Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5485-1

Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Packet Storm
#vulnerability#web#google#microsoft#amazon#ubuntu#linux#oracle#intel#perl#aws#ibm#dell
==========================================================================Ubuntu Security Notice USN-5485-1June 17, 2022linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4,linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4,linux-azure-fde, linux-dell300x, linux-gcp, linux-gcp-4.15,linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop,linux-gkeop-5.4, linux-hwe, linux-hwe-5.13, linux-hwe-5.4, linux-ibm,linux-ibm-5.4, linux-intel-5.13, linux-intel-iotg, linux-kvm,linux-lowlatency, linux-oracle, linux-oracle-5.13, linux-oracle-5.4vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 21.10- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS- Ubuntu 16.04 ESM- Ubuntu 14.04 ESMSummary:Several security issues were addressed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gke: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-intel-iotg: Linux kernel for Intel IoT platforms- linux-kvm: Linux kernel for cloud environments- linux-lowlatency: Linux low latency kernel- linux-oracle: Linux kernel for Oracle Cloud systems- linux-aws-5.13: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-5.13: Linux kernel for Microsoft Azure cloud systems- linux-azure-fde: Linux kernel for Microsoft Azure cloud systems- linux-gcp-5.13: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-hwe-5.13: Linux hardware enablement (HWE) kernel- linux-intel-5.13: Linux kernel for Intel IOTG- linux-oracle-5.13: Linux kernel for Oracle Cloud systems- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems- linux-dell300x: Linux kernel for Dell 300x platforms- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems- linux-gke-5.4: Linux kernel for Google Container Engine (GKE) systems- linux-gkeop-5.4: Linux kernel for Google Container Engine (GKE) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernel- linux-ibm-5.4: Linux kernel for IBM cloud systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systems- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems- linux-hwe: Linux hardware enablement (HWE) kernelDetails:It was discovered that some Intel processors did not completely performcleanup actions on multi-core shared buffers. A local attacker couldpossibly use this to expose sensitive information. (CVE-2022-21123)It was discovered that some Intel processors did not completely performcleanup actions on microarchitectural fill buffers. A local attacker couldpossibly use this to expose sensitive information. (CVE-2022-21125)It was discovered that some Intel processors did not properly performcleanup during specific special register write operations. A local attackercould possibly use this to expose sensitive information. (CVE-2022-21166)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:  linux-image-5.15.0-1009-ibm     5.15.0-1009.11  linux-image-5.15.0-1010-gcp     5.15.0-1010.15  linux-image-5.15.0-1010-gke     5.15.0-1010.13  linux-image-5.15.0-1010-intel-iotg  5.15.0-1010.14  linux-image-5.15.0-1011-oracle  5.15.0-1011.15  linux-image-5.15.0-1012-azure   5.15.0-1012.15  linux-image-5.15.0-1012-kvm     5.15.0-1012.14  linux-image-5.15.0-1013-aws     5.15.0-1013.17  linux-image-5.15.0-39-generic   5.15.0-39.42  linux-image-5.15.0-39-generic-64k  5.15.0-39.42  linux-image-5.15.0-39-generic-lpae  5.15.0-39.42  linux-image-5.15.0-39-lowlatency  5.15.0-39.42  linux-image-5.15.0-39-lowlatency-64k  5.15.0-39.42  linux-image-aws                 5.15.0.1013.13  linux-image-azure               5.15.0.1012.11  linux-image-gcp                 5.15.0.1010.9  linux-image-generic             5.15.0.39.40  linux-image-generic-hwe-22.04   5.15.0.39.40  linux-image-generic-lpae        5.15.0.39.40  linux-image-generic-lpae-hwe-22.04  5.15.0.39.40  linux-image-gke                 5.15.0.1010.13  linux-image-gke-5.15            5.15.0.1010.13  linux-image-ibm                 5.15.0.1009.8  linux-image-intel-iotg          5.15.0.1010.10  linux-image-kvm                 5.15.0.1012.10  linux-image-lowlatency          5.15.0.39.38  linux-image-lowlatency-hwe-22.04  5.15.0.39.38  linux-image-oem-20.04           5.15.0.39.40  linux-image-oracle              5.15.0.1011.9  linux-image-virtual             5.15.0.39.40  linux-image-virtual-hwe-22.04   5.15.0.39.40Ubuntu 21.10:  linux-image-5.13.0-1030-kvm     5.13.0-1030.33  linux-image-5.13.0-1031-aws     5.13.0-1031.35  linux-image-5.13.0-1031-azure   5.13.0-1031.37  linux-image-5.13.0-1033-gcp     5.13.0-1033.40  linux-image-5.13.0-1036-oracle  5.13.0-1036.43  linux-image-5.13.0-51-generic   5.13.0-51.58  linux-image-5.13.0-51-generic-lpae  5.13.0-51.58  linux-image-5.13.0-51-lowlatency  