX0voAB0VytMzp47lBOpgy7x1sPoX9jquTkywisjrUcriy40P4JaHw O5ZZsBzneByxJhZOsVN+LWScafVb4Vyv/SIEdA7mY8MbqOmVasHHrJWpYlu3BdVO PFkbW07qS0kXn17JzBvX+hefcgnlqgVh0LssUMf3g19WccHdnKtu3s6Z3//ir3N9 0FJXBTzfjA+ehdK+GKDSiU3jLkxMU4dcmYUHRQyOTddZlaQWZuEj+EfhYIB6KDVL a9K/uk+bPEQi+yKO0BQoPE3zpg5BkMbheHR3amTK9UNoWWsGx5rwV7IfgQzv+vyG cFaiW+rqFOE8vd6Xue3ZPwV33M4SItVEdiYQPaCpgo1NvMvRXfSea5bQ3dLLk0wH eAmUUuIYpR+xI0x79kE2PZgQF6tljjeiQfpESOXyS3u2AeUOcQJq6ICMnTvdRbV3 7KwlSVnPtcY= =G7Np -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2050.2 - UPDATED ALERT [Appliance] F5 BIG-IP Products: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2050.2 K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: F5 BIG-IP (all modules) Publisher: F5 Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-1388 Original Bulletin: https://support.f5.com/csp/article/K23605346 Comment: CVSS (Max): 9.8 CVE-2022-1388 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: F5 Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Revision History: May 12 2022: Indicators of compromise added by vendor May 5 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 Original Publication Date: 04 May, 2022 Latest Publication Date: 10 May, 2022 Security Advisory Description Undisclosed requests may bypass iControl REST authentication. (CVE-2022-1388) Impact This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. Security Advisory Status F5 Product Development has assigned IDs 1033837, 1051561, and 1052837 (BIG-IP) to this vulnerability. This issue has been classified as CWE-306: Missing Authentication for Critical Function. To determine if your product and version have been evaluated for this vulnerability, refer to the Applies to (see versions) box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to K51812227: Understanding security advisory versioning. Note: After a fix is introduced for a given minor branch, that fix applies to all subsequent maintenance and point releases for that branch, and no additional fixes for that branch will be listed in the table. For example, when a fix is introduced in 14.1.2.3, the fix also applies to 14.1.2.4, and all later 14.1.x releases (14.1.3.x., 14.1.4.x). For more information, refer to K51812227: Understanding security advisory versioning. Additionally, software versions preceding those listed in the Applies to (see versions) box of this article have reached the End of Technical Support (EoTS) phase of their lifecycle and are no longer evaluated for security issues. For more information, refer to the Security hotfixes section of K4602: Overview of the F5 security vulnerability response policy. +------------+------+--------------+----------+----------+------+-------------+ | | |Versions known|Fixes | |CVSSv3|Vulnerable | |Product |Branch|to be |introduced|Severity |score^|component or | | | |vulnerable^1 |in^3 | |2 |feature | +------------+------+--------------+----------+----------+------+-------------+ | |17.x |None |17.0.0 | | | | | +------+--------------+----------+ | | | | |16.x |16.1.0 - |16.1.2.2 | | | | | | |16.1.2 | | | | | | +------+--------------+----------+ | | | | |15.x |15.1.0 - |15.1.5.1 | | | | | | |15.1.5 | | | | | | +------+--------------+----------+ | | | |BIG-IP (all |14.x |14.1.0 - |14.1.4.6 | | | | |modules) | |14.1.4 | |Critical |9.8 |iControl REST| | +------+--------------+----------+ | | | | |13.x |13.1.0 - |13.1.5 | | | | | | |13.1.4 | | | | | | +------+--------------+----------+ | | | | |12.x |12.1.0 - |Will not | | | | | | |12.1.6 |fix | | | | | +------+--------------+----------+ | | | | |11.x |11.6.1 - |Will not | | | | | | |11.6.5 |fix | | | | +------------+------+--------------+----------+----------+------+-------------+ | |8.x |None |Not | | | | |BIG-IQ | | |applicable|Not | | | |Centralized +------+--------------+----------+vulnerable|None |None | |Management |7.x |None |Not | | | | | | | |applicable| | | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-A |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-C |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ |Traffix SDC |5.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ ^1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle. ^2The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. ^3If your Public Cloud provider's marketplace does not have the Fixes introduced in images, you can upgrade your existing public cloud BIG-IP deployment via the traditional live install process. For information about upgrading or updating your BIG-IP deployment, refer to the BIG-IP update and upgrade guide. For cases where new images are required, you can create a custom image using the fixed version. For information about creating a custom image for Public Cloud, refer to K18908626: Creating Custom Images for Public Cloud. Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by installing a version listed in the Fixes introduced in column. If the Fixes introduced in column does not list a version for your branch, then no update candidate currently exists for that branch and F5 recommends upgrading to a version with the fix (refer to the table). If the Fixes introduced in column lists a version prior to the one you are running, in the same branch, then your version should have the fix. Mitigation Until it is possible to install a fixed version, you can use the following sections as temporary mitigations. These mitigations restrict access to iControl REST to only trusted networks or devices, thereby limiting the attack surface. o Block iControl REST access through the self IP address o Block iControl REST access through the management interface o Modify the BIG-IP httpd configuration Block iControl REST access through the self IP address You can block all access to the iControl REST interface of your BIG-IP system through self IP addresses. To do so, you can change the Port Lockdown setting to Allow None for each self IP address in the system. If you must open any ports, you should use the Allow Custom option, taking care to disallow access to iControl REST. By default, iControl REST listens on TCP port 443 or TCP port 8443 on single NIC BIG-IP VE instances. If you modified the default port, ensure that you disallow access to the alternate port you configured. Note: Performing this action prevents all access to the Configuration utility and iControl REST using the self IP address. These changes may also impact other services, including breaking high availability (HA) configurations. Before you make changes to the configuration of your self IP addresses, F5 strongly recommends that you refer to the following articles: o K17333: Overview of port lockdown behavior (12.x - 16.x) o K13092: Overview of securing access to the BIG-IP system o K31003634: The Configuration utility of the Single-NIC BIG-IP Virtual Edition now defaults to TCP port 8443 o K51358480: The single-NIC BIG-IP VE may erroneously revert to the default management httpd port after a configuration reload If you must expose port 443 on your self IP addresses and want to restrict access to specific IP ranges, you may consider using the packet filtering functionality built into the BIG-IP system. For more information, refer to the following article: o K13383: Configuring CIDR Network Addresses for the BIG-IP packet filter Block iControl REST access through the management interface To mitigate this vulnerability for affected F5 products, you should restrict management access only to trusted users and devices over a secure network. For more information about securing access to BIG-IP systems, refer to the following articles: o K13092: Overview of securing access to the BIG-IP system o K46122561: Restricting access to the management interface using network firewall rules o K69354049: Restricting access to the BIG-IP management interface for Configuration Utility and iControl REST services using iptables Note: Restricting access to the management interface by IP address in httpd is not a viable mitigation for this issue. Modify the BIG-IP httpd configuration In addition to blocking access through the self IP addresses and management interface, or as an alternative to blocking access if those options are not possible in your environment, you can modify the BIG-IP httpd configuration to mitigate this issue. o BIG-IP 14.1.0 and later o BIG-IP 14.0.0 and earlier BIG-IP 14.1.0 and later Impact of procedure: Performing the following procedure should not have a negative impact on your system. 1. Log in to the TMOS Shell (tmsh) of the BIG-IP system by entering the following command: tmsh 2. Open the httpd configuration for editing by entering the following command: edit /sys httpd all-properties 3. Locate the line that starts with include none and replace none with the following text: Note: If the current include statement already contains a configuration other than none, add the following configuration to the end of the current configuration, within the existing double-quotation mark characters ("). " RequestHeader set connection close RequestHeader set connection keep-alive RequestHeader set connection close " 4. After updating the include statement, use the ESC key to exit the editor interactive mode, then save changes by entering the following command: :wq 5. At the Save changes (y/n/e) prompt, select y to save the changes. 6. Save the BIG-IP configuration by entering the following command: save /sys config BIG-IP 14.0.0 and earlier Impact of procedure: Performing the following procedure should not have a negative impact on your system. 