RHSA-2022:7434: Red Hat Security Advisory: Logging Subsystem 5.5.4 - Red Hat OpenShift security update

Ubuntu Security Notice 5616-3 - USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS. It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2024-0254-03 - An update for rsync is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer over-read vulnerability.

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.

Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.

Red Hat Security Advisory 2023-3205-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.0 images. Issues addressed include a denial of service vulnerability.

Red Hat OpenShift Virtualization release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded...

Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-1962: A flaw was found in the golang standard library, go/par...

Ubuntu Security Notice 5873-1 - It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852, and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

Red Hat Security Advisory 2023-0795-01 - Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6.

Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.

Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.

Red Hat Security Advisory 2023-0693-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

OpenShift API for Data Protection (OADP) 1.0.7 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an at...

Submariner 0.14 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go ...

Red Hat Security Advisory 2023-0481-01 - Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. This advisory contains bug fixes and enhancements to the Submariner container images.

Submariner 0.12.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

An update is now available for Migration Toolkit for Runtimes (v1.0.1). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42920: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi...

Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: keycloak: path traversal via double URL encoding * CVE-2022-3916: keycloak: Session takeover with OIDC offline refreshtokens

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-8634-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.

Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.

Ubuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7435-01 - An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays...

Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7927-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-7793-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

Red Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.

Red Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.

Red Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.

Red Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.

An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7211-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.39. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7211-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.39. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2022-7283-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods.

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka S...

Gentoo Linux Security Advisory 202210-42 - A buffer overflow in zlib might allow an attacker to cause remote code execution. Versions less than 1.2.12-r3 are affected.

Red Hat Security Advisory 2022-7209-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Ubuntu Security Notice 5688-2 - USN-5688-1 fixed vulnerabilities in Libksba. This update provides the corresponding update for Ubuntu 22.10. It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7108-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Issues addressed include a null pointer vulnerability.

An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-35525: sqlite: Null pointer derreference in src/select.c * CVE-2020-35527: sqlite: Out of bounds access during table rename

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution

Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7050-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7007-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-6999-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-6999-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7053-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7053-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7005-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7003-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7009-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7009-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7002-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7002-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7002-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7002-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7011-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

Red Hat Security Advisory 2022-7004-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a randomization vulnerability.

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

The Red Hat build of OpenJDK 17 (java-17-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X...

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 cer...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memo...

OpenShift sandboxed containers 1.3.1 is now available.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2832: blender: Null pointer reference in blender thumbnail extractor * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) * CVE-2022-21628: OpenJDK...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21618: OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) * CVE-2022-21619: OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) * CVE-2022-21624: OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) * CVE-2022-21626: OpenJDK: exce...

Red Hat Security Advisory 2022-7019-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-7026-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6967-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CV...

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

An update for compat-expat1 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40674: expat: a use-after-free in the doContent function in xmlparse.c

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.

Red Hat Security Advisory 2022-6921-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6854-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. Issues addressed include a double free vulnerability.

An update for expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40674: expat: a use-after-free in the doContent function in xmlparse.c

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Security Advisory 2022-6832-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6833-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40674: expat: a use-after-free in the doContent function in xmlparse.c

Ubuntu Security Notice 5615-2 - USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...

Ubuntu Security Notice 5615-1 - It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.

Ubuntu Security Notice 5615-1 - It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.

Red Hat Security Advisory 2022-6308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.49. There are no RPMs for this release. Space precludes documenting all of the container images in this advisory. Issues addressed include bypass and code execution vulnerabilities.

Red Hat Security Advisory 2022-6308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.49. There are no RPMs for this release. Space precludes documenting all of the container images in this advisory. Issues addressed include bypass and code execution vulnerabilities.

Red Hat OpenShift Container Platform release 4.8.49 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (is...

Red Hat OpenShift Container Platform release 4.8.49 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (is...

Red Hat Security Advisory 2022-6262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include a bypass vulnerability.

Red Hat OpenShift Container Platform release 4.6.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1055: kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1055: kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c

Red Hat Security Advisory 2022-5934-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Ubuntu Security Notice 5550-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

Ubuntu Security Notice 5515-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Ubuntu Security Notice 5505-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice 5500-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Lin Ma discovered that the NFC Controller Interface implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice 5469-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 5467-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.