Red Hat Security Advisory 2022-6504-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.17 security update  
Advisory ID:       RHSA-2022:6504-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6504  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-28199  
====================================================================  
1. Summary:

An update for openvswitch2.13 is now available for Fast Datapath for Red  
Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* dpdk: error recovery in mlx5 driver not handled properly, allowing for  
denial of service (CVE-2022-28199)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch2.17-2.17.0-37.4.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch2.17-2.17.0-37.4.el8fdp.aarch64.rpm  
openvswitch2.17-2.17.0-37.4.el8fdp.aarch64.rpm  
openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.aarch64.rpm  
openvswitch2.17-debugsource-2.17.0-37.4.el8fdp.aarch64.rpm  
openvswitch2.17-devel-2.17.0-37.4.el8fdp.aarch64.rpm  
openvswitch2.17-ipsec-2.17.0-37.4.el8fdp.aarch64.rpm  
python3-openvswitch2.17-2.17.0-37.4.el8fdp.aarch64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.aarch64.rpm

noarch:  
openvswitch2.17-test-2.17.0-37.4.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch2.17-2.17.0-37.4.el8fdp.ppc64le.rpm  
openvswitch2.17-2.17.0-37.4.el8fdp.ppc64le.rpm  
openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.ppc64le.rpm  
openvswitch2.17-debugsource-2.17.0-37.4.el8fdp.ppc64le.rpm  
openvswitch2.17-devel-2.17.0-37.4.el8fdp.ppc64le.rpm  
openvswitch2.17-ipsec-2.17.0-37.4.el8fdp.ppc64le.rpm  
python3-openvswitch2.17-2.17.0-37.4.el8fdp.ppc64le.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch2.17-2.17.0-37.4.el8fdp.s390x.rpm  
openvswitch2.17-2.17.0-37.4.el8fdp.s390x.rpm  
openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.s390x.rpm  
openvswitch2.17-debugsource-2.17.0-37.4.el8fdp.s390x.rpm  
openvswitch2.17-devel-2.17.0-37.4.el8fdp.s390x.rpm  
openvswitch2.17-ipsec-2.17.0-37.4.el8fdp.s390x.rpm  
python3-openvswitch2.17-2.17.0-37.4.el8fdp.s390x.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch2.17-2.17.0-37.4.el8fdp.x86_64.rpm  
openvswitch2.17-2.17.0-37.4.el8fdp.x86_64.rpm  
openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.x86_64.rpm  
openvswitch2.17-debugsource-2.17.0-37.4.el8fdp.x86_64.rpm  
openvswitch2.17-devel-2.17.0-37.4.el8fdp.x86_64.rpm  
openvswitch2.17-ipsec-2.17.0-37.4.el8fdp.x86_64.rpm  
python3-openvswitch2.17-2.17.0-37.4.el8fdp.x86_64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-37.4.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-28199  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqltzjgjWX9erEAQidgRAAp1KbH8/He0JStWrSa5f+El9li10FMfDV  
4TUzmchTGwpsQf0KUSswQv4zJClEDa2GxWPW0yhvv9Uff1Eg5HXyFHlvkrKVX9p6  
5wcuS6iVhHabytFFy+8apg/OZHhvneT5Wib9eLi2yGpgk6Vc5+KnoBdHRt3lzj25  
mzLPHbjecM4Bvcd4TcgO6Mil2db0Ab+7QkDGKh7239vgl3sOPjZ/QQHScZvDcYnK  
DgXUJChoyjxuZuta/0KYRVc87HmCS05jAozRMkMnkZyFN7fb7ueKzLZac75e4hGB  
i6pg/kvJILVm/6YmCfuU4/Zj2Tva6awFCiP1Qp4n48O1QFbNnl3J3VnbwM4C3Pne  
XgQUcpQ8kd4Bt7rR3301CJQ1ToWfNhVF6K+6vj31ju+UfxXrsEOsiZ3QtLQ2wcUu  
zVzP89XNbHTM7AHZPRaj4OiGGxpSulRbRD/fl05+FPsesQ5432psFSQtGinre++q  
T3P/AXuAAp6EJwuTosUIzenV9StI0ZoKv/qDIMKBuYFf0e+Cnc+AvTUQSOLid2Ih  
RF0hIR5ZEioWgSwJjWOYjeoFpKO1CNCPmX7vkwqurusospbXNfGS8kKNsw4xqjMA  
2wUKoVSKFTv8F4f/FYQ/XBcDw1MsMEzL7CfeyvKv5s2zk3D0HoxkG2ibgon66bn9  
4SYymtqhe3M=HsPa  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6504-01

Red Hat Security Advisory 2022-6507-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixes  
Advisory ID:       RHSA-2022:6507-01  
Product:           Red Hat ACM  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6507  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-1012 CVE-2022-1292 CVE-2022-1586   
                   CVE-2022-1785 CVE-2022-1897 CVE-2022-1927   
                   CVE-2022-2068 CVE-2022-2097 CVE-2022-2526   
                   CVE-2022-29154 CVE-2022-31129 CVE-2022-32206   
                   CVE-2022-32208 CVE-2022-32250 CVE-2022-36067   
=====================================================================

1. Summary:

Red Hat Advanced Cluster Management for Kubernetes 2.5.2 General  
Availability release images, which fix security issues and bugs.

Red Hat Product Security has rated this update as having a security impact  
of Critical. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE links in the References section.

