Red Hat Security Advisory 2023-0167-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0167-01  
Product:           Red Hat Enterprise Linux Extras  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0167  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 7 Extras.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux 7 Extras - noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux 7 Extras:

Source:  
dpdk-18.11.8-2.el7_9.src.rpm

noarch:  
dpdk-doc-18.11.8-2.el7_9.noarch.rpm

ppc64le:  
dpdk-18.11.8-2.el7_9.ppc64le.rpm  
dpdk-debuginfo-18.11.8-2.el7_9.ppc64le.rpm  
dpdk-devel-18.11.8-2.el7_9.ppc64le.rpm  
dpdk-tools-18.11.8-2.el7_9.ppc64le.rpm

x86_64:  
dpdk-18.11.8-2.el7_9.x86_64.rpm  
dpdk-debuginfo-18.11.8-2.el7_9.x86_64.rpm  
dpdk-devel-18.11.8-2.el7_9.x86_64.rpm  
dpdk-tools-18.11.8-2.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoPtzjgjWX9erEAQh1Dw//UEDtp3cMPbD4oj4U7MLwoeDAlfu1waWD  
XM+IaeNQCAQh3/LAWLqIBWIYHnpH40KUx6eGq+wqgiHaT+P8wjWjSjHQ9LNOfToj  
g0QQtEw0ho4N8MoKOarAdCNG3SCNCWqYI7WzK5sbBehpnH6CTiT4HBDQjXQL17wj  
tEYwypx8BxqlYK4M+i+wSaHgQpm97rQbcuGtL8Kq3DitjrXtlLZcfS4OZ/05/jRa  
iFeEm1Crf6a3IIBgQpElFd0Geneb73XOWjcFDIBK/NMcJ7oO23NWKAyXMdeG46oo  
IhsoJ3mLWghvq2nOxsUXr+wDLA/dL7z85dvTaFG9FN/+TOj1cjgg/jQ+67UOPpJS  
+R3i3147B55NksxI4pBFqopJOwxi2TFCY1+1LAFpMSon+RWwDI/hEb7ZjOIz3KAZ  
z2+YDXAtpEUEKM0F50IsJsXJ+UxIddY4PjyXY1jooOOI5qsYLbrzazT1s/1oSl1N  
Zc+wVBwr4xvvd2wELOSomhZA8FqM9Phv8LXHYMCNtDjyOEA/VO8e7TXdJqs+exP7  
O+akEmp22LcogkcTBsABitvyHPdX2ne4z5u8a77FRsUDlqwk27SnWnxThSYDTDSP  
ivlIK941glqRvxXmUs52Iq+HlTXkJj34ZIxbs/cgsY2QyIGGOhHhNoc//CdZbwr5  
uyxula2OApU=  
=ycGV  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0167-01

A XNU race condition in vm_map_copy_overwrite_unaligned allows writing to read-only mappings.

XNU vm_map_copy_overwrite_unaligned Race Condition

XNU VM suffers from a copy-on-write bypass vulnerability due to incorrect shadow creation logic used during unaligned vm_map_copy operations.

XNU VM Copy-On-Write Bypass

Red Hat Security Advisory 2023-0170-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0170-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0170  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
dpdk-21.11-2.el8_6.src.rpm

aarch64:  
dpdk-21.11-2.el8_6.aarch64.rpm  
dpdk-debuginfo-21.11-2.el8_6.aarch64.rpm  
dpdk-debugsource-21.11-2.el8_6.aarch64.rpm  
dpdk-devel-21.11-2.el8_6.aarch64.rpm  
dpdk-tools-21.11-2.el8_6.aarch64.rpm

noarch:  
dpdk-doc-21.11-2.el8_6.noarch.rpm

ppc64le:  
dpdk-21.11-2.el8_6.ppc64le.rpm  
dpdk-debuginfo-21.11-2.el8_6.ppc64le.rpm  
dpdk-debugsource-21.11-2.el8_6.ppc64le.rpm  
dpdk-devel-21.11-2.el8_6.ppc64le.rpm  
dpdk-tools-21.11-2.el8_6.ppc64le.rpm

x86_64:  
dpdk-21.11-2.el8_6.x86_64.rpm  
dpdk-debuginfo-21.11-2.el8_6.x86_64.rpm  
dpdk-debugsource-21.11-2.el8_6.x86_64.rpm  
dpdk-devel-21.11-2.el8_6.x86_64.rpm  
dpdk-tools-21.11-2.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoO9zjgjWX9erEAQguXQ/+NvbLX/ACdYycNzSnrwqAc1nRtyhfwaJn  
pLNALAOQ+LQOCxTMb7IlKAZJlxqDTnKi3Wqwh1QM/ea99U+pb2qjrvyT2+3TuVV+  
CVQCUG1qmCk4dpB+uFdJRQAukliL37lvMVhKsGkUQKfTIQGlX3ho6kWzwiF4n767  
AI8Zga5ApbUFsAVpYfPiCYBjuqg3qBeZWuTVuQwt0CK+H4ztwFf6kK1htSF0jtSU  
sYcAOs0GGMY3lL1uIxwFfTvaIgQVcp15S+aC0d4chuzwbbocgdzG3WhugAPp2eXe  
daO3xS40IZfwfgSqNKc5KSYUS0yxc5NQDIT81VPeQEmbk8PScBitbd/l+GKS+aCk  
NITMDNzeYnA2+FGmiUf0tmj6wj6hD4aJV+X8LDFsYQJ2UEG3U0emJXHuHkV1lOa0  
Pt7UG1yHVnlBPMUX88ssffWzv0T578pm2o2SiToUGrkk4O7CS74p8E14U1x0JGG3  
pfsIj6Brz9eub90u/zQrOcCs0SRy1QjOxMp5Ep2Quz3RrMtBZLBoeor9FbJSlJvc  
Yr7+bxV4h1ntbvJ1BtuAWA/UckXPND4TMx936cWzU92SK4s5XQtp6fOTB9BZo13Z  
Hu8LBFoAiWU/qPb+9wjhM3CAL2dS35Ius+AkuCGxBCvWKTfI2/zkAAzvtZ+appob  
yRnOLG/bu94=  
=Vh97  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0170-01

Debian Linux Security Advisory 5318-1 - Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, was suspectible to denial of service via recursive XML entity expansion.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5318-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJanuary 13, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : lavaCVE ID         : CVE-2022-44641Debian Bug     : 1024429Igor Ponomarev discovered that LAVA, a continuous integration system fordeploying operating systems onto physical and virtual hardware forrunning tests, was suspectible to denial of service via recursive XMLentity expansion.For the stable distribution (bullseye), this problem has been fixed inversion 2020.12-5+deb11u2.We recommend that you upgrade your lava packages.For the detailed security status of lava please refer toits security tracker page at:https://security-tracker.debian.org/tracker/lavaFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPBriMACgkQEMKTtsN8Tjb+Lg/+IVAyMN6JpvfoVw2690mMigg4NeEhvy/+88hj8FbEpCdfORD3TOp2t6Asy+QIoE0ZAoOBN6JlHs4uK8k0PVzmHrho4Vp3LNB6RG4ppen4hyHRy5FOWJgXVicnqCYFOOGZk1M5LQq6nRpcl7iPK42jNwKEeJ5Z9vCPzoPfqeMN2ZsDKsKtGtcsu20sS4D9egjRiFl0VeGYx9DmKGZkgLBe1DdTq8IL3IDybqaXt6/CnqKj7TfUVvh0oX739WKZO9MgNiu/Aa8obumb/jbVvqxXo+3OfNeKtjcQKZhVRvUqt7CRpJwmmQpxkrxuFLhuz4nLy8Bu97CjMX8Jf+AEbhJ4PqBUinEIyQV1bICdWJw1rXjwPPHkXtnbtaMrAY/N0wJM4J4/Seu6x2P+I7Ftf/2/5Z4ltzmWIsPrLos81fFMKE5P/Objp1A8OEnHH1YeErae9HTZsvqr02DQErfR9mIaEJR6HryAIqxZsirXVzDFpL2cIbNVjCpiDsqAydCr30EvYIAmusdQ4egck0aN/1p1WAN7jcSQlw0Go4dutCJ1MYNbP8gB6tS+2xbZC+lGujr7Zmb1jpKl1ivZpOCXzqRYbWgBzgryf1g9GzH1a7r0pxCKvtTAzO9npEIusO0wPSQzpW9VmvAlPiAFj9EUF7ZWgfR/WdOkjJm9oT8dOANbGOg==88Fg-----END PGP SIGNATURE-----

