Security
Headlines
HeadlinesLatestCVEs

Headline

Red Hat Security Advisory 2022-7337-01

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Packet Storm
#vulnerability#linux#red_hat#intel#amd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2022:7337-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7337
Issue date: 2022-11-02
CVE Names: CVE-2022-2588 CVE-2022-23816 CVE-2022-23825
CVE-2022-26373 CVE-2022-29900 CVE-2022-29901
====================================================================

  1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

  • a use-after-free in cls_route filter implementation may lead to privilege
    escalation (CVE-2022-2588)

  • RetBleed Arbitrary Speculative Code Execution with Return Instructions
    (CVE-2022-23816, CVE-2022-29900)

  • Branch Type Confusion (non-retbleed) (CVE-2022-23825)

  • Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)

  • Intel: RetBleed Arbitrary Speculative Code Execution with Return
    Instructions (CVE-2022-29901)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

  • lpfc panics in lpfc_els_free_iocb() during port recovery (BZ#1969988)

  • mlx5 reports error messages during shutdown then panic with mce
    (BZ#2077711)

  • Kernel panic due to hard lockup caused by deadlock between tasklist_lock
    and k_itimer->it_lock (BZ#2115147)

  • fix excess double put in nfs_prime_dcache (BZ#2117856)

  1. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

2090226 - CVE-2022-23816 CVE-2022-29900 hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
2103148 - CVE-2022-29901 hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions
2103153 - CVE-2022-23825 hw: cpu: AMD: Branch Type Confusion (non-retbleed)
2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
2115065 - CVE-2022-26373 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

  1. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1160.80.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.80.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.80.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm
perf-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1160.80.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.80.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.80.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm
perf-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1160.80.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.80.1.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1160.80.1.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debug-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-devel-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-headers-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-tools-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64.rpm
perf-3.10.0-1160.80.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
python-perf-3.10.0-1160.80.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1160.80.1.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debug-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-devel-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-headers-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-tools-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le.rpm
perf-3.10.0-1160.80.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
python-perf-3.10.0-1160.80.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1160.80.1.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm
kernel-3.10.0-1160.80.1.el7.s390x.rpm
kernel-debug-3.10.0-1160.80.1.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.s390x.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1160.80.1.el7.s390x.rpm
kernel-devel-3.10.0-1160.80.1.el7.s390x.rpm
kernel-headers-3.10.0-1160.80.1.el7.s390x.rpm
kernel-kdump-3.10.0-1160.80.1.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1160.80.1.el7.s390x.rpm
perf-3.10.0-1160.80.1.el7.s390x.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm
python-perf-3.10.0-1160.80.1.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1160.80.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm
perf-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1160.80.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.80.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.80.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm
perf-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2022-2588
https://access.redhat.com/security/cve/CVE-2022-23816
https://access.redhat.com/security/cve/CVE-2022-23825
https://access.redhat.com/security/cve/CVE-2022-26373
https://access.redhat.com/security/cve/CVE-2022-29900
https://access.redhat.com/security/cve/CVE-2022-29901
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/solutions/6971358

  1. Contact:

The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY2K9KdzjgjWX9erEAQjbHQ//b/sY9t/NBkK+XiKoe/02KTfkUBUNJaIe
v7xs7oJHskxABWcY9ze1iUVS7aHZ4/CygDsKHb5dNq6z7x4li8aCWCQNZStxc1jL
knCCvHsJ3Ekw1USNBbujbKA13kT3rBQlyQk0mDgfwrDZNaE9mPlnL5rycXRXQFeY
ezEz5VzjM59pxTkWBN45hpHjZF26VrYup383I3asnwinpZF54xzQebVMDpVmO4mh
e1TaXl6pwzP0ZfPyC+HYx7h36WyiXNrvoDtRJBWn7oJBN7fWzHNt4phvktQdRDdL
t/tQc91k3KigZ9GOAdmupfORlgzLsuu/jgdpezwqhjzXgElnWmIZFZF2L224AQup
PyzdK9ud2ot8lIk5QjI1oyWL19ppoNxxIYV15AngPoOOgikuZjoUj8df1IfjBq0p
XRN2rdmv4Lccj/7wSb8450LGmRWX32SbJuBUGOVXl80RU530Uu3S+QteotYEbUtn
jwVrXamfqfn0S86Hm+x0bkJ4lfXzAxoneSdezaW5ipoeeIdhq/y21LLue6+n+fPk
+SmwLgriQ0c51iTROPOZbwAkF58iQrLmLHV9Trf5CazAsKpGLe1/nYx6pwiOPT1v
5X5Ga08pzuthhAn9bZvTn+/x2A1EVraUFKCqF7Of1+Z9QB48UaKQnLUlMKxL+ztC
zYvUNS92+Ns=QW8W
-----END PGP SIGNATURE-----

RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Related news

Gentoo Linux Security Advisory 202402-07

Gentoo Linux Security Advisory 202402-7 - Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 4.16.6_pre1 are affected.