1. Log in to tmsh of the BIG-IP system by entering the following command: tmsh 2. Open the httpd configuration for editing by entering the following command: edit /sys httpd all-properties 3. Locate the line that starts with include none and replace none with the following text: Note: If the current include statement already contains a configuration other than none, add the following configuration to the end of the current configuration, within the existing double-quotation mark characters ("). "RequestHeader set connection close" 4. After updating the include statement, use the ESC key to exit the editor interactive mode, then save changes by entering the following command: :wq 5. At the Save changes (y/n/e) prompt, select y to save the changes. 6. Save the BIG-IP configuration by entering the following command: save /sys config Indicators of compromise Important: F5 last updated this section on May 9, 2022, at 8:00 AM Pacific Time. The information in this section is based on evidence that F5 has collected and believes to be reliable indicators of compromise. It's important to note that exploited systems may show different indicators, and a skilled attacker may be able to remove traces of their work. It's impossible to prove a device is not compromised; if you have any uncertainty, consider the device to be compromised. All versions o Use this comparison to determine the intent and potential impact of BIG-IP logs. For example, you may see the following entries in these logs: Entry in '/var/log/audit' May 00 00:00:00 hostname notice icrd_child[11111]: 11111111:5: AUDIT - pid= 11111 user=admin folder=/Common module=(tmos)# status=[Command OK] cmd_data =run util bash -c id Entry in '/var/log/restjavad-audit.0.log' [I][1111][00 May 0000 00:00:00 UTC][ForwarderPassThroughWorker] {"user":"local/admin","method":"POST","uri":"http://localhost:8100/mgmt/tm/ util/bash","status":200,"from":"nnn.nnn.nnn.nnn"} If the logs display any entries similar to these examples, this may indicate that a REST request from IP address nnn.nnn.nnn.nnn invokes command run util bash -c id. (in these log entries the id command is used only as an example). You must closely examine any /var/log/ restjavad-audit.*.log and /var/log/audit* entries and compare them to legitimate REST calls against the device. o Other indicators of compromise may include unexpected modifications to any files, configurations, or running processes. F5 has iHealth heuristics designed to detect the following: Unknown processes running (H511618) When the Configuration utility iControl REST interface has been exposed to the Internet through the management interface (H444724) When a self IP address has Port Lockdown set to Allow All (H458565) Additionally, refer to K11438344: Considerations and guidance when you suspect a security compromise on a BIG-IP system. Note: A lack of log entries or heuristic reports does not categorically indicate that a unit is not compromised. A skilled attacker can remove evidence of compromise, including log files, after successful exploitation. Acknowledgements This issue was discovered internally by F5. Supplemental Information o K41942608: Overview of security advisory articles o K4602: Overview of the F5 security vulnerability response policy o K4918: Overview of the F5 critical issue hotfix policy o K44525501: Overview of BIG-IP data and control planes o K8986: F5 software lifecycle policy o K9502: BIG-IP hotfix and point release matrix o K13123: Managing BIG-IP product hotfixes (11.x - 17.x) o K167: Downloading software and firmware from F5 o K9970: Subscribing to email notifications regarding F5 products o K9957: Creating a custom RSS feed to view new and updated documents - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxgPMkNZI30y1K9AQhqqg//TbkgzuVsvTypIjVQQW1+h+w7re20YKMZ jeVjQ2dxFA+vN7Z9NZ7dGFUenv9mcr7ySX5pMJa3I9gJKQZzbX6BuiSbjW0ybCQs VYyBpanWfIlXnzM8hyyTqJx4TralZSOqk6/qNaKDcd8oj+8XIU/o/XkuWInv8u5n bDllUAPOvADaCo451ZYNACe3jiURcw39NaY7JWQUioJwYXTnzZYd+PGeFh2tjMtB 9uTEUFZKIFHu75kCfobZJhM95bUA6QrJJJKtZ3gPNjXvcmP8TcwQmYpCymHSyk7H ACMVtbYYGO+yyEfs/sLp7ww3TifUYfcH0YqbiHhRSpbs5kN74rpCegLuHNGqkvV0 fIqb8q+OuMUMPvGSIkpSwXt7kbtDZl6f5NmK2FYcItVMOwyBDkkTD5VDIsBl3FGX O9PZd/Ap7Dr2JX5iJ7//V9DgHW0a+Pukyhfxc14aUlgjB8MMAkQoqwvpFGrDeZch wE02GihhAIPwgNLH8QdGdHmqEHs5sz2rYNwT9sqyhhq4LyWsivKkADDmMiX0sJAM l40dYgP7BY2+wPd1/3AZG8SE80/mQiNcGSVxxpRgMUtI/8CaG1uuGAQtpbj1UVrl fnXdyNSpOLH1oc+5Y4Ehs46JOi8cvCXnGPAt02XDvkPB3XLTazwzVl5zbNE7Dttc +CDdaMtkfwA= =+jtr -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.1373.7 - UPDATE [Appliance] Palo Alto PAN-OS, Cortex XDR Agent and GlobalProtect App: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.1373.7 CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PAN-OS Cortex XDR Agent GlobalProtect App Publisher: Palo Alto Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-0778 Original Bulletin: https://securityadvisories.paloaltonetworks.com/CVE-2022-0778 Revision History: May 12 2022: Cortex XDR agent fixes for Cortex XDR agent 6.1 and 7.5-CE are updated May 5 2022: Significant updates to vendor advisory April 8 2022: Vendor added fixed versions for PAN-OS April 1 2022: Fixed format April 1 2022: Fixed format April 1 2022: Added threat prevention signatures and additional product status March 31 2022: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Palo Alto Networks Security Advisories / CVE-2022-0778 CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 047910 Severity 7.5 . HIGH Attack Vector NETWORK Scope UNCHANGED Attack Complexity LOW Confidentiality Impact NONE Privileges Required NONE Integrity Impact NONE User Interaction NONE Availability Impact HIGH NVD JSON Published 2022-03-31 Updated 2022-05-11 Reference PAN-190175 and PAN-190223 Discovered externally Description The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products. This vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed. The Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/ S:U/C:N/I:N/A:H). We are working diligently on fixes to remove the vulnerable code from our GlobalProtect app software. All fixed versions of Cortex XDR agent and PAN-OS are now available. This issue impacts the following versions of PAN-OS: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h2; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5-h1; PAN-OS 10.2 versions earlier than PAN-OS 10.2.1. This issue impacts the following versions of GlobalProtect app: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.11 (ETA: month of May, 2022); GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.12 (ETA: month of May, 2022); GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.4 (ETA: month of May, 2022); GlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.1. This issue impacts the following versions and builds of Cortex XDR agent: Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux; All versions and builds of Cortex XDR agent 7.4; Cortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows; Cortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS; Cortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux Cortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows; Cortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS; Cortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux; Cortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows; Cortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS; Cortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 on Linux; Cortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows; Cortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS; Cortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux. This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s). Product Status Versions Affected Unaffected Cortex XDR < 7.7.0.60725 on Windows, < >= 7.7.0.60725 on Windows, >= Agent 7.7 7.7.0.2356 on macOS, < 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux 7.7.0.59559 on Linux Cortex XDR < 7.6.2.60545 on Windows, < >= 7.6.2.60545 on Windows, >= Agent 7.6 7.6.2.2311 on macOS, < 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux 7.6.2.59612 on Linux Cortex XDR < 7.5.100.60642 on Windows, < >= 7.5.100.60642 on Windows, >= Agent 7.5-CE 7.5.100.2276 on macOS, < 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux 7.5.100.59687 on Linux Cortex XDR < 7.5.3.60113 on Windows, < >= 7.5.3.60113 on Windows, >= Agent 7.5 7.5.3.2265 on macOS, < 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux 7.5.3.59465 on Linux Cortex XDR 7.4.* Agent 7.4 Cortex XDR < 6.1.9.61370 on Windows, < >= 6.1.9.61370 on Windows, >= Agent 6.1 6.1.7.1690 on macOS, < 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux 6.1.7.60245 on Linux Cortex XSOAR None all GlobalProtect < 6.0.1 >= 6.0.1 App 6.0 GlobalProtect < 5.3.4 >= 5.3.4 App 5.3 GlobalProtect < 5.2.12 >= 5.2.12 App 5.2 GlobalProtect < 5.1.11 >= 5.1.11 App 5.1 PAN-OS 10.2 < 10.2.1 >= 10.2.1 PAN-OS 10.1 < 10.1.5-h1 >= 10.1.5-h1 PAN-OS 10.0 < 10.0.10 >= 10.0.10 PAN-OS 9.1 < 9.1.13-h3 >= 9.1.13-h3 PAN-OS 9.0 < 9.0.16-h2 >= 9.0.16-h2 PAN-OS 8.1 < 8.1.23 >= 8.1.23 Prisma Access Preferred, Innovation 3.1 Prisma Access Preferred, Innovation 3.0 Prisma Access Preferred 2.2 Prisma Access Preferred, Innovation 2.1 Prisma Cloud None all Severity: HIGH CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products. Weakness Type CWE-834 Excessive Iteration Solution This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, PAN-OS 10.2.1, and all later PAN-OS versions. This issue is fixed in GlobalProtect app 6.0.1. We intend to fix this issue in the following GlobalProtect app releases: GlobalProtect app 5.1.11, GlobalProtect app 5.2.12, GlobalProtect app 5.3.4. These updates are expected to be available during the month of May, 2022. This issue is fixed in Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows, Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS, Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux, Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows, Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS, Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux, Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows, Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS, Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 hotfix on Linux, Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows, Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS, Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux, and all later versions and builds of Cortex XDR agent. Cortex XDR agent 7.4 is end-of-life on May 24, 2022 and is not expected to receive a fix for this issue. This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s). This advisory will be updated as more fixed version information becomes available for the GlobalProtect app releases. Workarounds and Mitigations Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits. Customers will need to upgrade their products to a fixed version to completely remove the risk of this issue. Frequently Asked Questions Q. When will fixes for PAN-OS be available? The fix for this issue is available in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, and PAN-OS 10.2.1 versions. All fixed versions of PAN-OS are now available. Q. Are Threat Prevention signatures available for this issue? Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits. Q. Where can I get the most up-to-date information on product fixes for this issue? This security advisory will be continually updated with the latest fixed version information for all listed Palo Alto Networks products. Q. What will happen to PAN-OS if this issue is encountered? If this issue is encountered in the firewall data plane or management plane, the impacted PAN-OS process will abort and generate crash related debug information. If this issue is encountered repeatedly, there will be a firewall reboot and can result in the denial-of-service to all PAN-OS services. Timeline 2022-05-11 Cortex XDR agent fixes for Cortex XDR agent 6.1 and 7.5-CE are now available. 2022-05-04 GlobalProtect app fixed version GlobalProtect app 6.0.1 is now available. 2022-04-30 Updated fix information for Cortex XDR agent. New fix ETA for Prisma Access customers. 2022-04-27 PAN-OS fixed version PAN-OS 8.1.23 is now available. 2022-04-22 Added new Cortex XDR agent fix ETAs. Updated ETA for PAN-OS 8.1.23 fix. 2022-04-20 Added new GlobalProtect app 5.3 fix ETA. 2022-04-19 PAN-OS fixed version PAN-OS 10.2.1 is now available. 2022-04-15 Added new GlobalProtect app fix ETAs. 2022-04-12 PAN-OS fixed version PAN-OS 10.0.10 is now available. 2022-04-12 PAN-OS fixed version PAN-OS 9.0.16-h2 is now available. 2022-04-07 PAN-OS fixed versions PAN-OS 9.1.13-h3 and PAN-OS 10.1.5-h1 are now available. 2022-04-06 Added new PAN-OS fix ETAs, available threat prevention signatures, and additional FAQ. 2022-03-31 Initial publication Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure Policy Report vulnerabilitiesManage subscriptions (C) 2020 Palo Alto Networks, Inc. All rights reserved. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxmKckNZI30y1K9AQj3jRAAs7d6JqaX+2dn9jbiua1/g5EJfm0Jm7z1 9Qq1GPaCIl0PGON2+XQcHXDu6P53NoEL+WOGqiz8XVV/toLSvy+rPM8/ugS6soQ2 +Jk53c8ufGBps0fXE7n/jylu2G1fGtyTCGhTrfr4fqjvYOtQNPO8MkS8P62Pkgh1 Vg2383RL58j3UDSuP1q1DaE95SDQsTpaQyoF6TN0ZaKZ5lkbSv9kWlZWh/cNz3yP gVFKus3N46djd6f86Hcck0uUCzBUawRuwKw0OGR/R0vBpshX787v+IwnGGEKUJFK ItfOfsUP86X8fSXMZph4z0+nPNx4ASU0uXWWkI5HM+KWokmdA0MsLBKh4IeLC+F5 CHN6xCoOdVcNutHztjcnridlGNKGUjDv3Ff4EEmo+lEsUUcMwO4T6hMw6L/LUJs8 AHLD93DjzYYkkQuu03KaGth8+w/J9ocp5mQRV99feZjlVjdTX6qZWLtG7R+SMAhw bXeB0h7uJrZLoGKKscpkl+dL5XvPJ1c+JNr7Og6ud23tF5dTUgo7dJI3rbx82s5q seWMu8UGjOLVsTBAwOMbvQoNqePoxpOfe5B0UKdfImKQG3jeCiP3K5lw+XmJ+4pr vzqVZb7IdKSH9EtEY3qdzWtLWo2kTyZ4w2gEwtALFBT6PHWz64Md0h89Rdu8L1qU 10v1umFpipY= =q37D -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2327 - [Win][UNIX/Linux] Intel Processors: CVSS (Max): 6.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2327 3rd Generation Intel Xeon Scalable Processors Advisory 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33117 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html Comment: CVSS (Max): 6.5 CVE-2021-33117 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00586 Advisory Category: Firmware Impact of vulnerability : Information Disclosure Severity rating : MEDIUM Original release: 05/10/2022 Last revised: 05/10/2022 Summary: A potential security vulnerability in some 3 ^ rd Generation Intel Xeon Scalable Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33117 Description: Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVSS Base Score: 6.5 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: +-----------------------------------------+----------+---------------+-------------+------------+ |Product Family |Processor |Vertical |CPU ID |Platform ID | | | |Segment | | | +-----------------------------------------+----------+---------------+-------------+------------+ |3 ^rd Generation Intel Xeon Scalable |06_6AH |Server |606AX |0x87 | |Processors | | | | | +-----------------------------------------+----------+---------------+-------------+------------+ Recommendations: Intel recommends updating affected 3 ^ rd Generation Intel Xeon Scalable Processors to BIOS version MR7 or later. Intel recommends the users to enable the technologies that are used for BIOS to detect early boot code unauthorized modification. Alternatively, Intel recommends following the steps to update the microcode patch located in platform flash designated by firmware interface table (FIT) entry type1. Details on the firmware interface table layout and types can be found at: https://software.intel.com/content/dam/develop/external/us/en/documents/ firmware-interface-table-bios-specification-r1p2p1.pdf Intel is releasing microcode updates, which are available at this GitHub* repository link: https://github.com/otcshare/Intel-Generic-Microcode/blob/main/NDA/repository/ server/production/m_87_606a6_0d000331.inc This CVE requires a Microcode Security Version Number (SVN) update. To address this vulnerability, an SGX TCB recovery is planned for Q2 2022. Refer to Intel SGX Attestation Technical Details for more information on the SGX TCB recovery process. Acknowledgements: This issue was found internally by Intel employees. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxbYMkNZI30y1K9AQiT5Q//RW6GCh6/23PUzHaCppZsEqnxCFZT8cAt 6VeoHb8Rl9MRyjxjPDlhBM8TscFg1v+xQxMkMPaXxUyU517hCb6+cuA+qZwDHhoW ri3VKt0flsagfHZPz3XJ6xHqQqlrWHbZQLhObKn7YpYLS2+2uQFx/1QeyaQly2LA zJtAYuuVzUKzLYoOxwFQc5q39t582iUVVfqw5nfv+cJZCoj/o4Jq1pbvtoNo+xqs /8Tw5rxqiBQnPKJO3alYwqwGe6Ma2PyH340aQxEiILecnrgXOksS/rJdujk9NsNY xjveO6QMjTpnysWqf31iNNHk6tNv9Q20RmVI+GL6GcttiIru5NwY8+qm1bAFZjjd d9DAcSuzbpVLRQ7TiJG87fT2DpKyCyLFjZt9AoVGb5u25BuUb/ofhiRJON/0xY99 F58J7dqIyFc9UmmsJbUCs1j3t/43jCi1f8EWdlbJzbfnNYAqWOaHZgJVHqysNpsf t4/RDgCcszKJD0Zl60bsQnRq+xa27rz9rzZqgQxqLm+8V5Wwc0V9ZhqdqiZyScuK 0mWXXmxhooSpHT9ztP5C2bknDzBKyPHY4ZLC9vqNR9AVEEoAjwIHruTYL9lSKZlr aoq0xAZ/UEZiCtT1GXYR3biHVNdSuBWFt78nNNbEvBjq1ty0UiUECNZ1tHho8Sbs 4MD3ozduUKE= =+b1w -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2326 - [Win][UNIX/Linux] Intel Processors: CVSS (Max): 4.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2326 Intel RealSense ID Solution F450 Advisory 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33130 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00595.html Comment: CVSS (Max): 4.8 CVE-2021-33130 (CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00595 Advisory Category: Firmware Impact of vulnerability : Escalation of Privilege Severity rating : MEDIUM Original release: 05/10/2022 Last revised: 05/10/2022 Summary: A potential security vulnerability in the Intel RealSense ID Solution F450 may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33130 Description: Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. CVSS Base Score: 4.8 Medium CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: Intel RealSense ID Solution F450 before version 2.6.0.74. Recommendations: Intel recommends updating the Intel RealSense ID Solution F450 to version 2.6.0.74 or later. Updates are available for download at this location: https://github.com/ IntelRealSense/RealSenseID/releases/tag/v0.17.1 Acknowledgements: The following issue was found internally by Intel employees. Intel would like to thank Julien Lenoir, Kristin Paget, Peter Bosch, John Whiteman, Nael Masalha and William Burton. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxbWskNZI30y1K9AQgPQg/9EYE13ScJ1vBHi8lzUKJwg3vJzbGnnAG4 z8Bajtnaj7GoltD2J68+RoPRG2FmbVf2uV071TRbuJWLQ2rJVOGgWpViExENacMA wLRUy6BFGoUEgi1C/t9iefvKMZZdChLUELmrxCWTqBoAqCMOZ/NKnXF1FDEN6qC2 XHc6Vtp2TD6WOCr1mw8d9SgT9bCzyn7gxpgX1BOKn4awwVThF8gmNXlEwTj00Kgc /VLbRQLpGZss9aXmeZFwPDvqzYGWwVTiuhdquTGCM2WP2rp83VltwcGM7wzNBYS0 4T9uL8/xt3cwfJKgB3K5ns8vICHaB/WWR8MtPpo7aqeVP2bkjsYiauTxl3dafI5T 0nnV8ugrPeysyfQ4LpVEiQChLJCqVhkBgw3HebapGrLWN/rXp+6ezSeFEMZfKK9z ActxRC14DGzWd5ILwtH+pLUqndGGxbaR2KYSyIlTRQ8BzbaPjXwL9mZg3Obsl7Wa hCZCKtCI+XMlqwHHuE6dskk6lyXzWfXa2rw2uZui74pVqu37HWxxJWvHfo99JkZM 7j5GqxoHGE/haRaffGiIwNTDCKIGlJOJcCkIefcUGrhglzmaB7nEGao0dcw06jB8 /z/5zGcSRaYR8TXpN4dmplE/juvhpxAjKkJmy468hBZyLuEgmno1cjml0MmnWz42 xhf6DJGQeqA= =Rt3X -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2325 - [Win][UNIX/Linux] Intel Processors: CVSS (Max): 3.