2. Description:

Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images

Red Hat Advanced Cluster Management for Kubernetes provides the  
capabilities to address common challenges that administrators and site  
reliability engineers face as they work across a range of public and  
private cloud environments. Clusters and applications are all visible and  
managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster  
Management for Kubernetes, which fix several bugs. See the following  
Release Notes documentation, which will be updated shortly for this  
release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/

Security fixes:

* moment: inefficient parsing algorithim resulting in DoS (CVE-2022-31129)  
* vm2: Sandbox Escape in vm2 (CVE-2022-36067)

Bug fixes:

* Submariner Globalnet e2e tests failed on MTU between On-Prem to Public  
clusters (BZ# 2074547)

* OCP 4.11 - Install fails because of: pods  
"management-ingress-63029-5cf6789dd6-" is forbidden: unable to validate  
against any security context constrain (BZ# 2082254)

* subctl gather fails to gather libreswan data if CableDriver field is  
missing/empty in Submariner Spec (BZ# 2083659)

* Yaml editor for creating vSphere cluster moves to next line after typing  
(BZ# 2086883)

* Submariner addon status doesn't track all deployment failures (BZ#  
2090311)

* Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn  
without including s3 secret (BZ# 2091170)

* After switching to ACM 2.5 the managed clusters log "unable to create  
ClusterClaim" errors (BZ# 2095481)

* Enforce failed and report the violation after modified memory value in  
limitrange policy (BZ# 2100036)

* Creating an application fails with "This application has no subscription  
match selector (spec.selector.matchExpressions)" (BZ# 2101577)

* Inconsistent cluster resource statuses between "All Subscription"  
topology and individual topologies (BZ# 2102273)

* managed cluster is in "unknown" state for 120 mins after OADP restore

* RHACM 2.5.2 images (BZ# 2104553)

* Subscription UI does not allow binding to label with empty value (BZ#  
2104961)

* Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD (BZ#  
2106069)

* Region information is not available for Azure cloud in managedcluster CR  
(BZ# 2107134)

* cluster uninstall log points to incorrect container name (BZ# 2107359)

* ACM shows wrong path for Argo CD applicationset git generator (BZ#  
2107885)

* Single node checkbox not visible for 4.11 images (BZ# 2109134)

* Unable to deploy hypershift cluster when enabling  
validate-cluster-security (BZ# 2109544)

* Deletion of Application (including app related resources) from the  
console fails to delete PlacementRule for the application (BZ# 20110026)

* After the creation by a policy of job or deployment (in case the object  
is missing)ACM is trying to add new containers instead of updating (BZ#  
2117728)

* pods in CrashLoopBackoff on 3.11 managed cluster (BZ# 2122292)

* ArgoCD and AppSet Applications do not deploy to local-cluster (BZ#  
2124707)

3. Solution:

For Red Hat Advanced Cluster Management for Kubernetes, see the following  
documentation, which will be updated shortly for this release, for  
important  
instructions about installing this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing

4. Bugs fixed (https://bugzilla.redhat.com/):

2074547 - Submariner Globalnet e2e tests failed on MTU between On-Prem to Public clusters  
2082254 - OCP 4.11 - Install fails because of: pods "management-ingress-63029-5cf6789dd6-" is forbidden: unable to validate against any security context constraint  
2083659 - subctl gather fails to gather libreswan data if CableDriver field is missing/empty in Submariner Spec  
2086883 - Yaml editor for creating vSphere cluster moves to next line after typing  
2090311 - Submariner addon status doesn't track all deployment failures  
2091170 - Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn without including s3 secret  
2095481 - After switching to ACM 2.5 the managed clusters log "unable to create ClusterClaim" errors  
2100036 - Enforce failed and report the violation after modified memory value in limitrange policy  
2101577 - Creating an application fails with "This application has no subscription match selector (spec.selector.matchExpressions)"  
2102273 - Inconsistent cluster resource statuses between "All Subscription" topology and individual topologies  
2103653 - managed cluster is in "unknown" state for 120 mins after OADP restore  
2104553 - RHACM 2.5.2 images  
2104961 - Subscription UI does not allow binding to label with empty value  
2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS  
2106069 - Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD  
2107134 - Region information is not available for Azure cloud in managedcluster CR  
2107359 - cluster uninstall log points to incorrect container name  
2107885 - ACM shows wrong path for Argo CD applicationset git generator  
2109134 - Single node checkbox not visible for 4.11 images  
2110026 - Deletion of Application (including app related resources) from the console fails to delete PlacementRule for the application  
2117728 - After the creation by a policy of job or deployment (in case the object is missing)ACM is trying to add new containers instead of updating  
2122292 - pods in CrashLoopBackoff on 3.11 managed cluster  
2124707 - ArgoCD and AppSet Applications do not deploy to local-cluster  
2124794 - CVE-2022-36067 vm2:  Sandbox Escape in vm2

5. References:

https://access.redhat.com/security/cve/CVE-2022-1012  
https://access.redhat.com/security/cve/CVE-2022-1292  
https://access.redhat.com/security/cve/CVE-2022-1586  
https://access.redhat.com/security/cve/CVE-2022-1785  
https://access.redhat.com/security/cve/CVE-2022-1897  
https://access.redhat.com/security/cve/CVE-2022-1927  
https://access.redhat.com/security/cve/CVE-2022-2068  
https://access.redhat.com/security/cve/CVE-2022-2097  
https://access.redhat.com/security/cve/CVE-2022-2526  
https://access.redhat.com/security/cve/CVE-2022-29154  
https://access.redhat.com/security/cve/CVE-2022-31129  
https://access.redhat.com/security/cve/CVE-2022-32206  
https://access.redhat.com/security/cve/CVE-2022-32208  
https://access.redhat.com/security/cve/CVE-2022-32250  
https://access.redhat.com/security/cve/CVE-2022-36067  
https://access.redhat.com/security/updates/classification/#critical