Debian Security Advisory 5318-1

Red Hat Security Advisory 2023-0166-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0166-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0166  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, noarch, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, noarch, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
dpdk-19.11-6.el8_2.src.rpm

aarch64:  
dpdk-19.11-6.el8_2.aarch64.rpm  
dpdk-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-debugsource-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-tools-19.11-6.el8_2.aarch64.rpm

noarch:  
dpdk-doc-19.11-6.el8_2.noarch.rpm

ppc64le:  
dpdk-19.11-6.el8_2.ppc64le.rpm  
dpdk-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-debugsource-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-tools-19.11-6.el8_2.ppc64le.rpm

x86_64:  
dpdk-19.11-6.el8_2.x86_64.rpm  
dpdk-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-debugsource-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-tools-19.11-6.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
dpdk-19.11-6.el8_2.src.rpm

aarch64:  
dpdk-19.11-6.el8_2.aarch64.rpm  
dpdk-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-debugsource-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-tools-19.11-6.el8_2.aarch64.rpm

noarch:  
dpdk-doc-19.11-6.el8_2.noarch.rpm

ppc64le:  
dpdk-19.11-6.el8_2.ppc64le.rpm  
dpdk-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-debugsource-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-tools-19.11-6.el8_2.ppc64le.rpm

x86_64:  
dpdk-19.11-6.el8_2.x86_64.rpm  
dpdk-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-debugsource-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-tools-19.11-6.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
dpdk-19.11-6.el8_2.src.rpm

aarch64:  
dpdk-19.11-6.el8_2.aarch64.rpm  
dpdk-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-debugsource-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-19.11-6.el8_2.aarch64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.aarch64.rpm  
dpdk-tools-19.11-6.el8_2.aarch64.rpm

noarch:  
dpdk-doc-19.11-6.el8_2.noarch.rpm

ppc64le:  
dpdk-19.11-6.el8_2.ppc64le.rpm  
dpdk-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-debugsource-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-19.11-6.el8_2.ppc64le.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.ppc64le.rpm  
dpdk-tools-19.11-6.el8_2.ppc64le.rpm

x86_64:  
dpdk-19.11-6.el8_2.x86_64.rpm  
dpdk-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-debugsource-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-19.11-6.el8_2.x86_64.rpm  
dpdk-devel-debuginfo-19.11-6.el8_2.x86_64.rpm  
dpdk-tools-19.11-6.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoONzjgjWX9erEAQiPUg//fJLYK3gpMa2os5l4ABXNOY9SivH2wva8  
q6DtUTk5Y5/gKesCvPKB+fOKLgutGp0yDMKku+5nHiSc2YYiVPeXvfRQi6BbmqWz  
Pc8bYdbgfp/OBvTIihNLu7RoxSAJRMhd+nOO5zBUsj151cEmZ9n76VT6PartLrNI  
7RT+YsfaSHMgcezQCd7iKDdz0yi0iW6vDJ41rkLt59rksHDFWXfBcypIMDMp1Abt  
6QPg7vUcNTzk4PGI+qLdSlkD0pdgewQ03AXKuPMuVF8Do4F+hSiLURx+urRPgKZ0  
0VWEsER/ZoVl5CSCHBiYi4Y/2xR0fWaVb8G9hIMUNcHnSv/VCAj7OV66yersmkoM  
ium3yU9NpuXfVLhYkt9VGb88hKhX/VqlVLGC/LvkvrsC9VKFaxjJRvnwF3QNvO9u  
UOGKb4RSVpsaFzzxPMPu51zk3oyjnlckFOv4sTBsfdMpT4+uAmtLsbzKNoj8wln7  
AZbN1uIIMF6KAQs32+IRx3QvagiDMOHVXAODgKkYG4zt9t72LL576j0nAb6YWuy5  
ODVu5lxigonmiwv4+TwC9WeOlTgEm6/XA6otiPu0aYZsjkT4hRBoTGHvsufD//B8  
Le8m2DIBPDn3uTMB5ctw1+FM49MMhjVKrMIB4vjuPT+cKZcGJvsrKaVF/uBjLsyE  
2uczwphtQj0=  
=BEkm  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0166-01

The Citrix Linux client emits its session credentials when starting a Citrix session. These credentials end up being recorded in the client's system log. Citrix does not consider this to be a security vulnerability. Citrix Workspace App for Linux versions 2212 is affected.

# Citrix Linux client credential leak

The Citrix Linux client emits its session credentials when starting a Citrix  
session. These credentials end up being recorded in the client's system log.

Citrix do not consider this to be a security vulnerability.

# Software affected

- Citrix Workspace App for Linux versions 2212.

Other versions are likely affected.

# Context

When connecting to a Citrix session via a web browser such as Firefox on Linux,  
typically you access a web application known as Citrix Storefront. This  
provides clickable icons for the applications and remote desktop sessions  
available to you.

When you click on one of these, your browser is instructed to open a URL of the  
form `receiver://.....` which is handled using `/opt/Citrix/ICAClient/util/ctxwebhelper`.  
`ctxwebhelper` parses the URL and uses the decoded information to make a HTTP  
GET request to the remote server for an 'ica' file, which contains the  
connection details necessary to launch the Citrix client software,  
`/opt/Citrix/ICAClient/wfica`.

The ICA file contains details such as the server hostname and temporary session  
credentials needed to authenticate the session.

# The issue

When making the GET request to retrieve the ICA file, `ctxwebhelper` echos the  
full HTTP response (headers & body) to standard output, which ends up feeding  
into journald and then into the system log files.

This can be demonstrated by connecting to a Citrix session and running:

    grep receiver\\.desktop.*LogonTicket= /var/log/syslog

which will produce output such as

    2023-01-12T11:15:46.816466+00:00 myhostname receiver.desktop[9999]: LogonTicket=1234567890ABCDEF1234567890ABCD

# Vendor response

Citrix responded to my report on 2023-01-05 to say they do not consider this a product vulnerability:

    Thank you for bearing with us. We have concluded the security  
    investigation into the reported issue and determined that the contents  
    of /var/log/syslog can only be read or written by root user, or a  
    syslog user or an adm group but not by an unprivileged user. As a  
    result, we do not consider this finding as a vulnerability in the  
    product.

    We would like to thank you for submitting the finding and helping to  
    keep Citrix customers safe.

    Best Regards,

    Citrix Security Response Team

This is short-sighted in my opinion - logs should not be considered safe places  
to store credentials, even temporary ones.

# Workaround

Since Citrix do not consider this a vulnerability it seems unlikely this behaviour will change.

You can work around this issue by replacing ctxwebhelper with a wrapper script  
that either discards or filters its output.

First, rename `ctxwebhelper`:

    mv /opt/Citrix/ICAClient/util/ctxwebhelper /opt/Citrix/ICAClient/util/ctxwebhelper.real

Next, place a script in its place, which first redirects stdout and stderr to /dev/null before executing the real `ctxwebhelper`:

    #!/bin/bash  
    set -eu  
    exec &>/dev/null  
    "$(dirname "$0")"/ctxwebhelper.real "$@"

Don't forget to `chmod +x /opt/Citrix/ICAClient/util/ctxwebhelper` after doing this.

This script is available from this repository - see `ctxwebhelper.wrapper`.

Note that this will be overwritten if the Citrix client is reinstalled.

# Timeline

2022-12-11: Issue disclosed to Citrix via email to secure@citrix.com

2022-12-13: Citrix acknowledges receipt of the report, assigns identifier `CASE-8324`.

2023-01-05: Citrix reponds to say they do not consider it a vulnerability.

2023-01-07: Reply to Citrix requesting they reconsider their assessment.

2023-01-14: Public disclosure.

# Author

Russell Howe. [Github](https://github.com/rhowe) [Twitter](https://twitter.com/rhowe212).

ctxwebhelper.wrapper:

#!/bin/bash

# Brexit flags  
set -eu

# Ensure stdout and stderr are discarded  
exec &>/dev/null

# Execute the real ctxwebhelper  
"$(dirname "$0")"/ctxwebhelper.real "$@"  
Footer

Citrix Workspace App For Linux 2212 Credential Leak

Red Hat Security Advisory 2023-0169-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0169-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0169  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
dpdk-20.11-4.el8_4.src.rpm

aarch64:  
dpdk-20.11-4.el8_4.aarch64.rpm  
dpdk-debuginfo-20.11-4.el8_4.aarch64.rpm  
dpdk-debugsource-20.11-4.el8_4.aarch64.rpm  
dpdk-devel-20.11-4.el8_4.aarch64.rpm  
dpdk-tools-20.11-4.el8_4.aarch64.rpm

noarch:  
dpdk-doc-20.11-4.el8_4.noarch.rpm

ppc64le:  
dpdk-20.11-4.el8_4.ppc64le.rpm  
dpdk-debuginfo-20.11-4.el8_4.ppc64le.rpm  
dpdk-debugsource-20.11-4.el8_4.ppc64le.rpm  
dpdk-devel-20.11-4.el8_4.ppc64le.rpm  
dpdk-tools-20.11-4.el8_4.ppc64le.rpm

x86_64:  
dpdk-20.11-4.el8_4.x86_64.rpm  
dpdk-debuginfo-20.11-4.el8_4.x86_64.rpm  
dpdk-debugsource-20.11-4.el8_4.x86_64.rpm  
dpdk-devel-20.11-4.el8_4.x86_64.rpm  
dpdk-tools-20.11-4.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoNtzjgjWX9erEAQhZiw/7BNxquW60ziguCCbiK96myof2Z8wxs3KH  
OTicfAnmntkyGKGbAcLh6SerQxVa8TrIjBygFlxw7OgO6DN3fpcgUzPMhcGTtIn0  
Xutiliib0tUIFsZ/LS9RNMt9FQzYgadbknCU1Xi+wNHNkRMVh0WY6KNUwP3jq+tp  
7+HH8irZr44YOz0ZGypqIGjtsBz6ETvRcuQZvF5A5dey1sH0+Wre/EY9v6L72ItP  
jmhnz3I7lNffB32jCA6ek5zp6Ttp2h2yHotsm/SHxZ6zooj2PTbN0i+EFUWvJFGH  
CaI/Jf7hZtboyEWE6wFrrCB2e6MczAve8fKpqty8EEGX1zcKh4Rzxefn5/ue/jBB  
P3p1Gib01QfgilfGZFWyfzYIzA67YojhlEw9JRDReQdE0vGR19x2e97S7uT/stt0  
cAzdm4S/qmlH+SDk8aHeLQgKdh9mMCNzIRd+/xS1d6ZBmY9ajmefMSwTd/Al70i9  
+28/NF0lhJbe0EqWa2cCIWRUidPrcoAFsTNlaZbH0VlHjwAGmGp7BlaV8F2PPP7k  
g431UwgFG2u/fcTYsSJ3WHIckTNc3f33sIyLvGivVx6xveILRzqjm+mkaMhY/+R4  
Ie0nYoB7XAk+orAQc0CXHH5iex2xeXKkrGph2tov21TrxC1rV6YB60dXLSNxHgmK  
bnremio5wsY=  
=Iw/w  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0169-01

Debian Linux Security Advisory 5317-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5317-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJanuary 13, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-0141 CVE-2023-0140 CVE-2023-0139 CVE-2023-0138                 CVE-2023-0137 CVE-2023-0136 CVE-2023-0135 CVE-2023-0134     CVE-2023-0133 CVE-2023-0132 CVE-2023-0131 CVE-2023-0130     CVE-2023-0129 CVE-2023-0128Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bullseye), this problem has been fixed inversion 109.0.5414.74-2~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPBrfQACgkQEMKTtsN8TjbGjQ/+KfI0HcNDER9opW3i/NGsUubDFjtGSH2Bdh0I7CG0MFYo9jWbkskq9F/KjYHgJLTqXEZ7ZUiE/xUYDg20Ad8y1eJ8vZC4dlNaPX1SakdvAPC5HEgPFNjEO60i4SU/9y7+ujHIuuZiX7N7ATXUG7VRBTOCIFRraMzQ7iIFp3XlNPlPhW5T0XHkf+8oCl3ncFE/JCsEL22juORB93/Ws0MD7sc+Zn2F9HtIEc8PFe1PWs9xYqrT3YZXhI6jq77dcJBHzKzehWSOaDwmRWZ/PXjO5z4vM8rpcDOKQaAW55SAszu2BPNRHCph0OEibcg3Tul/sOKcnjAG2UwKf1dVDEwUf6tcvk1/pIdkpVVurH0AHUU86qlLAimDNwIIyNwpxGACaa9d81GjwPp/pR0CcC38ttJaqCQMEf68F65dy/8GFBab/HrB8lDEB2tL/dWCFzWehcfntcr+mVsxktB8mY0FJWC6JIoQPJA3BALmH95duUmDYlcIYsjPipiFj74+IAUijIgVeyCCl/6jJ1TWQSlHuMnMJIVzzGEDH3DGXiLaE2ZRDHap8y/IBbDXeHRZ8YQ1CwBSaTeyHrp7zBPL2iu4LsJzT6c7zijvJClJGHkzhBbUlDyPc4G1ew20p4BnOBTOiDa4Vxyg8NnCREPjHW7oR2S7FhraDjAK/8g4t87cUy8==11U3-----END PGP SIGNATURE-----

Debian Security Advisory 5317-1

Red Hat Security Advisory 2023-0171-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0171-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0171  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
dpdk-21.11-2.el8_7.src.rpm

aarch64:  
dpdk-21.11-2.el8_7.aarch64.rpm  
dpdk-debuginfo-21.11-2.el8_7.aarch64.rpm  
dpdk-debugsource-21.11-2.el8_7.aarch64.rpm  
dpdk-devel-21.11-2.el8_7.aarch64.rpm  
dpdk-tools-21.11-2.el8_7.aarch64.rpm

noarch:  
dpdk-doc-21.11-2.el8_7.noarch.rpm

ppc64le:  
dpdk-21.11-2.el8_7.ppc64le.rpm  
dpdk-debuginfo-21.11-2.el8_7.ppc64le.rpm  
dpdk-debugsource-21.11-2.el8_7.ppc64le.rpm  
dpdk-devel-21.11-2.el8_7.ppc64le.rpm  
dpdk-tools-21.11-2.el8_7.ppc64le.rpm

x86_64:  
dpdk-21.11-2.el8_7.x86_64.rpm  
dpdk-debuginfo-21.11-2.el8_7.x86_64.rpm  
dpdk-debugsource-21.11-2.el8_7.x86_64.rpm  
dpdk-devel-21.11-2.el8_7.x86_64.rpm  
dpdk-tools-21.11-2.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoM9zjgjWX9erEAQhx9g/9F3SAUKPo+ITUwnYIr1s5P3jP7dT64XnJ  
y0Ea1QbdgJkCjKqSlwvNWtLIxo3o4/8ByPkcmX3rsEE3KKjAF5dYktqb+OA51j9M  
v+bfMp0vksxeJbLsMB+a5L9GYcNzihYsqfir/v5d71w3KjMPq6DJVAobR6pxgYTe  
JTl/B23XARbXHeRgaFEzeiJKUku07w7857aqOPulfo9WgqwVuuJ+bPu2Ka+meJO9  
iNMgJNm1NGQBfkh73yqJpud0+UiQqSGiTTKWkx4l7yGA1ZfJjxLEG6/rV+lMkdG8  
j9WkUi9r7PqL8e2+tUUpJHf5MZt4nLot7Y2zwuZW1TGVjhHvKC/dkSWvIGQCgPAF  
I04waIPiIFB/CkF3nQN8dg+Ybjv5LAzAYX6RP4cQ65lwO4vy3elhNUv+K202cIN9  
El7sqfjI44M0lSrdGBp6UO1SRch4cRJSZwac6sRWGxLQra7Wb2cbaf2fYPeqxo+Q  
6f5nBUD4SnfuDRjOLRsMLyguG5CWv+BoLvM7xAvh7EM7j4Q3TPwvnNRwXit6cmgo  
kCzSeVKFxI+Funojbw4VzzAeQqlsK94xmOKLTuVCu0OXFEoUk+GbksJ2H8p57Q30  
x0uy39EgaYOGrSD7xwhSs87S+Fe/kvgT1BMYl7BWua6ujv4ekzkl/AHJpOE5hhOQ  
sqrzlyZmKqg=  
=4WKa  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Source

Packet Storm