Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0954: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-4415: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
  • CVE-2022-45873: A flaw was found in the systemd-coredump utility of systemd. When an application crashes, the systemd-coredump utility is called twice, once by the kernel and the second time in the [email protected] to write the data, process, and save the core file. Communication between the programs is made through a pipe, and when there is too much data through a long backtrace or many linked libraries, the pipe blocks while waiting for the data, resulting in a timeout of the [email protected].
Red Hat Security Data
#vulnerability#mac#linux#red_hat#ibm

Synopsis

Moderate: systemd security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for systemd is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.

Security Fix(es):

  • systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting (CVE-2022-4415)
  • systemd: deadlock in systemd-coredump via a crash with a long backtrace (CVE-2022-45873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2149063 - CVE-2022-45873 systemd: deadlock in systemd-coredump via a crash with a long backtrace
  • BZ - 2155515 - CVE-2022-4415 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

Red Hat Enterprise Linux for x86_64 9

SRPM

systemd-250-12.el9_1.3.src.rpm

SHA-256: 9c04d64afb44964a7f19eff64faf9f66b73b685e8e20e016c7e90de4e1224ab4

x86_64

systemd-250-12.el9_1.3.i686.rpm

SHA-256: e4e0f2a3437500365a412a0e919cb3678e075cb59e87220a2e700cae2c83e625

systemd-250-12.el9_1.3.x86_64.rpm

SHA-256: 54e1ef4a491f03d07d0bd6953d6d73ee0b9a4894e2135ed458293d8f1a712c2f

systemd-container-250-12.el9_1.3.i686.rpm

SHA-256: 364f712c5ea70d8a9e628215095cd2a6951b24144d8e31964c4bd21137bef08d

systemd-container-250-12.el9_1.3.x86_64.rpm

SHA-256: b4f252f633810e19a163a7264883a27328b1ebd7b1c479344b109bcf18cade6b

systemd-container-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 3557379c8202b17497d03850fbd803cf7694ed3baa7c52f2e23050837da21154

systemd-container-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 3557379c8202b17497d03850fbd803cf7694ed3baa7c52f2e23050837da21154

systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: be9ec5f8cfc5a12c1f503e16ed060b3b86ee5b86507aab2831043a8b414b3fbd

systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: be9ec5f8cfc5a12c1f503e16ed060b3b86ee5b86507aab2831043a8b414b3fbd

systemd-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: e8dca94608d107ecce00854d0c0a1b90d190a117a8370355bd8be0a207425038

systemd-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: e8dca94608d107ecce00854d0c0a1b90d190a117a8370355bd8be0a207425038

systemd-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 3c474f8cf2e71cc0e5185cc5d388e2f3c12891ff801466030e0de252eab824ac

systemd-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 3c474f8cf2e71cc0e5185cc5d388e2f3c12891ff801466030e0de252eab824ac

systemd-debugsource-250-12.el9_1.3.i686.rpm

SHA-256: ca33ee03ec96a3335988fb70f0d3da30b9b840b03135d2d439ac38f1d2e531a7

systemd-debugsource-250-12.el9_1.3.i686.rpm

SHA-256: ca33ee03ec96a3335988fb70f0d3da30b9b840b03135d2d439ac38f1d2e531a7

systemd-debugsource-250-12.el9_1.3.x86_64.rpm

SHA-256: cca832e1ecd7b1dcd7c2681d1feab9260d95f220d050b4534609be9881bd69ea

systemd-debugsource-250-12.el9_1.3.x86_64.rpm

SHA-256: cca832e1ecd7b1dcd7c2681d1feab9260d95f220d050b4534609be9881bd69ea

systemd-devel-250-12.el9_1.3.i686.rpm

SHA-256: cbf5f3829a2e9a73d4a4f1b98eea1279e8476f0c6b9cb626ac55f9810096740d

systemd-devel-250-12.el9_1.3.x86_64.rpm

SHA-256: 59eaba43962323ddc7d5ccba9530990e166a3349dbaec1065beab108e286c5a6

systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: b8a599e2110c64b5b7fff143144108d24c07788b31cae0c4251694900d4d9f25

systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: b8a599e2110c64b5b7fff143144108d24c07788b31cae0c4251694900d4d9f25

systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: d4dd08c8271683639c2a2ea96ebb6308e59acdf83fb1a148b070e5fae885613e

systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: d4dd08c8271683639c2a2ea96ebb6308e59acdf83fb1a148b070e5fae885613e

systemd-journal-remote-250-12.el9_1.3.x86_64.rpm

SHA-256: 093b0a0c82b868519f6eb9177de7f0d45268bf61ea02f8ee4a058706dcccd911

systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 5f4b3766dc3945fad60d595e38af27c490da07761dda0596514f9ea194a9ee65

systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 5f4b3766dc3945fad60d595e38af27c490da07761dda0596514f9ea194a9ee65

systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 6c83c7ef4c616f66c9ea97207e685a84c5f96e5ec472b30471ca2fb88d2b6166

systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 6c83c7ef4c616f66c9ea97207e685a84c5f96e5ec472b30471ca2fb88d2b6166

systemd-libs-250-12.el9_1.3.i686.rpm

SHA-256: c5e2d10bc49f0545045e5834932ddf434a3c32adea3f1278cee6bf34f015c0c3

systemd-libs-250-12.el9_1.3.x86_64.rpm

SHA-256: 4620b3b8eed116d3f748e35108d54d1206cdb6df09793c2103aa4df0be9c0d0f

systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 55c4e61157c914d09162ce47cb516a716f9e9f6235a8e26ccc2812ccd455bb1e

systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 55c4e61157c914d09162ce47cb516a716f9e9f6235a8e26ccc2812ccd455bb1e

systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 80c72ca08cc15efd35adb371d1178c4f23d5dee9e75a15ca8d2318667bac7a36

systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 80c72ca08cc15efd35adb371d1178c4f23d5dee9e75a15ca8d2318667bac7a36

systemd-oomd-250-12.el9_1.3.x86_64.rpm

SHA-256: 7d2e8591ebd54638ad37b45243d29575e9c758f8770168cd0ff3d95d744e4274

systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 030cc70b5fa25e74f17ee389355dd26d0dbb9cdbb30748124a55f85f5cb48155

systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 030cc70b5fa25e74f17ee389355dd26d0dbb9cdbb30748124a55f85f5cb48155

systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 404fb86df38adf0ed680fba2b8da6c7945a4c8ce763e20cb1903be275725df97

systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 404fb86df38adf0ed680fba2b8da6c7945a4c8ce763e20cb1903be275725df97

systemd-pam-250-12.el9_1.3.x86_64.rpm

SHA-256: 541ef2400092c9e3e2133708669564eb7eaa1d90dcfdc886e9aa997047140688

systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: bfa2b4d870d280971c4ef5c9779340e8b838bec3e05b6b806eb4d1e239fff843

systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: bfa2b4d870d280971c4ef5c9779340e8b838bec3e05b6b806eb4d1e239fff843

systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 966bc6962068a9feaa623068fb02b62a119305791b5fdbf71d7b923563d470bc

systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 966bc6962068a9feaa623068fb02b62a119305791b5fdbf71d7b923563d470bc

systemd-resolved-250-12.el9_1.3.x86_64.rpm

SHA-256: f1777dd40a18a2c24ed39b42e53c30e445e8ce695445554e70aaec2b84a8faaf

systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f6a8645f076727106f9b9a4b6a4fd0b642f9770aac6ef504dcca91b77dea56df

systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f6a8645f076727106f9b9a4b6a4fd0b642f9770aac6ef504dcca91b77dea56df

systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: e3258f6af23c7db6f1e3106a748eb41e12a6698ad9f22e606f983c43f0c7fe40

systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: e3258f6af23c7db6f1e3106a748eb41e12a6698ad9f22e606f983c43f0c7fe40

systemd-rpm-macros-250-12.el9_1.3.noarch.rpm

SHA-256: f2fb9af41aeb44bfac8c0de1def031d90173a07349931324e1c9b3d40e5355c4

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 08cfce554971bbcb9e3bd6824a4f5b758864b88562b9c0168dc054b68ce14f30

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: 08cfce554971bbcb9e3bd6824a4f5b758864b88562b9c0168dc054b68ce14f30

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 9ca0a0edc01e9761e31a060a225c30d47d5b62ea40ece85c704b201f67ca064d

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 9ca0a0edc01e9761e31a060a225c30d47d5b62ea40ece85c704b201f67ca064d

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f32c313893c22e92109d9eb262959aacda4d35dba8a444d78b9762e71c33eea3

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f32c313893c22e92109d9eb262959aacda4d35dba8a444d78b9762e71c33eea3

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 649ac50c9727d59223455cbe169c9ccb24934e0e1ac91374599bb483f6fc901f

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 649ac50c9727d59223455cbe169c9ccb24934e0e1ac91374599bb483f6fc901f

systemd-udev-250-12.el9_1.3.x86_64.rpm

SHA-256: 527a185a09a094f15e88c2482b7d9810354474aa0efa6eba3376256e2952454b

systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f2d0fc0eb241d6d796485f889e73cdcc56e052cda78adcf20f1c7e13be9ce106

systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm

SHA-256: f2d0fc0eb241d6d796485f889e73cdcc56e052cda78adcf20f1c7e13be9ce106

systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 5faa74895037c93b5b40d0e0faeec1e2f1763a50daabaa1cb30183bbdfc834d0

systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm

SHA-256: 5faa74895037c93b5b40d0e0faeec1e2f1763a50daabaa1cb30183bbdfc834d0

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

systemd-250-12.el9_1.3.src.rpm

SHA-256: 9c04d64afb44964a7f19eff64faf9f66b73b685e8e20e016c7e90de4e1224ab4

s390x

systemd-250-12.el9_1.3.s390x.rpm

SHA-256: e8f4ac02d4849221148004432ad06ffd7e8d47380dd4d1fcee9c580045b44a96

systemd-container-250-12.el9_1.3.s390x.rpm

SHA-256: b590a0332b6ce79d24304fea7a9b7dca61ad2066e5b34f804936db670a320f79

systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 3208b159f97e547abeb9a6b3a6ce96ae3586b87970b3acf589d94e5cb0fd56d1

systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 3208b159f97e547abeb9a6b3a6ce96ae3586b87970b3acf589d94e5cb0fd56d1

systemd-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 53d6d48540c809f15a2556d1a9adca3785571e05df6878c580899a14459a48f7

systemd-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 53d6d48540c809f15a2556d1a9adca3785571e05df6878c580899a14459a48f7

systemd-debugsource-250-12.el9_1.3.s390x.rpm

SHA-256: 9e6b7ee619ebf690e30cdf6f8831326a96129bee3f073be69a6c2c3a02a57d8b

systemd-debugsource-250-12.el9_1.3.s390x.rpm

SHA-256: 9e6b7ee619ebf690e30cdf6f8831326a96129bee3f073be69a6c2c3a02a57d8b

systemd-devel-250-12.el9_1.3.s390x.rpm

SHA-256: 37e3575e5df4ae0acc11375ea8e58a574c83e9b269217d5742341e1efe0f6022

systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: e6a15a710a70cd38f2710e0ae6b61d5f2b90a28879bb9fb7703adb81d12769f8

systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: e6a15a710a70cd38f2710e0ae6b61d5f2b90a28879bb9fb7703adb81d12769f8

systemd-journal-remote-250-12.el9_1.3.s390x.rpm

SHA-256: 6dacb2a5e9e57e15a4d2b225d17579913b051c84a74f7252edfcb841bc5e0613

systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 94bbfd6cfe8f81f71772e23bcd42f62b8b2d5bf2f9bf6e353c44f4c14627efd3

systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 94bbfd6cfe8f81f71772e23bcd42f62b8b2d5bf2f9bf6e353c44f4c14627efd3

systemd-libs-250-12.el9_1.3.s390x.rpm

SHA-256: cf2b7e96471f7a7bb5af73b49b7215e57eb7cf0507e34309c5be4b856c53e776

systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 05160042ba4a3199718e94379a754280a9bc61de80304f619571b63c6f1fcdb6

systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 05160042ba4a3199718e94379a754280a9bc61de80304f619571b63c6f1fcdb6

systemd-oomd-250-12.el9_1.3.s390x.rpm

SHA-256: 0e9d2d543f8e7351c4d7bc68bd581df8d16c07ed0d49f75720228f95a26a8841

systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: f742787b1c81fd46b0ad2a1d180a7ed34c14146eb92fc2dff88c99d66815d77f

systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: f742787b1c81fd46b0ad2a1d180a7ed34c14146eb92fc2dff88c99d66815d77f

systemd-pam-250-12.el9_1.3.s390x.rpm

SHA-256: a74e5e4a82780d68e85eeaab23c9898dfbb10fcf82c570cb88f7d2aafb497496

systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 2ce9b2c03918c6048c004bfae98f84bc1beb26eab6a70a155a0cae29a5a92160

systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 2ce9b2c03918c6048c004bfae98f84bc1beb26eab6a70a155a0cae29a5a92160

systemd-resolved-250-12.el9_1.3.s390x.rpm

SHA-256: e1cf4cc71e67194a5b34f6937d6897e14971fad03a83883c18526d6c01a6ae3c

systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 644c117fca5f255143761b1f312527e547db514157dbd0d463cd009f5c94653e

systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 644c117fca5f255143761b1f312527e547db514157dbd0d463cd009f5c94653e

systemd-rpm-macros-250-12.el9_1.3.noarch.rpm

SHA-256: f2fb9af41aeb44bfac8c0de1def031d90173a07349931324e1c9b3d40e5355c4

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 4ccdfd5a5d048dedb175368a65b26e6bb659ff5c75ff14ae75175850ecebb145

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 4ccdfd5a5d048dedb175368a65b26e6bb659ff5c75ff14ae75175850ecebb145

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: eb8d1da34910a5d5cbf075a6943b2ad42fd48a5863489a06b4803c32ab71eabb

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: eb8d1da34910a5d5cbf075a6943b2ad42fd48a5863489a06b4803c32ab71eabb

systemd-udev-250-12.el9_1.3.s390x.rpm

SHA-256: 73413054a8584dd9a3be0a4c7893090fb1906d3e38bf146eda7107d1923b6622

systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 5b7588752e8d151bc67c7267adc9a83008a21e6012b5d43a369d75a5d182927f

systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm

SHA-256: 5b7588752e8d151bc67c7267adc9a83008a21e6012b5d43a369d75a5d182927f

Red Hat Enterprise Linux for Power, little endian 9

SRPM

systemd-250-12.el9_1.3.src.rpm

SHA-256: 9c04d64afb44964a7f19eff64faf9f66b73b685e8e20e016c7e90de4e1224ab4

ppc64le

systemd-250-12.el9_1.3.ppc64le.rpm

SHA-256: dd9356a78edfda1eca1841626c99ac399e1167225ba86b7d6d4bd9a02f4fa5a6

systemd-container-250-12.el9_1.3.ppc64le.rpm

SHA-256: ef02d430f5b8114b4b00477e87d04eb2c8e7ad711d5bc336a507cdb99268f0a2

systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 30cc0788a8ce5e97c9b3a9b115f54ca78404243eb247515c55177a73d7a743f5

systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 30cc0788a8ce5e97c9b3a9b115f54ca78404243eb247515c55177a73d7a743f5

systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 9d853f2f5462b048e1df6bfd85a0233dda5d4c84faffb6d26f6ddf9decbb2fa2

systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 9d853f2f5462b048e1df6bfd85a0233dda5d4c84faffb6d26f6ddf9decbb2fa2

systemd-debugsource-250-12.el9_1.3.ppc64le.rpm

SHA-256: b4fbc58399568fedd44cc5d7f7bbab1dd4cecc36dcd63b95eb1a342bc09338e4

systemd-debugsource-250-12.el9_1.3.ppc64le.rpm

SHA-256: b4fbc58399568fedd44cc5d7f7bbab1dd4cecc36dcd63b95eb1a342bc09338e4

systemd-devel-250-12.el9_1.3.ppc64le.rpm

SHA-256: d4fde3748bd0813158672f8843358060262e90c0338a0b7872d06761eb3b82c9

systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: a77c5f409db3c1469435319d48363dcaad18b676fcead3f57091530d8cf8560a

systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: a77c5f409db3c1469435319d48363dcaad18b676fcead3f57091530d8cf8560a

systemd-journal-remote-250-12.el9_1.3.ppc64le.rpm

SHA-256: 153484beab24aeb3e3f807a93781bc0e9940a2b90fbc4ebef3b8643feddf1cc1

systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 522a5285c3eb34342d5b110f4788b27cbc1056437a2c64340b655df308d1f930

systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 522a5285c3eb34342d5b110f4788b27cbc1056437a2c64340b655df308d1f930

systemd-libs-250-12.el9_1.3.ppc64le.rpm

SHA-256: 4a44a9818c8e8be6a575a5f6eb0b16800659088a7fb0afdd8254db119e589862

systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 4a30d1805ac0ac05254c26a86ae263eaf51b0e036db4cc3c7aaa303dcdc58271

systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 4a30d1805ac0ac05254c26a86ae263eaf51b0e036db4cc3c7aaa303dcdc58271

systemd-oomd-250-12.el9_1.3.ppc64le.rpm

SHA-256: 77e7ecebd414ce1b2a1eb98637bed94b3c3ebc8292dace3307133303c5af1326

systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 3526ea5c6ebdd4ad7ef39b06d4ba0e107ebf91206965fdcb7c3418199efcaa8f

systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 3526ea5c6ebdd4ad7ef39b06d4ba0e107ebf91206965fdcb7c3418199efcaa8f

systemd-pam-250-12.el9_1.3.ppc64le.rpm

SHA-256: 174760a7b9d7dc0f0f424ee74d11725847957692f49e67e189df835881ae0879

systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 184328c9206cccbc3ec78c048991dadd4cadfa7eed8d3af73a1c104f60c42250

systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 184328c9206cccbc3ec78c048991dadd4cadfa7eed8d3af73a1c104f60c42250

systemd-resolved-250-12.el9_1.3.ppc64le.rpm

SHA-256: da5752e24ff377275265c24d8f68c3cff06c31f1248587840f9556695b0a5614

systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 4591468f0e3198c0307c8c945e3f44129dd4623a9eda2eb597d625dec0a5f789

systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 4591468f0e3198c0307c8c945e3f44129dd4623a9eda2eb597d625dec0a5f789

systemd-rpm-macros-250-12.el9_1.3.noarch.rpm

SHA-256: f2fb9af41aeb44bfac8c0de1def031d90173a07349931324e1c9b3d40e5355c4

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: a54793b6adafbc3ea20c68c3d9b7a010344ef651877b01e30ea61ddd240917bb

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: a54793b6adafbc3ea20c68c3d9b7a010344ef651877b01e30ea61ddd240917bb

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: c9cf47c97dbc6a677e185f4f40f4b1a69d0c924d05f8703304d4169a7c749ba6

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: c9cf47c97dbc6a677e185f4f40f4b1a69d0c924d05f8703304d4169a7c749ba6

systemd-udev-250-12.el9_1.3.ppc64le.rpm

SHA-256: e01988bdba8c7bb8cebc019b357a82c967943b33859b2b71f814846f537e00ad

systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 12d8bcdef5343199a28344949bd05fe8fa605a7dd820416011ab3356dad75005

systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm

SHA-256: 12d8bcdef5343199a28344949bd05fe8fa605a7dd820416011ab3356dad75005

Red Hat Enterprise Linux for ARM 64 9

SRPM

systemd-250-12.el9_1.3.src.rpm

SHA-256: 9c04d64afb44964a7f19eff64faf9f66b73b685e8e20e016c7e90de4e1224ab4

aarch64

systemd-250-12.el9_1.3.aarch64.rpm

SHA-256: f327f6c45a063602726bc6c0ef92e2c744a8192229a48ca0078fd73f70e94765

systemd-container-250-12.el9_1.3.aarch64.rpm

SHA-256: b5a47ddd35f249d11e48bedad075a589e5f5a294e14a171a8b54d26a79271967

systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 8190394398951afbb0f0565cf80a89217843d4e9a41fef50d223f876d56908fe

systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 8190394398951afbb0f0565cf80a89217843d4e9a41fef50d223f876d56908fe

systemd-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: aab2bd6f0f8a7b761283264c7d85cb0a95c16aac7501c71334cedc4ed46a4e52

systemd-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: aab2bd6f0f8a7b761283264c7d85cb0a95c16aac7501c71334cedc4ed46a4e52

systemd-debugsource-250-12.el9_1.3.aarch64.rpm

SHA-256: 35f2f3e10ff37ab02af40181452fafe66ae95b4781e373e00f44a093682a1697

systemd-debugsource-250-12.el9_1.3.aarch64.rpm

SHA-256: 35f2f3e10ff37ab02af40181452fafe66ae95b4781e373e00f44a093682a1697

systemd-devel-250-12.el9_1.3.aarch64.rpm

SHA-256: e991a50a10ab581f8ce68c8fbe183739a97a30f50d3602700e057ac7a7244c87

systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 4c2b4b61f6802b51ac434761a4857a2fb73fa19c1748edf409604f5f869e84a5

systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 4c2b4b61f6802b51ac434761a4857a2fb73fa19c1748edf409604f5f869e84a5

systemd-journal-remote-250-12.el9_1.3.aarch64.rpm

SHA-256: a053cb45f7a52900201075b473fec1891d9f23e6cf3e3ab57c7db2861de86392

systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: d1e56cead3eddcf7452dff82483c1976454feb7887e69820ec463373dc9c1073

systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: d1e56cead3eddcf7452dff82483c1976454feb7887e69820ec463373dc9c1073

systemd-libs-250-12.el9_1.3.aarch64.rpm

SHA-256: fe7c970ca9bf2fea2b278243e6c6ebe507a46991dc1111f05e43a16016a5ff40

systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 51fd4e9357a11a99e6302b56ea9eb0811bd317e5f504e6e28e3dbed0c43be97b

systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 51fd4e9357a11a99e6302b56ea9eb0811bd317e5f504e6e28e3dbed0c43be97b

systemd-oomd-250-12.el9_1.3.aarch64.rpm

SHA-256: 34d2231fd5d7676cf92193ca39351e9af2faad4f48f2a301c387608604210d4f

systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 6a95f76b4f9fd1c480019e50a25f6eb959aba6078c08965c2e17da3717175cab

systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 6a95f76b4f9fd1c480019e50a25f6eb959aba6078c08965c2e17da3717175cab

systemd-pam-250-12.el9_1.3.aarch64.rpm

SHA-256: eb4c905a834635dee1442519a7f9a8d8da3f60e4c6db443cfaaf6f0691439e30

systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 132698f314fa7c4fa4f69bced68a762520865532eca4a168237c166063fd753e

systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 132698f314fa7c4fa4f69bced68a762520865532eca4a168237c166063fd753e

systemd-resolved-250-12.el9_1.3.aarch64.rpm

SHA-256: b298e403938515dfd5dc2a050565b7dec0d49ac04cf780f83ff3b2cf5f92eda3

systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: ba80e63f9814a938a756bd8536281557bd86e001358ae9cfd00c4048330c9a27

systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: ba80e63f9814a938a756bd8536281557bd86e001358ae9cfd00c4048330c9a27

systemd-rpm-macros-250-12.el9_1.3.noarch.rpm

SHA-256: f2fb9af41aeb44bfac8c0de1def031d90173a07349931324e1c9b3d40e5355c4

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 32e0093e4ffd6e304b9d93b5d1e9d2987c548f11a85f2b0d1c81cde8b817dc84

systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 32e0093e4ffd6e304b9d93b5d1e9d2987c548f11a85f2b0d1c81cde8b817dc84

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 507ac39717e11af7cfe85b5b0e9f903023b28bbbc3a016d4aac253e3ec7f2b76

systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 507ac39717e11af7cfe85b5b0e9f903023b28bbbc3a016d4aac253e3ec7f2b76

systemd-udev-250-12.el9_1.3.aarch64.rpm

SHA-256: ebbb81851b5394c4aa51c73276e88ac6053d7d3280f6ccf2296e9af220c71053

systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 0d732792cda1e982cd62adf136fc0342f5a99b0cefaa03c7f4286dcd53942bd4

systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm

SHA-256: 0d732792cda1e982cd62adf136fc0342f5a99b0cefaa03c7f4286dcd53942bd4

Related news

Gentoo Linux Security Advisory 202405-04

Gentoo Linux Security Advisory 202405-4 - Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. Versions greater than or equal to 252.4 are affected.

CVE-2023-0923

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.

Red Hat Security Advisory 2023-3742-02

Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:0584: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query ...

Red Hat Security Advisory 2023-2104-01

Red Hat Security Advisory 2023-2104-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

RHSA-2023:2083: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.5 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...

Red Hat Security Advisory 2023-2061-01

Red Hat Security Advisory 2023-2061-01 - Multicluster Engine for Kubernetes 2.1.6 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

RHSA-2023:1816: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.2 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.2 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While ...

Red Hat Security Advisory 2023-1448-01

Red Hat Security Advisory 2023-1448-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

Red Hat Security Advisory 2023-1454-01

Red Hat Security Advisory 2023-1454-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2023:1454: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41354: An information disclosure flaw was found in Argo CD. This issue may allow unauthorized users to enumerate application names by inspecting API error messages and could use the discovered application names as the starting point of another attack. For example, the attacker might use their knowledge of an application name to convince an administrator to grant ...

RHSA-2023:1453: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41354: An information disclosure flaw was found in Argo CD. This issue may allow unauthorized users to enumerate application names by inspecting API error messages and could use the discovered application names as the starting point of another attack. For example, the attacker might use their knowledge of an application name to convince an administrator to grant ...

RHSA-2023:1286: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...

Red Hat Security Advisory 2023-1181-01

Red Hat Security Advisory 2023-1181-01 - OpenShift Serverless version 1.27.1 contains a moderate security impact. This release includes security and bug fixes, and enhancements.

Red Hat Security Advisory 2023-1174-01

Red Hat Security Advisory 2023-1174-01 - OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.

Red Hat Security Advisory 2023-0931-01

Red Hat Security Advisory 2023-0931-01 - Update information for Logging Subsystem 5.4.12 in Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.

Red Hat Security Advisory 2023-0932-01

Red Hat Security Advisory 2023-0932-01 - Update information for Logging Subsystem 5.6.3 in Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.

Red Hat Security Advisory 2023-1170-01

Red Hat Security Advisory 2023-1170-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-0930-01

Red Hat Security Advisory 2023-0930-01 - Update information for Logging Subsystem 5.5.8 in Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2023:1174: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic. * CVE-2022...

RHSA-2023:0931: Red Hat Security Advisory: Logging Subsystem 5.4.12 - Red Hat OpenShift

Logging Subsystem 5.4.12 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to alloc...

RHSA-2023:0930: Red Hat Security Advisory: Logging Subsystem 5.5.8 - Red Hat OpenShift

Logging Subsystem 5.5.8 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&...

RHSA-2023:1170: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.1 security bug fix update

Red Hat OpenShift Data Foundation 4.12.1 Bug Fix Update Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.

Ubuntu Security Notice USN-5928-1

Ubuntu Security Notice 5928-1 - It was discovered that systemd did not properly validate the time and accuracy values provided to the format_timespan function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that systemd did not properly manage the fs.suid_dumpable kernel configurations. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.

Red Hat Security Advisory 2023-1079-01

Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).

RHSA-2023:1079: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container) security update

An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to c...

Red Hat Security Advisory 2023-0977-01

Red Hat Security Advisory 2023-0977-01 - Red Hat OpenShift Data Science 1.22.1 security update. Issues addressed include an improper authorization vulnerability.

RHSA-2023:0977: Red Hat Security Advisory: Red Hat OpenShift Data Science 1.22.1 security update

An update for kubeflow, dashboard, deployer is now available for Red Hat OpenShift Data Science 1.22. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0923: A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.

Red Hat Security Advisory 2023-0837-01

Red Hat Security Advisory 2023-0837-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include an information leakage vulnerability.

RHSA-2023:0837: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4415: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

CVE-2022-4415: security - systemd-coredump: CVE-2022-4415: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2022-45873: coredump: avoid deadlock when passing processed backtrace data · systemd/systemd@076b807

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.