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqiNzjgjWX9erEAQg6DA//UO1cD/jb8L6UGR/HD08sbnNIY5arjL43  
G46DhRxvn46Nmk7jAqVXwnIJJgkcqZhlQUhTnkhxM/FIgz8U2UpFnYPSFdAnkyjz  
ockyg7voAr4eo4eTI9iGuIdJWn4A6FE7Zj1/1UEV3sTAbvqmyzUriZsqcVRqMzLo  
R1vWsr9bKLmcsJvX6XZfumr04ccXmCbWJSiRIDfZFZ8SKrrCESAcPGDqImxgUrVW  
Q6GjmjaVtn7lUfU4tJHHtK11nWuXIFHzvyR8JSZOQ/FOV2Zj/TrJ/afeJI7/abGO  
9WFQb/LAtgKfsAt0ywVkSs0toPQvCFe3s6T4oDWfXcuI+WrB+ry8SiCQZWPSaZjD  
ursL2uufr5hMHbSA+ReI1sHc2dsPBQXl3M2GL1W+0J/ADoephz/BO873QQLiQLsY  
7gKoS9jfvA5ZgkhoqvoCVdnaXpQVoaVa59oX9g9SlkriXHzlPSAfH3Vw9w1vWyW7  
YL3AzmWy7aufeM+EPeEaqGno9pXaBdKGyBgQ1ivgdQfzLD+EEaBpANuuaaiAyBIU  
WfbDE1Wwr+Qy+ZirrY3vh4tLIoZi7nfza3F9PIoQBFAR2EHxvFMCEEaSOolqa3zA  
mAFUoDcd84qyjiFiMfvU2bXgjmE1FDvWNqM1sL+rolWWdLNGu1oFWMeLbrJwLUmp  
2H9E8fzAkbA=  
=y1WG  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6507-01

Red Hat Security Advisory 2022-6503-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.17 security update  
Advisory ID:       RHSA-2022:6503-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6503  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-28199  
====================================================================  
1. Summary:

An update for openvswitch2.13 is now available for Fast Datapath for Red  
Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 9 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* dpdk: error recovery in mlx5 driver not handled properly, allowing for  
denial of service (CVE-2022-28199)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 9:

Source:  
openvswitch2.17-2.17.0-32.4.el9fdp.src.rpm

aarch64:  
openvswitch2.17-2.17.0-32.4.el9fdp.aarch64.rpm  
openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.aarch64.rpm  
openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.aarch64.rpm  
openvswitch2.17-devel-2.17.0-32.4.el9fdp.aarch64.rpm  
openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.aarch64.rpm  
python3-openvswitch2.17-2.17.0-32.4.el9fdp.aarch64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.aarch64.rpm

noarch:  
openvswitch2.17-test-2.17.0-32.4.el9fdp.noarch.rpm

ppc64le:  
openvswitch2.17-2.17.0-32.4.el9fdp.ppc64le.rpm  
openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.ppc64le.rpm  
openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.ppc64le.rpm  
openvswitch2.17-devel-2.17.0-32.4.el9fdp.ppc64le.rpm  
openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.ppc64le.rpm  
python3-openvswitch2.17-2.17.0-32.4.el9fdp.ppc64le.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.ppc64le.rpm

s390x:  
openvswitch2.17-2.17.0-32.4.el9fdp.s390x.rpm  
openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.s390x.rpm  
openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.s390x.rpm  
openvswitch2.17-devel-2.17.0-32.4.el9fdp.s390x.rpm  
openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.s390x.rpm  
python3-openvswitch2.17-2.17.0-32.4.el9fdp.s390x.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.s390x.rpm

x86_64:  
openvswitch2.17-2.17.0-32.4.el9fdp.x86_64.rpm  
openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.x86_64.rpm  
openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.x86_64.rpm  
openvswitch2.17-devel-2.17.0-32.4.el9fdp.x86_64.rpm  
openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.x86_64.rpm  
python3-openvswitch2.17-2.17.0-32.4.el9fdp.x86_64.rpm  
python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-28199  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqnNzjgjWX9erEAQiQlhAAo0WuIomRRgTRFhRrnXzmxJhJlfWbMT34  
6D8XvqIxhp+FzwfqqBWPCyBb/94gsjvElOr0KJHAF0hLUB/FDstxDWAZym+QgUQW  
kMoTq4rExnP0cI88AKiPPsG3wBVgKMBWX+ehD2es63fUAvo7KK4F8e8yvyGtj1fn  
PbDX88MUkrap5VF8tup5ETIQB8vg68jevhYeJQagEBZfP1QXyNKSXbQZXQtY4N0r  
k6vSuW9D4aAo/PPL0difuWZhRdmiht/+KiUH5X3I+mg4C0XN27sdEPeerP9fcBgH  
IX2XCpUSUhVmuFg04ReVuAZrhnYteODC0VEKPnpnKJYnMpByQ1pvRIwZsF7Qfb7V  
gwbLSzngqW9bCWXVpPkLVouOiw7TCU2I/cZJevNind0q5dTwPsORhATn9tmOacxe  
fEwcgYXJXPnehX5RyoJ00DwgjAtxXokM/1NG7+CyXagmALNyy4jl+EGcR1/Oc0R+  
1zXl1RM486yjHqjwHuOmhkeYSGP2vmMzrPV+TkvC2cOBeElklFKwOBTTiMwCAeTv  
BMLJit1alU2VDe72l86Rd4GhbXCi97NEqdg1/OtAISZ5rFZW+BmwLxNhBTbIgHZy  
GMAgQoG/oZZrJ1NrTrqbuwB8i0XwWMfpRJ5RMTftI6laE+1k7AELCx4SVwp3M4u0  
KxCcYkjNZrw=azTE  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6503-01

Red Hat Security Advisory 2022-6502-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.13 security update  
Advisory ID:       RHSA-2022:6502-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6502  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-28199  
====================================================================  
1. Summary:

An update for openvswitch2.13 is now available for Fast Datapath for Red  
Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* dpdk: error recovery in mlx5 driver not handled properly, allowing for  
denial of service (CVE-2022-28199)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch2.13-2.13.0-193.3.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch2.13-2.13.0-193.3.el8fdp.aarch64.rpm  
openvswitch2.13-2.13.0-193.3.el8fdp.aarch64.rpm  
openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.aarch64.rpm  
openvswitch2.13-debugsource-2.13.0-193.3.el8fdp.aarch64.rpm  
openvswitch2.13-devel-2.13.0-193.3.el8fdp.aarch64.rpm  
openvswitch2.13-ipsec-2.13.0-193.3.el8fdp.aarch64.rpm  
python3-openvswitch2.13-2.13.0-193.3.el8fdp.aarch64.rpm  
python3-openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.aarch64.rpm

noarch:  
openvswitch2.13-test-2.13.0-193.3.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch2.13-2.13.0-193.3.el8fdp.ppc64le.rpm  
openvswitch2.13-2.13.0-193.3.el8fdp.ppc64le.rpm  
openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.ppc64le.rpm  
openvswitch2.13-debugsource-2.13.0-193.3.el8fdp.ppc64le.rpm  
openvswitch2.13-devel-2.13.0-193.3.el8fdp.ppc64le.rpm  
openvswitch2.13-ipsec-2.13.0-193.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.13-2.13.0-193.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch2.13-2.13.0-193.3.el8fdp.s390x.rpm  
openvswitch2.13-2.13.0-193.3.el8fdp.s390x.rpm  
openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.s390x.rpm  
openvswitch2.13-debugsource-2.13.0-193.3.el8fdp.s390x.rpm  
openvswitch2.13-devel-2.13.0-193.3.el8fdp.s390x.rpm  
openvswitch2.13-ipsec-2.13.0-193.3.el8fdp.s390x.rpm  
python3-openvswitch2.13-2.13.0-193.3.el8fdp.s390x.rpm  
python3-openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch2.13-2.13.0-193.3.el8fdp.x86_64.rpm  
openvswitch2.13-2.13.0-193.3.el8fdp.x86_64.rpm  
openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.x86_64.rpm  
openvswitch2.13-debugsource-2.13.0-193.3.el8fdp.x86_64.rpm  
openvswitch2.13-devel-2.13.0-193.3.el8fdp.x86_64.rpm  
openvswitch2.13-ipsec-2.13.0-193.3.el8fdp.x86_64.rpm  
python3-openvswitch2.13-2.13.0-193.3.el8fdp.x86_64.rpm  
python3-openvswitch2.13-debuginfo-2.13.0-193.3.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-28199  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqoNzjgjWX9erEAQhuVhAAk+0xP7u9xosSSBVFcs1kf/k1BvIWPyrh  
rQjPF3yjXUVSMqlSVVj+KYHJ4NnRcKr/Ov9Y8znRAGAb/PYy42TQSYGUQgXsn96T  
9d/KloOXmZT1XHq/XwB6s66f4GA/wtoXMHS5EYiW7fhAKLi28rpATkDNg0koIsRD  
sAI0SVsiAQZjnyWo84KsqIp4xC4mO6W4WH0hbCWq5lsZhxK4TFyn5J2OyqTHM2u2  
qnlBp13RFJpwpcAlmb7MGwoNIMRjQKdvw4Fm99uOhCTxHNAmQoNfUuqgk5WY/+hg  
CWeTOiCN2jYkTBcisGR5ouYC+LPoCjLJQqUfppa42Xd96O9R4AlGMeCxeriC34JT  
rhge5jAawTDG1RWQxGNEK8vdp2uZT/3oselKJPn5kQErR5AeeTGHjHv0/UA/olSm  
aPq24sXRXChbrZgOTQpU1c3laJxhO45+VcUVV3Hp+WTE7GwbwBy2Y4Lbv99QuTdY  
hBO2TsBIz3VYKQ7xbGP7lDmykkrIxz1vNLXpDStmLiPzT4bzchNR54WZAUA0RrkU  
o//TWEfXE2D4yW1ZQ/gfQQ1XrAb4fRM603ai7uxpp6iZie8jQD/vAxZSp4zGzlqW  
prRtniUI/tm/mtl0alC+cNt5xo+IX9cFboA26bbKTtdlckswrq6uLMH8i626tGpM  
PFBkZbsSircwJ9  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6502-01

Red Hat Security Advisory 2022-6505-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.15 security update  
Advisory ID:       RHSA-2022:6505-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6505  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-28199  
====================================================================  
1. Summary:

An update for openvswitch2.15 is now available in Fast Datapath for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* dpdk: error recovery in mlx5 driver not handled properly, allowing for  
denial of service (CVE-2022-28199)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch2.15-2.15.0-113.3.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch2.15-2.15.0-113.3.el8fdp.aarch64.rpm  
openvswitch2.15-2.15.0-113.3.el8fdp.aarch64.rpm  
openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.aarch64.rpm  
openvswitch2.15-debugsource-2.15.0-113.3.el8fdp.aarch64.rpm  
openvswitch2.15-devel-2.15.0-113.3.el8fdp.aarch64.rpm  
openvswitch2.15-ipsec-2.15.0-113.3.el8fdp.aarch64.rpm  
python3-openvswitch2.15-2.15.0-113.3.el8fdp.aarch64.rpm  
python3-openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.aarch64.rpm

noarch:  
openvswitch2.15-test-2.15.0-113.3.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch2.15-2.15.0-113.3.el8fdp.ppc64le.rpm  
openvswitch2.15-2.15.0-113.3.el8fdp.ppc64le.rpm  
openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.ppc64le.rpm  
openvswitch2.15-debugsource-2.15.0-113.3.el8fdp.ppc64le.rpm  
openvswitch2.15-devel-2.15.0-113.3.el8fdp.ppc64le.rpm  
openvswitch2.15-ipsec-2.15.0-113.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.15-2.15.0-113.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch2.15-2.15.0-113.3.el8fdp.s390x.rpm  
openvswitch2.15-2.15.0-113.3.el8fdp.s390x.rpm  
openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.s390x.rpm  
openvswitch2.15-debugsource-2.15.0-113.3.el8fdp.s390x.rpm  
openvswitch2.15-devel-2.15.0-113.3.el8fdp.s390x.rpm  
openvswitch2.15-ipsec-2.15.0-113.3.el8fdp.s390x.rpm  
python3-openvswitch2.15-2.15.0-113.3.el8fdp.s390x.rpm  
python3-openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch2.15-2.15.0-113.3.el8fdp.x86_64.rpm  
openvswitch2.15-2.15.0-113.3.el8fdp.x86_64.rpm  
openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.x86_64.rpm  
openvswitch2.15-debugsource-2.15.0-113.3.el8fdp.x86_64.rpm  
openvswitch2.15-devel-2.15.0-113.3.el8fdp.x86_64.rpm  
openvswitch2.15-ipsec-2.15.0-113.3.el8fdp.x86_64.rpm  
python3-openvswitch2.15-2.15.0-113.3.el8fdp.x86_64.rpm  
python3-openvswitch2.15-debuginfo-2.15.0-113.3.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-28199  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqktzjgjWX9erEAQhiTw//U7hzly0a3xVXw+cW2G0tnHu2BSibf/9n  
Usl6g2bjcU6e+k00aih/Fz9npyPVlbO8rXjhi4SHnKtykDirC4fekEcT+7z+oIsq  
CqIdpede8yDgOG7YXpSPMG8BpAJHcPU2YsF1ZJgizvn5gTCZ7CU9IPhkqttPD/l3  
GgKixnXrhaZh38XE+vdHbj81RXGKT/uFx5GVp7PunLOdPPdUiMzY/b4JzYEeDU5l  
PyVrMP5Q4OU4iIhHiPMDCJ2S30pxFhH6wkcr0TPTe3pHjaYgvlLwIxFqL4/CVHi+  
uZN+fsDhTfQCXhKKXc6jn+ogt7b+s+dzOX9/qaULSRzUoOdxrW6Hxg9QbBU+R8fS  
x0Ie8XCF9wku3bj9NMkph4VbESgnzVHI64ri4zQKRD4R4C3Rvqhh7qmRYYPHAZ/5  
i8Ok+1HgZIW97RNW8YmdaJnVIM3MBE7jiC6EzCQF1WVjmW/OO8i3O0sZd3troCL0  
FGcE9wmyOI+9gwOZ+1aafxDlXjVdunMwBIHvGjE/BxCtY4MeT7j1VdwbvTXgsZIQ  
CgCTYvZfLfYckSTV8Jsf9Nw+79WKx/KD9Cz2tJSdFGqgmirgyITKDDuUK1ZxAAhO  
yXvsGWN2NcUhqjq9+aePwT+y8KA/OvzItIU1+o8Ty5ya8MGHddB4MwGk8seOsinE  
zbVZ+vYiNPw=ScRD  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6505-01

Red Hat Security Advisory 2022-6506-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: openvswitch2.16 security update  
Advisory ID:       RHSA-2022:6506-01  
Product:           Fast Datapath  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6506  
Issue date:        2022-09-13  
CVE Names:         CVE-2022-28199  
====================================================================  
1. Summary:

An update for openvswitch2.13 is now available for Fast Datapath for Red  
Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Open vSwitch provides standard network bridging functions and support for  
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* dpdk: error recovery in mlx5 driver not handled properly, allowing for  
denial of service (CVE-2022-28199)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

6. Package List:

Fast Datapath for Red Hat Enterprise Linux 8:

Source:  
openvswitch2.16-2.16.0-89.3.el8fdp.src.rpm

aarch64:  
network-scripts-openvswitch2.16-2.16.0-89.3.el8fdp.aarch64.rpm  
openvswitch2.16-2.16.0-89.3.el8fdp.aarch64.rpm  
openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.aarch64.rpm  
openvswitch2.16-debugsource-2.16.0-89.3.el8fdp.aarch64.rpm  
openvswitch2.16-devel-2.16.0-89.3.el8fdp.aarch64.rpm  
openvswitch2.16-ipsec-2.16.0-89.3.el8fdp.aarch64.rpm  
python3-openvswitch2.16-2.16.0-89.3.el8fdp.aarch64.rpm  
python3-openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.aarch64.rpm

noarch:  
openvswitch2.16-test-2.16.0-89.3.el8fdp.noarch.rpm

ppc64le:  
network-scripts-openvswitch2.16-2.16.0-89.3.el8fdp.ppc64le.rpm  
openvswitch2.16-2.16.0-89.3.el8fdp.ppc64le.rpm  
openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.ppc64le.rpm  
openvswitch2.16-debugsource-2.16.0-89.3.el8fdp.ppc64le.rpm  
openvswitch2.16-devel-2.16.0-89.3.el8fdp.ppc64le.rpm  
openvswitch2.16-ipsec-2.16.0-89.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.16-2.16.0-89.3.el8fdp.ppc64le.rpm  
python3-openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.ppc64le.rpm

s390x:  
network-scripts-openvswitch2.16-2.16.0-89.3.el8fdp.s390x.rpm  
openvswitch2.16-2.16.0-89.3.el8fdp.s390x.rpm  
openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.s390x.rpm  
openvswitch2.16-debugsource-2.16.0-89.3.el8fdp.s390x.rpm  
openvswitch2.16-devel-2.16.0-89.3.el8fdp.s390x.rpm  
openvswitch2.16-ipsec-2.16.0-89.3.el8fdp.s390x.rpm  
python3-openvswitch2.16-2.16.0-89.3.el8fdp.s390x.rpm  
python3-openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.s390x.rpm

x86_64:  
network-scripts-openvswitch2.16-2.16.0-89.3.el8fdp.x86_64.rpm  
openvswitch2.16-2.16.0-89.3.el8fdp.x86_64.rpm  
openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.x86_64.rpm  
openvswitch2.16-debugsource-2.16.0-89.3.el8fdp.x86_64.rpm  
openvswitch2.16-devel-2.16.0-89.3.el8fdp.x86_64.rpm  
openvswitch2.16-ipsec-2.16.0-89.3.el8fdp.x86_64.rpm  
python3-openvswitch2.16-2.16.0-89.3.el8fdp.x86_64.rpm  
python3-openvswitch2.16-debuginfo-2.16.0-89.3.el8fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-28199  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyEqjdzjgjWX9erEAQhE3Q//bp1gswIwxUqofEcVwBVaZknVih4w/zUe  
0suuFF3XyXCuYgPbN6jQWtWFfYjmMHpZ7zprc9gDSDN/LyJWkCQhk3iC8ZJSu0HN  
UVOEt7neLIYeFmJLoct7hfJl9E9aky6huqXW5SPLW7XWhYUVpBFbsVeH/FbZAOJs  
mgLYsIa1rYvaciIXB0D6k9f8Dgzk/uRCgCwKNnrH3EtoMDCF1bnkYHcl49kvm27c  
SdAVkL3M8qrNnuvPXiVPqPUKZZJti/M0dGTbXjK9KzMTP330GW7OYqj7c+KaBKS/  
9UMHbOqKyxjbq82XJwO9zcrxv2PClynitfS1oCDuVk+3G3iQu27XEqdnyfT4+glZ  
C85mwSjWPLaOL0Sf7FEmsolGd5qgZJ7hDqrPL2ZU4mnFHzi/viEQSBKV9xj3Q3Tl  
BfTo5Ka1f/I/aWdRSbx6RY7w6iJDfj4WRMTDbxAhtBRKrkat88gMRVtcxFAvwsxi  
qTrYz+E1bVY/1Gg8oc9+s3JmrdWGQaoYgAMwiPYQlqHOT23z6nKMaTkg4J/yG1y8  
Oxb9cDC3nvra8OlwAFS/Q7JHooxFvBOTJHmV8jpuzs7BBsIVS4z0yqB4YjOhDsmq  
WAFlB8Yx05E5wxY6QzNGZvfjgfzO25RUP8gptBiSUK1uyYwsULY6U3kA8+depklX  
39Cf5SJEuZY=w94+  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6506-01

Ubuntu Security Notice 5609-1 - Graham Esau discovered that .NET 6 incorrectly parsed certain payloads during model binding. An attacker could possibly use this issue to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-5609-1September 13, 2022dotnet6 vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:.NET 6 could be made to crash if it parsed a specially crafted file.Software Description:- dotnet6: dotNET CLI tools and runtimeDetails:Graham Esau discovered that .NET 6 incorrectly parsed certain payloadsduring model binding. An attacker could possibly use this issue tocause a denial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   aspnetcore-runtime-6.0          6.0.109-0ubuntu1~22.04.1   dotnet-host                             6.0.109-0ubuntu1~22.04.1   dotnet-hostfxr-6.0                   6.0.109-0ubuntu1~22.04.1   dotnet-runtime-6.0                  6.0.109-0ubuntu1~22.04.1   dotnet-sdk-6.0                        6.0.109-0ubuntu1~22.04.1   dotnet6                                   6.0.109-0ubuntu1~22.04.1In general, a standard system update will make all the necessary changes. A restart may be required after the update if any affected files are being used.References:   https://ubuntu.com/security/notices/USN-5609-1   CVE-2022-38013Package Information:   https://launchpad.net/ubuntu/+source/dotnet6/6.0.109-0ubuntu1~22.04.1

Ubuntu Security Notice USN-5609-1

Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.

==========================================================================  
Ubuntu Security Notice USN-5608-1  
September 13, 2022

dpdk vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS

Summary:

DPDK could be made to stop responding if it received specially crafted  
network traffic.

Software Description:  
- dpdk: set of libraries for fast packet processing

Details:

It was discovered that DPDK incorrectly handled certain Vhost headers. A  
remote attacker could possibly use this issue to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
  dpdk                            21.11.2-0ubuntu0.22.04.1

Ubuntu 20.04 LTS:  
  dpdk                            19.11.13-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:  
  dpdk                            17.11.10-0ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-5608-1  
  CVE-2022-2132

Package Information:  
  https://launchpad.net/ubuntu/+source/dpdk/21.11.2-0ubuntu0.22.04.1  
  https://launchpad.net/ubuntu/+source/dpdk/19.11.13-0ubuntu0.20.04.1  
  https://launchpad.net/ubuntu/+source/dpdk/17.11.10-0ubuntu0.2

Ubuntu Security Notice USN-5608-1

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

An apparent operational security slip-up by a member of the TeamTNT threat group has exposed some of the tactics it's using to exploit poorly configured Docker servers.

Security researchers from Trend Micro recently set up a honeypot with an exposed Docker REST API to try and understand how threat actors in general are exploiting vulnerabilities and misconfigurations in the widely used cloud container platform. They discovered TeamTNT — a group known for its cloud-specific campaigns — making at least three attempts to exploit its Docker honeypot.

"On one of our honeypots, we had intentionally exposed a server with the Docker Daemon exposed over REST API," says Nitesh Surana, threat research engineer at Trend Micro. "The threat actors found the misconfiguration and exploited it thrice from IPs based in Germany, where they were logged in to their DockerHub registry," Surana says. "Based on our observation, the motivation of the attacker was to exploit the Docker REST API and compromise the underlying server to perform cryptojacking."

The security vendor's analysis of the activity eventually led to uncovering credentials for at least two DockerHub accounts that TeamTNT controlled (the group was abusing DockerHub free Container Registry services) and was using to distribute a variety of malicious payloads, including coin miners.  

One of the accounts (with the name "alpineos") hosted a malicious container image containing rootkits, kits for Docker container escape, the XMRig Monero coin miner, credential stealers, and Kubernetes exploit kits. 

Trend Micro discovered the malicious image had been downloaded more than 150,000 times, which could translate into a wide swath of infections.

The other account (sandeep078) hosted a similar malicious container image but had far fewer "pulls" — just about 200 — compared with the former. Trend Micro pointed to three scenarios that likely resulted in the leak of the TeamTNT Docker registry account credentials. These include a failure to logout from the DockerHub account or their machines being self-infected.  

**Malicious Cloud Container Images: A Useful Feature**

Developers often expose the Docker daemon over its REST API so they can create containers and run Docker commands on remote servers. However, if the remote servers are not properly configured — for instance, by making them publicly accessible — attackers can exploit the servers, Surana says.

In these instances, threat actors can spin up a container on the compromised server from images that execute malicious scripts. Typically, these malicious images are hosted on container registries such as DockerHub, Amazon Elastic Container Registry (ECR), and Alibaba Container Registry. Attackers can use either compromised accounts on these registries to host the malicious images, or they can establish their own, Trend Micro has previously noted. Attackers can also host malicious images on their own private container registry.   

Containers that are spun up from a malicious image can be used for a variety of malicious activities, Surana notes. "When a server running Docker has its Docker Daemon publicly exposed over REST API, an attacker can abuse and create containers on the host based on attacker-controlled images," he says.

**A Plethora of Cyberattacker Payload Options**

These images may contain cryptominers, exploit kits, container escape tools, network, and enumeration tools. "Attackers could perform crypto-jacking, denial of service, lateral movement, privilege escalation, and other techniques within the environment using these containers," according to the analysis.  

"Developer-centric tools like Docker have been known to be abused extensively. It’s important to educate \[developers\] at large by creating policies for access and credential use, as well as generate threat models of their environments," Surana advocates.

Organizations should also ensure that containers and APIs are always properly configured to ensure that exploits are minimized. This includes ensuring that they are accessible only by the internal network or by trusted sources. In addition, they should follow Docker's guidelines for strengthening security. "With the rising number of malicious open source packages targeting user credentials," Surana says, "users should avoid storing credentials in files. Instead, they are advised to choose tools such as credential stores and helpers."

TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls

Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.

CVE-2022-34100: AirMedia Binary Hijack

09/09/22

More information

Threat:

The Lockheed Martin Red Team has discovered a vulnerability found in the AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file structure during a repair operation.

Identifier:

CVE-2022-34100

How is Crestron Affected:

Please update the AirMedia Deployable and Guest Application to version 5.5.1.87 to resolve this issue

CVE-2022-34101: AirMedia Rogue DLL

09/09/22

More information

Threat:

The Lockheed Martin Red Team has discovered a vulnerability found in the AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.

Identifier:

CVE-2022-34101

How is Crestron Affected:

Please update the AirMedia Deployable and Guest Applications to version 5.5.1.87 to resolve this issue.

CVE-2022-34102: AirMedia Command Prompt Hijack

09/09/22

More information

Threat:

The Lockheed Martin Red Team has discovered a vulnerability found in the AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.

Identifier:

CVE-2022-34102

How is Crestron Affected:

Please update the Air Media Deployable and Guest Applications to version 5.5.1.87 to resolve this issue.