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2325 Intel SGX Linux Kernel Drivers Advisory 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33135 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00603.html Comment: CVSS (Max): 3.2 CVE-2021-33135 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00603 Advisory Category: Software Impact of vulnerability : Denial of Service Severity rating : LOW Original release: 05/10/2022 Last revised: 05/10/2022 Summary: A potential security vulnerability in Intel SGX Linux kernel drivers may allow denial of service. Intel is working with the Linux kernel maintainers to create a mitigation. Vulnerability Details: CVEID: CVE-2021-33135 Description: Uncontrolled resource consumption in the Linux kernel drivers for Intel SGX may allow an authenticated user to potentially enable denial of service via local access. CVSS Base Score: 3.2 Low CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: Intel SGX Linux kernel driver from Intel version 2.14 and before. Linux kernel driver for Intel SGX from upstream/kernel.org. Recommendations: Intel SGX Linux kernel driver mitigation available for download at: https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/driver/ linux Linux community mitigation available for download at kernel.org. Acknowledgements: This issue was found internally by Intel employees. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxbU8kNZI30y1K9AQiwcw//QdU3Vnv+zj/0W4yFJvWc4rO3iaq3KfAC e6Y66eVF6dk6URzs7YLAJbvkjaoIAWtH3yIePE8t+kybSK2dzi0RvO+MDezapFp4 7KXGHwFHuqounZ3UbJCaBMSVvfZtjAVxMgwUmz0D8fLUowd/1zAcHag9tl2JiT2x XIqmaF+0KBmjWpjGXYAUJFvFODq8ZRyCO6R1g8w37KS6E+4P35zGlWFSQX2MsSc4 +DQmeZD4hpaVZi+fAoYn/sotHiZ7R/sM3h1xVKMYj3yNCY5HSXlbZFzd1cnYuVpw Asy87FP1O38Q5/oMdyEOj2rMX1sLvt/DhrgNRCyIw14IyXxf2gioqv28xks/cryl ec6ocImUV9MRcFstIrJRR24oYbPrfvbGbd0ouzgfnIKxXP//fFPLkviCR/AwQ2AW SniDcEqPalQVFL+DzM1Oi0b2AJqz78BznRjkZbK5wk9kTnO0YvULQLV5pqidDSei 7mWIUsdWaRhV91cnD3hGcbCqUvj7f2jHqd0spDcjldRDhKpAe6sM/imuI4170Ie3 I8baMARQyzMHRYLbyHOYdDDRyd+zsVGqMgooOGgAaRsnmboNxplpAkl+4Y+OPmwB 2Ig0p1XR81eiDwaxiI9WQuOkgmLbbYBYeYnpj/6OeO/RKAgX3JVUiSfxJ3/huwWl Er8NX3EvQQk= =Opf5 -----END PGP SIGNATURE-----
2022. május 12.

ESB-2022.2324 - [Win][UNIX/Linux] Intel Processors: CVSS (Max): 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2324 IPU - BIOS Advisory 12 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Intel Processors Publisher: Intel Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2021-33124 CVE-2021-33123 CVE-2021-33122 CVE-2021-33103 CVE-2021-0190 CVE-2021-0189 CVE-2021-0188 CVE-2021-0159 CVE-2021-0155 CVE-2021-0154 CVE-2021-0153 Original Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html Comment: CVSS (Max): 8.2 CVE-2021-0154 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) CVSS Source: Intel Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Intel ID: INTEL-SA-00601 Advisory Category: Firmware Impact of vulnerability : Escalation of Privilege Severity rating : HIGH Original release: 05/10/2022 Last revised: 05/10/2022 Summary: Potential security vulnerabilities in the BIOS firmware or BIOS authenticated code module for some Intel Processors may allow escalation of privilege or information disclosure. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-0154 Description: Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0153 Description: Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33123 Description: Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0190 Description: Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 8.2 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33122 Description: Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.9 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H CVEID: CVE-2021-0189 Description: Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33124 Description: Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-33103 Description: Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVEID: CVE-2021-0159 Description: Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 7.4 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L CVEID: CVE-2021-0188 Description: Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N CVEID: CVE-2021-0155 Description: Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. CVSS Base Score: 4.4 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Product Collection |Vertical Segment |CPU ID |Platform ID |CVE ID | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0159, | |2nd Generation Intel Xeon Scalable Processors |Server |50657 |BF |CVE-2021-0189, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Xeon Processor D Family |Server |50654 |B7 |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-33103, | |Rocket Lake Xeon |Server, Workstation |A0671 |02 |CVE-2021-33122, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0159, | |3rd Generation Intel Xeon Scalable Processor Family |Server |5065B |5065B |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Core Processors with Intel Hybrid Technology |Mobile |806A1 |10 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | |10th