5.13.0-51.58  linux-image-aws                 5.13.0.1031.29  linux-image-azure               5.13.0.1031.28  linux-image-gcp                 5.13.0.1033.28  linux-image-generic             5.13.0.51.57  linux-image-generic-lpae        5.13.0.51.57  linux-image-gke                 5.13.0.1033.28  linux-image-kvm                 5.13.0.1030.27  linux-image-lowlatency          5.13.0.51.57  linux-image-oem-20.04           5.13.0.51.57  linux-image-oracle              5.13.0.1036.33  linux-image-virtual             5.13.0.51.57Ubuntu 20.04 LTS:  linux-image-5.13.0-1017-intel   5.13.0-1017.19  linux-image-5.13.0-1031-aws     5.13.0-1031.35~20.04.1  linux-image-5.13.0-1031-azure   5.13.0-1031.37~20.04.1  linux-image-5.13.0-1033-gcp     5.13.0-1033.40~20.04.1  linux-image-5.13.0-1036-oracle  5.13.0-1036.43~20.04.1  linux-image-5.13.0-51-generic   5.13.0-51.58~20.04.1  linux-image-5.13.0-51-generic-64k  5.13.0-51.58~20.04.1  linux-image-5.13.0-51-generic-lpae  5.13.0-51.58~20.04.1  linux-image-5.13.0-51-lowlatency  5.13.0-51.58~20.04.1  linux-image-5.4.0-1028-ibm      5.4.0-1028.32  linux-image-5.4.0-1048-gkeop    5.4.0-1048.51  linux-image-5.4.0-1070-kvm      5.4.0-1070.75  linux-image-5.4.0-1076-gke      5.4.0-1076.82  linux-image-5.4.0-1078-oracle   5.4.0-1078.86  linux-image-5.4.0-1080-aws      5.4.0-1080.87  linux-image-5.4.0-1080-gcp      5.4.0-1080.87  linux-image-5.4.0-1085-azure    5.4.0-1085.90  linux-image-5.4.0-1085-azure-fde  5.4.0-1085.90+cvm1.1  linux-image-5.4.0-120-generic   5.4.0-120.136  linux-image-5.4.0-120-generic-lpae  5.4.0-120.136  linux-image-5.4.0-120-lowlatency  5.4.0-120.136  linux-image-aws                 5.13.0.1031.35~20.04.25  linux-image-aws-lts-20.04       5.4.0.1080.80  linux-image-azure               5.13.0.1031.37~20.04.20  linux-image-azure-fde           5.4.0.1085.90+cvm1.25  linux-image-azure-lts-20.04     5.4.0.1085.82  linux-image-gcp                 5.13.0.1033.40~20.04.1  linux-image-gcp-lts-20.04       5.4.0.1080.86  linux-image-generic             5.4.0.120.121  linux-image-generic-hwe-20.04   5.13.0.51.58~20.04.31  linux-image-generic-lpae        5.4.0.120.121  linux-image-generic-lpae-hwe-20.04  5.13.0.51.58~20.04.31  linux-image-gke                 5.4.0.1076.84  linux-image-gke-5.4             5.4.0.1076.84  linux-image-gkeop               5.4.0.1048.49  linux-image-gkeop-5.4           5.4.0.1048.49  linux-image-ibm                 5.4.0.1028.25  linux-image-ibm-lts-20.04       5.4.0.1028.25  linux-image-intel               5.13.0.1017.15  linux-image-kvm                 5.4.0.1070.67  linux-image-lowlatency          5.4.0.120.121  linux-image-lowlatency-hwe-20.04  5.13.0.51.58~20.04.31  linux-image-oem                 5.4.0.120.121  linux-image-oem-osp1            5.4.0.120.121  linux-image-oracle              5.13.0.1036.43~20.04.1  linux-image-oracle-lts-20.04    5.4.0.1078.76  linux-image-virtual             5.4.0.120.121  linux-image-virtual-hwe-20.04   5.13.0.51.58~20.04.31Ubuntu 18.04 LTS:  linux-image-4.15.0-1048-dell300x  4.15.0-1048.53  linux-image-4.15.0-1101-oracle  4.15.0-1101.112  linux-image-4.15.0-1122-kvm     4.15.0-1122.127  linux-image-4.15.0-1130-gcp     4.15.0-1130.146  linux-image-4.15.0-1136-aws     4.15.0-1136.147  linux-image-4.15.0-1145-azure   4.15.0-1145.160  linux-image-4.15.0-187-generic  4.15.0-187.198  linux-image-4.15.0-187-generic-lpae  4.15.0-187.198  linux-image-4.15.0-187-lowlatency  4.15.0-187.198  linux-image-5.4.0-1028-ibm      5.4.0-1028.32~18.04.1  linux-image-5.4.0-1048-gkeop    5.4.0-1048.51~18.04.1  linux-image-5.4.0-1076-gke      5.4.0-1076.82~18.04.1  linux-image-5.4.0-1078-oracle   5.4.0-1078.86~18.04.1  linux-image-5.4.0-1080-aws      5.4.0-1080.87~18.04.1  linux-image-5.4.0-1080-gcp      5.4.0-1080.87~18.04.1  linux-image-5.4.0-1085-azure    5.4.0-1085.90~18.04.1  linux-image-5.4.0-120-generic   5.4.0-120.136~18.04.1  linux-image-5.4.0-120-generic-lpae  5.4.0-120.136~18.04.1  linux-image-5.4.0-120-lowlatency  5.4.0-120.136~18.04.1  linux-image-aws                 5.4.0.1080.60  linux-image-aws-lts-18.04       4.15.0.1136.136  linux-image-azure               5.4.0.1085.62  linux-image-azure-lts-18.04     4.15.0.1145.115  linux-image-dell300x            4.15.0.1048.48  linux-image-gcp                 5.4.0.1080.61  linux-image-gcp-lts-18.04       4.15.0.1130.146  linux-image-generic             4.15.0.187.173  linux-image-generic-hwe-18.04   5.4.0.120.136~18.04.100  linux-image-generic-lpae        4.15.0.187.173  linux-image-generic-lpae-hwe-18.04  5.4.0.120.136~18.04.100  linux-image-gke-5.4             5.4.0.1076.82~18.04.38  linux-image-gkeop-5.4           5.4.0.1048.51~18.04.45  linux-image-ibm                 5.4.0.1028.42  linux-image-kvm                 4.15.0.1122.115  linux-image-lowlatency          4.15.0.187.173  linux-image-lowlatency-hwe-18.04  