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as

RHSA-2023:4022: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a l...

Microsoft Zero-Day Bugs Allow Security Feature Bypass

Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.

Ubuntu Security Notice USN-5924-1

Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5862-1

Ubuntu Security Notice 5862-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

Ubuntu Security Notice USN-5861-1

Ubuntu Security Notice 5861-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5854-1

Ubuntu Security Notice 5854-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-0440-01

Red Hat Security Advisory 2023-0440-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

RHSA-2022:9040: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.3 security update

Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function * CVE-2022-41912: crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements

Red Hat Security Advisory 2022-8973-01

Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.

Red Hat Security Advisory 2022-8974-01

Red Hat Security Advisory 2022-8974-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, code execution, out of bounds write, and privilege escalation vulnerabilities.

RHSA-2022:8973: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi-co...

Red Hat Security Advisory 2022-8889-01

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

RHSA-2022:8889: Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update

Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays

Red Hat Security Advisory 2022-8781-01

Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.

RHSA-2022:8781: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

Ubuntu Security Notice USN-5728-3

Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-8609-01

Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.

Ubuntu Security Notice USN-5728-1

Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7933-01

Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:7933: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-085...

RHSA-2022:7434: Red Hat Security Advisory: Logging Subsystem 5.5.4 - Red Hat OpenShift security update

Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-6882-01

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

RHSA-2022:6882: Red Hat Security Advisory: Openshift Logging 5.3.13 security and bug fix release

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

RHSA-2022:7683: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large arguments...

RHSA-2022:7444: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large argume...

CVE-2022-43449: en/security-disclosure/2022/2022-11.md · OpenHarmony/security - Gitee.com

OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000.

Red Hat Security Advisory 2022-7216-01

Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.

Red Hat Security Advisory 2022-7338-01

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7313-01

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

RHSA-2022:7337: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * CVE...

RHSA-2022:7337: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * CVE...

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7276-01

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7279-01

Red Hat Security Advisory 2022-7279-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7313: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

RHSA-2022:7313: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

RHSA-2022:7313: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

RHSA-2022:7201: Red Hat Security Advisory: OpenShift Container Platform 4.11.12 security update

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

RHSA-2022:7201: Red Hat Security Advisory: OpenShift Container Platform 4.11.12 security update

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Ubuntu Security Notice USN-5706-1

Ubuntu Security Notice 5706-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5703-1

Ubuntu Security Notice 5703-1 - Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

Red Hat Security Advisory 2022-7137-01

Red Hat Security Advisory 2022-7137-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7110-01

Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:7146: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

RHSA-2022:7134: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: c...

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

RHSA-2022:6983: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CV...

RHSA-2022:6978: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Ubuntu Security Notice USN-5682-1

Ubuntu Security Notice 5682-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5683-1

Ubuntu Security Notice 5683-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-6875-01

Red Hat Security Advisory 2022-6875-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Ubuntu Security Notice USN-5667-1

Ubuntu Security Notice 5667-1 - Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

Ubuntu Security Notice USN-5668-1

Ubuntu Security Notice 5668-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

RHSA-2022:6875: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

CVE-2022-26373: INTEL-SA-00706

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Ubuntu Security Notice USN-5566-1

Ubuntu Security Notice 5566-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5565-1

Ubuntu Security Notice 5565-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5564-1

Ubuntu Security Notice 5564-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5560-2

Ubuntu Security Notice 5560-2 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Retbleed Fixed in Linux Kernel, Patch Delayed

Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.

New 'Retbleed' Speculative Execution Attack Affects AMD and Intel CPUs

Security researchers have uncovered yet another vulnerability affecting numerous older AMD and Intel microprocessors that could bypass current defenses and result in Spectre-based speculative-execution attacks. Dubbed Retbleed by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the issues are tracked as CVE-2022-29900 (AMD) and CVE-2022-29901 (Intel), with the chipmakers releasing

New 'Retbleed' Speculative Execution Attack Affects AMD and Intel CPUs

Security researchers have uncovered yet another vulnerability affecting numerous older AMD and Intel microprocessors that could bypass current defenses and result in Spectre-based speculative-execution attacks. Dubbed Retbleed by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the issues are tracked as CVE-2022-29900 (AMD) and CVE-2022-29901 (Intel), with the chipmakers releasing

CVE-2022-29901: oss-security - Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CVE-2022-29901: oss-security - Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CVE-2022-29900: 407 - Xen Security Advisories

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CVE-2022-29901: oss-security - Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Packet Storm: Latest News

Zeek 6.0.9