Generation Intel Core Processor Family |Mobile |706E5 |80 |CVE-2021-33122 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | |Intel Pentium Silver N6000 Processor Family, Intel Celeron N4000 |Client |906C0 |01 | | |and N5000 Processor Families | | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-33103, | |9 ^th Generation Intel Core Processor Family |Client |A0671 |02 |CVE-2021-33122, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | |A0653 |01 | | |10th Generation Intel Core Processors |Client | | | | | | |A0655 |22 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | | | |806EC |94 | | | | | | | | | | |A0652 |20 |CVE-2021-33103, | | | | | |CVE-2021-33122, | | | |A0653 |22 |CVE-2021-33123, | | | | | |CVE-2021-33124 | |10th Generation Intel Core Processors |Client |A0655 |01 | | | | | | | | | | |A0655 |22 | | | | | | | | | | |A0660 |80 | | | | | | | | | | |A0661 |80 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | |D0 | | |8th Generation Intel Core Processors |Mobile |806EB 806EC| | | | | | |94 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | | | |906EA, | | | | | | |02 | | |8th Generation Intel Core Processors |Mobile Desktop |906EB, | | | | | | |22 | | | | |906ED | |CVE-2021-33123, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33124 | | | |806E9, |C0 | | | | | | | | | | |806EA, |C0 | | | | | | | | |7th Generation Intel Core Processors |Client |906E9, |2A | | | | | | | | | | |806E9, |10 | | | | | | | | | | |806EC |94 | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Core X-series Processors |Desktop |906E9 |2A | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33123, | |Intel Xeon Processor W Family |Workstation |50654 |B7 |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+ | |Intel Xeon Processor W Family |Workstation |50657 |BF | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | |Server | | |CVE-2021-0154, | |Intel Xeon Processor E Family | |906E, 906ED|22 |CVE-2021-0189, | | |Workstation | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | |Server | | | | |Intel Xeon Processor E3 v6 Family | |906E9 |2A |CVE-2021-0154, | | |Workstation | | |CVE-2021-0188, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-0189, | | |Server | | |CVE-2021-33123, | |Intel Xeon Processor E3 v5 Family | |506E3 |36 |CVE-2021-33124 | | |Workstation | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0154, | | | | | |CVE-2021-0155, | |Intel Xeon Processor E7 v4 Family |Workstation |406F1 |EF |CVE-2021-0189, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ |Intel Xeon Processor D Family |Server |50665 |10 |CVE-2021-0154, | | | | | |CVE-2021-0155, | +-----------------------------------------------------------------+--------------------------+-----------+--------------+CVE-2021-33123, | |Intel Xeon Processor D Family |Server |50662 |10 |CVE-2021-33124 | | | | | | | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ | | | | |CVE-2021-0153, | |Intel Xeon Processor E5 v4 Family | | | |CVE-2021-0154, | | |Server |406F1 |EF |CVE-2021-0155, | |Intel Core X-series Processors | | | |CVE-2021-0190, | | | | | |CVE-2021-33123, | | | | | |CVE-2021-33124 | +-----------------------------------------------------------------+--------------------------+-----------+--------------+---------------------+ Recommendations: Intel recommends that users of listed Intel Processors update to the latest versions provided by the system manufacturer that addresses these issues. Acknowledgements: The following issues were found internally by Intel employees; CVE-2021-0153, CVE-2021-0154, CVE-2021-0155, CVE-2021-0159, CVE-2021-0188, CVE-2021-0189, CVE-2021-0190, CVE-2021-33103, and CVE-2021-33122. Intel would like to thank Jorge E. Gonzalez Diaz and Nicholas Armour. Intel would like to thank Hugo Magalhaes from Oracle (CVE-2021-33123, CVE-2021-33124) for reporting these issues. Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available. Revision History Revision Date Description 1.0 05/10/2022 Initial Release 1.1 05/11/2022 Removed incorrect CVE number - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYnxbR8kNZI30y1K9AQj3pg//T4/ZZa/p/RxR8rgpfZYeFmJoyhNyk9l3 yVm8iQUywHrQx3Rueqv2ohDz9+PWYvOWPp4MvJwpR0PPsGWegA1ZypVsM2lH90qd w3Y8Z0KQaIRhDtWAMYo5R9pO35TWKLfBCb5LdrH3ZzcYtzmtRWm7LGDqVoZH671E 1fYeCFSELShdaVN65XT7veTExg9pgQJCX+x/Fomtc36+2QqfByYfNugt9R6VEBnO XvmAYGdqm9UCIAHVEipmFWHBRbf2DJlwXvR5d2SNrtnUY3om7nxpGRvDGA0emGy3 JSEMF115TpjKN5fBkXvEyrtkVKvdaW2SIMJS0BYMx3QlBA2YMMJ1PzE2qZw/EeoK YwS+RBdUuDJGzx9labYp6MK8AWpXkEIqTAbusUSzP+xfR92XvZEZGxOMH2mwxZpm oHwVtMMMLi5T0quoK5q66rYoDWYzjwasYDpxlCxpxlYW/eXbYR4hDRdxWoZw/Uyr tDVc4GhDgzGr6cExSQ5cnqb8dNbD3RVr+Qneuug9IPwH0Hd5WNpGLjcgTCig2Sqc kI6zv9+go0wBFkwUgBeeAkH5123VCp5S8ao/lF4GwsKmWKbzL03ZA0o92G2diUii uJEOuYSASHcISPAJkUMm+C3cpDDBZaHIk559r4yw/WLcMYyyRdibVBEjqznpAkAZ 5yW/qLnVoQU= =adGP -----END PGP SIGNATURE-----