5.4.0.120.136~18.04.100  linux-image-oem                 5.4.0.120.136~18.04.100  linux-image-oem-osp1            5.4.0.120.136~18.04.100  linux-image-oracle              5.4.0.1078.86~18.04.55  linux-image-oracle-lts-18.04    4.15.0.1101.108  linux-image-snapdragon-hwe-18.04  5.4.0.120.136~18.04.100  linux-image-virtual             4.15.0.187.173  linux-image-virtual-hwe-18.04   5.4.0.120.136~18.04.100Ubuntu 16.04 ESM:  linux-image-4.15.0-1101-oracle  4.15.0-1101.112~16.04.1  linux-image-4.15.0-1130-gcp     4.15.0-1130.146~16.04.1  linux-image-4.15.0-1136-aws-hwe  4.15.0-1136.147~16.04.1  linux-image-4.15.0-1145-azure   4.15.0-1145.160~16.04.1  linux-image-4.15.0-187-generic  4.15.0-187.198~16.04.1  linux-image-4.15.0-187-lowlatency  4.15.0-187.198~16.04.1  linux-image-aws-hwe             4.15.0.1136.123  linux-image-azure               4.15.0.1145.132  linux-image-gcp                 4.15.0.1130.127  linux-image-generic-hwe-16.04   4.15.0.187.174  linux-image-gke                 4.15.0.1130.127  linux-image-lowlatency-hwe-16.04  4.15.0.187.174  linux-image-oem                 4.15.0.187.174  linux-image-oracle              4.15.0.1101.86  linux-image-virtual-hwe-16.04   4.15.0.187.174Ubuntu 14.04 ESM:  linux-image-4.15.0-1145-azure   4.15.0-1145.160~14.04.1  linux-image-azure               4.15.0.1145.114Please note that fully mitigating processor vulnerabilities requirescorresponding processor microcode/firmware updates.After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-5485-1  CVE-2022-21123, CVE-2022-21125, CVE-2022-21166Package Information:  https://launchpad.net/ubuntu/+source/linux/5.15.0-39.42  https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1013.17  https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1012.15  https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1010.15  https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1010.13  https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1009.11  https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1010.14  https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1012.14  https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-39.42  https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1011.15  https://launchpad.net/ubuntu/+source/linux/5.13.0-51.58  https://launchpad.net/ubuntu/+source/linux-aws/5.13.0-1031.35  https://launchpad.net/ubuntu/+source/linux-azure/5.13.0-1031.37  https://launchpad.net/ubuntu/+source/linux-gcp/5.13.0-1033.40  https://launchpad.net/ubuntu/+source/linux-kvm/5.13.0-1030.33  https://launchpad.net/ubuntu/+source/linux-oracle/5.13.0-1036.43  https://launchpad.net/ubuntu/+source/linux/5.4.0-120.136  https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1080.87  https://launchpad.net/ubuntu/+source/linux-aws-5.13/5.13.0-1031.35~20.04.1  https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1085.90  https://launchpad.net/ubuntu/+source/linux-azure-5.13/5.13.0-1031.37~20.04.1  https://launchpad.net/ubuntu/+source/linux-azure-fde/5.4.0-1085.90+cvm1.1  https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1080.87  https://launchpad.net/ubuntu/+source/linux-gcp-5.13/5.13.0-1033.40~20.04.1  https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1076.82  https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1048.51  https://launchpad.net/ubuntu/+source/linux-hwe-5.13/5.13.0-51.58~20.04.1  https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1028.32  https://launchpad.net/ubuntu/+source/linux-intel-5.13/5.13.0-1017.19  https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1070.75  https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1078.86  https://launchpad.net/ubuntu/+source/linux-oracle-5.13/5.13.0-1036.43~20.04.1  https://launchpad.net/ubuntu/+source/linux/4.15.0-187.198  https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1136.147  https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1080.87~18.04.1  https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1145.160  https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1085.90~18.04.1  https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1048.53  https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1130.146  https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1080.87~18.04.1  https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1076.82~18.04.1  https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1048.51~18.04.1  https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-120.136~18.04.1  https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1028.32~18.04.1  https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1122.127  https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1101.112  https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1078.86~18.04.1

