Headline

RHSA-2022:6592: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2022-34918: kernel: heap overflow in nft_set_elem_init()

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #rpm #sap

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
Red Hat CodeReady Workspaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2022-09-20

Updated:

2022-09-20

RHSA-2022:6592 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

kernel: heap overflow in nft_set_elem_init() (CVE-2022-34918)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

BZ - 2104423 - CVE-2022-34918 kernel: heap overflow in nft_set_elem_init()

Red Hat Enterprise Linux for x86_64 9

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

x86_64

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.x86_64.rpm

SHA-256: 03dbdf447407a444f2cb1e6c56990a7e59c3a40a20e186dce7dad8ac3e05ba7f

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.x86_64.rpm

SHA-256: 334c5f2681c0110b1d2552dfb8df958ab5432ccf75633875a6d2861c66ee906c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.x86_64.rpm

SHA-256: 036a2cfef61a927adc10f6cee9e859f367d92bbd4e6b152a050131fdd0c81b56

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.x86_64.rpm

SHA-256: 70dee70516074f535bca77785572c2c67053d2588554bd848a62e88fb21465a4

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 51cfc1c603b619420493db87d72a3d0642d8326ac1713be093ff954b857327c3

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: 071ea5fbdff99037f6830478060a49e6e81df472c5dfaa1fb603e4e4bffb787e

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.x86_64.rpm

SHA-256: f3c8d356c821c2bafbe207b556bf27ecb17a09a5bc54fb70cba47f55c56bb351

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 133a79dd5996c7fec9660408bfea4531d04262f2d951dfc4909e0f3c1740b71f

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: f0daa568cb991d9e6c03131640c8aa8b2d8d000f7340f1e1ae0a916e46339bbd

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

x86_64

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.x86_64.rpm

SHA-256: 03dbdf447407a444f2cb1e6c56990a7e59c3a40a20e186dce7dad8ac3e05ba7f

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.x86_64.rpm

SHA-256: 334c5f2681c0110b1d2552dfb8df958ab5432ccf75633875a6d2861c66ee906c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.x86_64.rpm

SHA-256: 036a2cfef61a927adc10f6cee9e859f367d92bbd4e6b152a050131fdd0c81b56

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.x86_64.rpm

SHA-256: 70dee70516074f535bca77785572c2c67053d2588554bd848a62e88fb21465a4

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 51cfc1c603b619420493db87d72a3d0642d8326ac1713be093ff954b857327c3

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: 071ea5fbdff99037f6830478060a49e6e81df472c5dfaa1fb603e4e4bffb787e

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.x86_64.rpm

SHA-256: f3c8d356c821c2bafbe207b556bf27ecb17a09a5bc54fb70cba47f55c56bb351

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 133a79dd5996c7fec9660408bfea4531d04262f2d951dfc4909e0f3c1740b71f

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: f0daa568cb991d9e6c03131640c8aa8b2d8d000f7340f1e1ae0a916e46339bbd

Red Hat Enterprise Linux for Power, little endian 9

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

ppc64le

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.ppc64le.rpm

SHA-256: eaca1fcb961019459ad12f9b175f3ea10eb747a196c4641c003824ba93225aa0

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.ppc64le.rpm

SHA-256: 7a418e0722b5af38a61d37e2f8d888afd1b6a15cca72852ddfb50ec8a6c8945c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.ppc64le.rpm

SHA-256: ae03766a5edbae1d4b3eac8fe9be5ac15ec6f8a8b2019f3d26ca651477e0120e

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.ppc64le.rpm

SHA-256: 937d6390829ff399853ce8aed90abc89304c3b696992f19cc02a0a51a00a8efb

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 88becf446b9f08756af6869f95e1c7364c37723c4dfaacf791f4ffaba2f2597e

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: 9c2835da87f32013a1bc025fd0c3f54e7f7554e3551212fdf5772fdb41ba3f3f

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.ppc64le.rpm

SHA-256: ae18bf16e1b9bea5e00b6b1a9ebee7d12016a39c3129255f7d449662bca371a3

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 49f965c7d61fbc1413a7741a3892d06c96747a824a70ea9858346073ebe58512

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: ebe43641cb1ab647e2d7fcf1ee66c92b993547e6a6354542c6a5278f468dd107

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

ppc64le

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.ppc64le.rpm

SHA-256: eaca1fcb961019459ad12f9b175f3ea10eb747a196c4641c003824ba93225aa0

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.ppc64le.rpm

SHA-256: 7a418e0722b5af38a61d37e2f8d888afd1b6a15cca72852ddfb50ec8a6c8945c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.ppc64le.rpm

SHA-256: ae03766a5edbae1d4b3eac8fe9be5ac15ec6f8a8b2019f3d26ca651477e0120e

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.ppc64le.rpm

SHA-256: 937d6390829ff399853ce8aed90abc89304c3b696992f19cc02a0a51a00a8efb

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 88becf446b9f08756af6869f95e1c7364c37723c4dfaacf791f4ffaba2f2597e

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: 9c2835da87f32013a1bc025fd0c3f54e7f7554e3551212fdf5772fdb41ba3f3f

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.ppc64le.rpm

SHA-256: ae18bf16e1b9bea5e00b6b1a9ebee7d12016a39c3129255f7d449662bca371a3

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 49f965c7d61fbc1413a7741a3892d06c96747a824a70ea9858346073ebe58512

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: ebe43641cb1ab647e2d7fcf1ee66c92b993547e6a6354542c6a5278f468dd107

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

ppc64le

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.ppc64le.rpm

SHA-256: eaca1fcb961019459ad12f9b175f3ea10eb747a196c4641c003824ba93225aa0

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.ppc64le.rpm

SHA-256: 7a418e0722b5af38a61d37e2f8d888afd1b6a15cca72852ddfb50ec8a6c8945c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.ppc64le.rpm

SHA-256: ae03766a5edbae1d4b3eac8fe9be5ac15ec6f8a8b2019f3d26ca651477e0120e

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.ppc64le.rpm

SHA-256: 937d6390829ff399853ce8aed90abc89304c3b696992f19cc02a0a51a00a8efb

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 88becf446b9f08756af6869f95e1c7364c37723c4dfaacf791f4ffaba2f2597e

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: 9c2835da87f32013a1bc025fd0c3f54e7f7554e3551212fdf5772fdb41ba3f3f

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.ppc64le.rpm

SHA-256: ae18bf16e1b9bea5e00b6b1a9ebee7d12016a39c3129255f7d449662bca371a3

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.ppc64le.rpm

SHA-256: 49f965c7d61fbc1413a7741a3892d06c96747a824a70ea9858346073ebe58512

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.ppc64le.rpm

SHA-256: ebe43641cb1ab647e2d7fcf1ee66c92b993547e6a6354542c6a5278f468dd107

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.src.rpm

SHA-256: 5ec6efa5e1c741b21ce95b32227386e44ab6f99c30232d839a0fdae9d62cd839

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.src.rpm

SHA-256: 9a0408f8b120348bfccb1a8805cbcd9b42c2e4d57ec9810c38d5308518ac7298

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.src.rpm

SHA-256: c2e177d93812f43d14ea8f898cc6cb015119c3a3505647131ec2285874732ce1

x86_64

kpatch-patch-5_14_0-70_13_1-1-2.el9_0.x86_64.rpm

SHA-256: 03dbdf447407a444f2cb1e6c56990a7e59c3a40a20e186dce7dad8ac3e05ba7f

kpatch-patch-5_14_0-70_13_1-debuginfo-1-2.el9_0.x86_64.rpm

SHA-256: 334c5f2681c0110b1d2552dfb8df958ab5432ccf75633875a6d2861c66ee906c

kpatch-patch-5_14_0-70_13_1-debugsource-1-2.el9_0.x86_64.rpm

SHA-256: 036a2cfef61a927adc10f6cee9e859f367d92bbd4e6b152a050131fdd0c81b56

kpatch-patch-5_14_0-70_17_1-1-1.el9_0.x86_64.rpm

SHA-256: 70dee70516074f535bca77785572c2c67053d2588554bd848a62e88fb21465a4

kpatch-patch-5_14_0-70_17_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 51cfc1c603b619420493db87d72a3d0642d8326ac1713be093ff954b857327c3

kpatch-patch-5_14_0-70_17_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: 071ea5fbdff99037f6830478060a49e6e81df472c5dfaa1fb603e4e4bffb787e

kpatch-patch-5_14_0-70_22_1-1-1.el9_0.x86_64.rpm

SHA-256: f3c8d356c821c2bafbe207b556bf27ecb17a09a5bc54fb70cba47f55c56bb351

kpatch-patch-5_14_0-70_22_1-debuginfo-1-1.el9_0.x86_64.rpm

SHA-256: 133a79dd5996c7fec9660408bfea4531d04262f2d951dfc4909e0f3c1740b71f

kpatch-patch-5_14_0-70_22_1-debugsource-1-1.el9_0.x86_64.rpm

SHA-256: f0daa568cb991d9e6c03131640c8aa8b2d8d000f7340f1e1ae0a916e46339bbd

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

By Habiba Rashid At the time of writing, all reported fake repositories have been taken down and the malicious PoC has been removed from GitHub. This is a post from HackRead.com Read the original post: Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN!

1 year ago

HackRead

Open in Source

#vulnerability #mac #windows #google #linux #git #backdoor #auth #ssh

Netfilter nft_set_elem_init Heap Overflow Privilege Escalation

An issue was discovered in the Linux kernel through version 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges. The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access. The issue exists in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

1 year ago

Packet Storm

Open in Source

#vulnerability #ubuntu #linux #git #buffer_overflow #auth #mongo

Red Hat Security Advisory 2022-6592-01

Red Hat Security Advisory 2022-6592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #linux #red_hat #js #rpm

RHSA-2022:6582: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2078: kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse() * CVE-2022-34918: kernel: heap overflow in nft_set_elem_init()

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #buffer_overflow

Kernel Live Patch Security Notice LSN-0089-1

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. Various other vulnerabilities were also discovered.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #google #microsoft #amazon #ubuntu #linux #dos #perl #aws #ibm #mongo

Ubuntu Security Notice USN-5582-1

Ubuntu Security Notice 5582-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #microsoft #ubuntu #linux #dos #perl #mongo

Ubuntu Security Notice USN-5566-1

Ubuntu Security Notice 5566-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #google #microsoft #amazon #ubuntu #linux #dos #oracle #intel #perl #aws #amd #ibm #mongo

Ubuntu Security Notice USN-5562-1

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #google #microsoft #amazon #ubuntu #linux #dos #oracle #perl #aws #ibm #mongo

Ubuntu Security Notice USN-5560-1

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #google #microsoft #amazon #ubuntu #linux #dos #oracle #perl #aws #dell #mongo

Ubuntu Security Notice USN-5545-1

Ubuntu Security Notice 5545-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations.

2 years ago

Packet Storm

Open in Source

#vulnerability #ubuntu #linux #perl #mongo

Ubuntu Security Notice USN-5540-1

Ubuntu Security Notice 5540-1 - Liu Jian discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #amazon #ubuntu #linux #dos #perl #aws #mongo

CVE-2022-34918

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

2 years ago

CVE

Open in Source

#vulnerability #linux #buffer_overflow