CVE-2022-22707: Lighttpd Denial-of-Service

05/17/22

More information

Threat:

Crestron is aware of an issue affecting lighttpd versions 1.4.46 through 1.4.63. Under certain non-default configurations, an attacker can perform a remote denial of service attack with a stack-based buffer overflow.

Identifier:

CVE-2022-22707

How is Crestron Affected:

Crestron devices are not affected because they do not utilize the vulnerable configurations.

CVE-2022-22965: Spring4Shell

03/31/22

More information

Threat:

This vulnerability impacts Spring MVC and Spring WebFlux applications running on JDK 9+. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

How is Crestron Affected:

Crestron products do not make use of this framework and as such are not vulnerable.

Resources:

https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement  
 

CVE-2022-23178: Web Interface Credentials in Cleartext

01/24/22

More information

Threat:

Crestron is aware of an issue discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.

Identifier:

CVE-2022-23178

How is Crestron Affected:

This vulnerability affects the following products:

*   HD-MD4x1-4K-E
*   HD-MD4x2-4K-E
*   HD-MD6x2-4K-E

Crestron recommends placing the devices on an isolated network.  
Note that the following (4KZ) models are NOT affected by this vulnerability and can be used in place of the affected products.

*   HD-MD4x1-4KZ-E
*   HD-MD4x2-4KZ-E
*   HD-MD6x2-4KZ-E

CVE-2018-15473: OpenSSH User Enumeration

01/12/22

More information

Threat:

Crestron is aware of OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.  
 

Identifier:

This vulnerability has been assigned CVE identifier CVE-2018-15473.

How is Crestron Affected:

This vulnerability affects the following products: All 3-Series Control Systems including but not limited to CP3, RMC3, CP3N, PRO3, and all "x52 Series touchscreens" including but not limited to TSW-552, TSW-1052, TSW-752, TSS-752

Crestron 3-Series Control Systems now uses a customized version of OpenSSH. The Crestron version was modified to replace the cryptographic functions with NIST certified alternatives as well as to remove/modify vulnerable components. Crestron continues to monitor OpenSSH vulnerabilities to apply appropriate fixes.

While the TSW and TSS panels noted use OpenSSH 7.5, they don’t support the features related to this vulnerability. Due to these circumstances, Crestron is not susceptible. Newer touchscreens use a later version of OpenSSH which is not susceptible.

Resources:

For more information, please see 3-Series Control System release notes: v.1.601.0050

Apache Log4j

12/15/21

More information

Threat:

From the offiical vulnerability registration: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. It was later found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. 

Identifier:

CVE-2021-44228, CVE-2021-4104, CVE-2021-45046

How is Crestron Affected:

Crestron has completed a review of all its products and services and have found none which use Log4j and therefore none are affected by this vulnerability.

Resources:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228  
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104  
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046  
 

NUCLEUS:13

11/09/21

More information

Threat:

A set of vulnerabilities related to the Nucleus Operating System were disclosed by Siemens on November 9, 2021. The official report can be found here and the researcher’s findings can be found here.  
These vulnerabilities have been assigned the following CVEs.

*   CVE-2021-31344 - ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network.
*    CVE-2021-31345 - The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol.
*   CVE-2021-31346 - The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory.
*   CVE-2021-31881\- When processing a DHCP OFFER message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions.
*   CVE-2021-31882 - The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions.
*   CVE-2021-31883 - When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions.
*   CVE-2021-31884 - The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions.
*   CVE-2021-31885 - TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands.
*   CVE-2021-31886 - FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution.
*   CVE-2021-31887 - FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution.
*   CVE-2021-31888 - FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution.
*   CVE-2021-31889 - Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions.
*   CVE-2021-31890 - The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory.

Identifier:

2021-31885, 2021-31886, 2021-31887, 2021-31888, 2021-31881, 2021-31882, 2021-31883, 2021-31884, 2021-31344, 2021-31345, 2021-31346, 2021-31889, 2021-31890

How is Crestron Affected:

Crestron has reviewed products utilizing Nucleus and has found none of its products to be affected.

For reference, a partial list of Crestron products utilizing Nucleus follows:

*   2-Series Control Processors – most of these products are discontinued with the notable exceptions of the GLPAC and GL-IPAC
*   DM-MD6X4 and DM-MD6X6
*   DMC-CPU-8/16
*   DMPS3-300-C and DMPS3-300-C-AEC - (Used on Internal Components only - no direct network access)
*   SWAMP and related products
*   CEN-TRACK

Resources:

https://www.forescout.com/research-labs/nucleus-13/  
https://www.siemens.com/cert/advisories

direct link to

*   pdf: https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
*   txt: https://cert-portal.siemens.com/productcert/txt/ssa-044112.txt
*   csaf: https://cert-portal.siemens.com/productcert/csaf/ssa-044112.json

ThroughTek's Kalay Platform

08/25/21

More information

Threat:

There is a critical vulnerability that has been discovered that affects the IoT devices that use ThroughTek’s “Kalay” network. Exploiting this vulnerability allows the attacker to listen to live audio, watch real time video data and compromise the credentials on the device for further attacks. This can let the attacker remotely control the device.  
 

Identifier:

This vulnerability has been assigned CVE identifier CVE-2021-28372

How is Crestron Affected:

This vulnerability has no impact on Crestron devices as they do not use the ThroughTek “Kalay” network.  
 

|<  <   **1** 2 3 4 5 6    \>  \>| Pages: 1 of 6

Tag

#dos