Related news

CVE-2023-25536: DSA-2023-035: Dell PowerScale OneFS Security Updates for Multiple Security Vulnerabilities

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

RHSA-2022:8973: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi-co...

Red Hat Security Advisory 2022-7874-01

Red Hat Security Advisory 2022-7874-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.53. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7933-01

Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:7216: Red Hat Security Advisory: OpenShift Container Platform 4.9.51 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.51 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9.51 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: ...

Red Hat Security Advisory 2022-7280-01

Red Hat Security Advisory 2022-7280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7279: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka S...

Red Hat Security Advisory 2022-6983-01

Red Hat Security Advisory 2022-6983-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

RHSA-2022:6991: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) *...

RHSA-2022:6954: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.3 security fixes and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.5.3 General Availability release images, which fix security issues and bugs, as well as update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service

RHSA-2022:6872: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete clea...

Red Hat Security Advisory 2022-6696-01

Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.

Red Hat Security Advisory 2022-6560-01

Red Hat Security Advisory 2022-6560-01 - An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2022:6696: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-31150: nodejs16: CRLF injection in node-undici * CVE-2022-31151: nodejs/undici: Cookie headers uncleared on cross-origin redirect * CV...

RHSA-2022:6560: Red Hat Security Advisory: Openshift Logging Bug Fix Release and Security Update (5.3.12)

An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

Red Hat Security Advisory 2022-6536-01

Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.

RHSA-2022:6536: Red Hat Security Advisory: OpenShift Container Platform 4.11.5 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation

Red Hat Security Advisory 2022-6537-01

Red Hat Security Advisory 2022-6537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2022:6537: Red Hat Security Advisory: Moderate:OpenShift Container Platform 4.11.5 security and extras update

Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter

Red Hat Security Advisory 2022-6437-01

Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

RHSA-2022:6460: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

CVE-2022-38701: en/security-disclosure/2022/2022-09.md · OpenHarmony/security - Gitee.com

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

Red Hat Security Advisory 2022-6252-02

Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.

RHSA-2022:6252: Red Hat Security Advisory: OpenShift Container Platform 3.11.784 security update

Red Hat OpenShift Container Platform release 3.11.784 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass

Red Hat Security Advisory 2022-6271-01

Red Hat Security Advisory 2022-6271-01 - This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

RHSA-2022:6271: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.12 General Availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS

Gentoo Linux Security Advisory 202208-23

Gentoo Linux Security Advisory 202208-23 - Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 4.15.3 are affected.

RHSA-2022:5937: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:5939: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

Ubuntu Security Notice USN-5535-1

Ubuntu Security Notice 5535-1 - Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

Ubuntu Security Notice USN-5529-1

Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.

Ubuntu Security Notice USN-5513-1

Ubuntu Security Notice 5513-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5505-1

Ubuntu Security Notice 5505-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5485-2

Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5486-1

Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

Ubuntu Security Notice USN-5486-1

Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

Ubuntu Security Notice USN-5484-1

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution