Dell and HP were among the first to release patches and fixes for the bug.

Dell and HP were among the first to release patches and fixes for the bug.

Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products. According to an advisory issued by the company on Tuesday, the bug is firmware-based and rated as “high” risk with a Common Vulnerability Scoring System (CVSS) score of  7.

The vulnerability resides inside some of the Intel Optane SSD and Intel Optane Data Center (DC) products, the impact of which allows privilege escalation, denial of service (DoS), or information disclosure.

“Potential security vulnerabilities in some Intel Optane SSD and Intel Optane SSD Data Center products may allow escalation of privilege, denial of service or information disclosure,” reported Intel.  

Intel has released the firmware updates and prescriptive guidance for Optane SSD Bugs that first surfaced a year ago.

Solid-state drives (SSD) are used for data storage. Intel optane memory is a system acceleration solution that is used to increase the response time to end-user requests, the Optane memory is installed between the processor and slower storage devices (SATA HDD, SSHD, SSD). The optane memory stores commonly used data and programs closer to the processor.

The Intel Optane Data Center SSD is used to eliminate data center storage bottlenecks and provides storage for bigger and more affordable data sets, thus optimizing the overall performance.

****Vulnerability Details** **

CVE-2021-33078

According to Intel, it has the CVSS base score of 7.9 and is described as a Race condition within a thread in Intel Optane SSD and Intel Optane SSD DC products. An attacker gaining privileged user access may perform a denial-of-service attack via local access.

The race condition occurs when two thread tries to access a shared variable at the same time.

CVE-2021-33077

This vulnerability is described as insufficient control flow management in firmware for Intel SSD and Intel SSD DC products. An unauthenticated user might leverage this vulnerability to perform privilege escalation via physical access.

It has a CVSS base score of 7.3

CVE-2021-33080

An attacker can perform information disclosure or privilege escalation via physical access on Intel SSD DC, Intel Optane SSD, and Intel Optane SSD DC products. The vulnerability is caused because of the exposure of sensitive information due to unclear debug information in firmware.

It has a CVSS base score of 7.3

Intel also revealed five additional vulnerabilities which are rated as medium. List of which is given below:

*   CVE-2021-33074
*    CVE-2021-33069
*    CVE-2021-33075
*   CVE-2021-33083
*   CVE-2021-33082

****Affected Products****

Intel has released a list of its products that are affected by these vulnerabilities.

The affected products include all versions of Intel Optane SSD DC D4800X and P4800X/P4801X Series including the previous version E2010600. The Intel Optane SSD  P5800X Series before version L3010200 as well as 905P/900P Series all versions are affected.

The affected products also include Intel optane memory H10 and H20 with Solid State Storage Series for all versions.

The customer with affected Intel SSD or Intel SSD DC NAND products should consult the security advisory or contact Solidigm.

****Recommendations and Updates****

Updates were released by Intel and can be downloaded here, the advisory issued by Intel also includes a possible workaround for CVE-2021-33082.

Intel Memory Bug Poses Risk for Hundreds of Products

Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap.

layout

title

date

comments

categories

post

Persistent crash of services after TCP SYN scan

2021-01-22

true

vulnerability

**Affected products**

We have not yet tested Asus models other than those listed. However we suspect it may also work on other models with the same firmware version.

        DSL-N14U_B1 V.1.1.2.3_805
        
    

**Overview**

An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3\_805 device. Remote attacker to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap. Sending these packets causes a persistent outage of the jetdirect (9100/tcp), LPD (515/tcp) and sos (3838/udp) services.

**POC**

**This PoC can crash services.**

##Stage 1: Enumeration

##Stage 2: Upload test

We enter the router via ssh to understand through the proc file system what's going on.

As shown in the figure, we can see some active services and their port in hexadecimal format. Those that interest us are basically jetdirect LPD (i.e. 238C and 0203 in hex)

##Stage 3: Showdown

We run nmap by inserting an additional script with a moderate degree of intrusion.

The script retrieves or sets the "ready message" on devices that support the Printer Job Language.

sudo nmap -sV --script pjl-ready-message

Once this is done, we immediately notice differences in the proc file system.

As a counter check, we show the status of services before and after running nmap via netstat -tulen (busybox doesn't support -p, which is why we work on the proc file system inside the router).

In the latest two figures we show proc file system effects in a comprehensive way 

If we had an eye previously, we have seen well, not just two ocurrencies related to printing services crashed... an additional service disappeared: sos service (3838 / tcp) - Scito Object Server

The situation will persist as long as the modem router is active. The services will be active again only with a physical intervention (reboot)

CVE-2021-3254: kaisersource.github.io/2021-01-22-dsl-n14u.md at main · kaisersource/kaisersource.github.io

CVE-2021-3254

Red Hat OpenStack Platform 16.2 (Train) director Operator containers are
available for technology preview.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:
* CVE-2019-11253: kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service
* CVE-2019-19794: golang-github-miekg-dns: predictable TXID can lead to response forgeries
* CVE-2020-15257: containerd: unrestricted access to abstract Unix domain socket can lead to privileges escalation
* CVE-2021-29482: ulikunitz/xz: Infinite loop in readUvarint allows for denial of service
* CVE-2021-32760: containerd: pulling and extracting crafted container image may result in Unix file permission changes


Skip to navigation Skip to main content

**Utilities**

*   Subscriptions
*   Downloads
*   Containers
*   Support Cases

**Infrastructure and Management**

*   Red Hat Enterprise Linux
*   Red Hat Virtualization
*   Red Hat Identity Management
*   Red Hat Directory Server
*   Red Hat Certificate System
*   Red Hat Satellite
*   Red Hat Subscription Management
*   Red Hat Update Infrastructure
*   Red Hat Insights
*   Red Hat Ansible Automation Platform

**Cloud Computing**

*   Red Hat OpenShift
*   Red Hat CloudForms
*   Red Hat OpenStack Platform
*   Red Hat OpenShift Container Platform
*   Red Hat OpenShift Data Science
*   Red Hat OpenShift Online
*   Red Hat OpenShift Dedicated
*   Red Hat Advanced Cluster Security for Kubernetes
*   Red Hat Advanced Cluster Management for Kubernetes
*   Red Hat Quay
*   Red Hat CodeReady Workspaces
*   Red Hat OpenShift Service on AWS

**Storage**

*   Red Hat Gluster Storage
*   Red Hat Hyperconverged Infrastructure
*   Red Hat Ceph Storage
*   Red Hat OpenShift Data Foundation

**Runtimes**

*   Red Hat Runtimes
*   Red Hat JBoss Enterprise Application Platform
*   Red Hat Data Grid
*   Red Hat JBoss Web Server
*   Red Hat Single Sign On
*   Red Hat support for Spring Boot
*   Red Hat build of Node.js
*   Red Hat build of Thorntail
*   Red Hat build of Eclipse Vert.x
*   Red Hat build of OpenJDK
*   Red Hat build of Quarkus

**Integration and Automation**

*   Red Hat Process Automation
*   Red Hat Process Automation Manager
*   Red Hat Decision Manager

All Products

Issued:

2022-05-11

Updated:

2022-05-11

**RHSA-2022:2183 - Security Advisory**

*   Overview
*   Updated Packages

**Synopsis**

Moderate: Release of containers for OSP 16.2.z director operator tech preview

**Type/Severity**

Security Advisory: Moderate

**Topic**

Red Hat OpenStack Platform 16.2 (Train) director Operator containers are  
available for technology preview.

**Description**

Release osp-director-operator images  

Security Fix(es):  

*   golang: kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote (CVE-2019-11253)
*   golang: golang-github-miekg-dns: predictable TXID can lead to response forgeries (CVE-2019-19794)
*   golang: containerd: unrestricted access to abstract Unix domain socket can lead to privileges (CVE-2020-15257)
*   golang: ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
*   golang: containerd: pulling and extracting crafted container image may result in Unix file permission changes (CVE-2021-32760)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

**Solution**

OSP 16.2 Release - OSP Director Operator Containers tech preview

**Affected Products**

*   Red Hat OpenStack 16.2 x86\_64

**Fixes**

*   BZ - 1757701 - CVE-2019-11253 kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service
*   BZ - 1786761 - CVE-2019-19794 golang-github-miekg-dns: predictable TXID can lead to response forgeries
*   BZ - 1899487 - CVE-2020-15257 containerd: unrestricted access to abstract Unix domain socket can lead to privileges escalation
*   BZ - 1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service
*   BZ - 1982681 - CVE-2021-32760 containerd: pulling and extracting crafted container image may result in Unix file permission changes
*   BZ - 2079447 - Rebase tech preview on latest upstream v1.2.x branch

**CVEs**

*   CVE-2018-25032
*   CVE-2019-11253
*   CVE-2019-19794
*   CVE-2020-15257
*   CVE-2021-29482
*   CVE-2021-32760
*   CVE-2022-1154
*   CVE-2022-1271

**Red Hat OpenStack 16.2**

SRPM

x86\_64

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

RHSA-2022:2183: Red Hat Security Advisory: Release of containers for OSP 16.2.z director operator tech preview

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild.
Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release.
These encompass 24 remote code execution (RCE), 21 elevation of

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild.

Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release.

These encompass 24 remote code execution (RCE), 21 elevation of privilege, 17 information disclosure, and six denial-of-service vulnerabilities, among others. The updates are in addition to 36 flaws patched in the Chromium-based Microsoft Edge browser on April 28, 2022.

Chief among the resolved bugs is CVE-2022-26925 (CVSS score: 8.1), a spoofing vulnerability affecting the Windows Local Security Authority (LSA), which Microsoft describes as a "protected subsystem that authenticates and logs users onto the local system."

"An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM," the company said. "This security update detects anonymous connection attempts in LSARPC and disallows it."

It's also worth noting that the CVSS severity rating of the flaw would be elevated to 9.8 should it be combined with NTLM relay attacks like PetitPotam, making it a critical issue.

"Being actively exploited in the wild, this exploit allows an attacker to authenticate as approved users as part of an NTLM relay attack - letting threat actors gain access to the hashes of authentication protocols," Kev Breen, director of cyber threat research at Immersive Labs, said.

The two other publicly-known vulnerabilities are as follows -

*   CVE-2022-29972 (CVSS score: 8.2) - Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver (aka SynLapse)
*   CVE-2022-22713 (CVSS score: 5.6) - Windows Hyper-V Denial-of-Service Vulnerability

Microsoft, which remediated CVE-2022-29972 on April 15, tagged it as "Exploitation More Likely" on the Exploitability Index, making it imperative affected users apply the updates as soon as possible.

Also patched by Redmond are several RCE bugs in Windows Network File System (CVE-2022-26937), Windows LDAP (CVE-2022-22012, CVE-2022-29130), Windows Graphics (CVE-2022-26927), Windows Kernel (CVE-2022-29133), Remote Procedure Call Runtime (CVE-2022-22019), and Visual Studio Code (CVE-2022-30129).

Cyber-Kunlun, a Beijing-based cybersecurity company, has been credited with reporting 30 of the 74 flaws, counting CVE-2022-26937, CVE-2022-22012, and CVE-2022-29130.

What's more, CVE-2022-22019 followed an incomplete patch for three RCE issues in the Remote Procedure Call (RPC) runtime library last month — CVE-2022-26809, CVE-2022-24492, and CVE-2022-24528 — that were addressed by Microsoft in April 2022.

Exploiting the flaw would allow a remote, unauthenticated attacker to execute code on the vulnerable machine with the privileges of the RPC service, Akamai said.

The Patch Tuesday update is also notable for resolving two privilege escalation (CVE-2022-29104 and CVE-2022-29132) and two information disclosure (CVE-2022-29114 and CVE-2022-29140) vulnerabilities in the Print Spooler component, which has long posed an attractive target for attackers.

**Software Patches from Other Vendors**

Besides Microsoft, security updates have also been released by other vendors since the start of the month to rectify several vulnerabilities, including —

*   Adobe
*   AMD
*   Android
*   Cisco
*   Citrix
*   Dell
*   F5
*   Google Chrome
*   HP
*   Intel
*   Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
*   MediaTek
*   Mozilla Firefox, Firefox ESR, and Thunderbird
*   Qualcomm
*   SAP
*   Schneider Electric, and
*   Siemens

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates

Microsoft's May 2022 Patch Tuesday contains several bugs in ubiquitous software that could affect millions of machines, researchers warn.

Microsoft squashed 74 security vulnerabilities with its May 2022 Patch Tuesday update, including an important-rated zero-day bug that's being actively exploited in the wild and several that are likely widely present across enterprises.

It also patched seven critical flaws, 65 other important-rated bugs, and one low-severity issue. The fixes run the gamut of the computing giant's portfolio, including: Windows and Windows Components, .NET and Visual Studio, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Office and Office Components, Windows Hyper-V, Windows Authentication Methods, BitLocker, Windows Cluster Shared Volume (CSV), Remote Desktop Client, Windows Network File System, NTFS, and Windows Point-to-Point Tunneling Protocol.

**3 Zero-Days, 1 Actively Exploited**  
The actively exploited bug (CVE-2022-26925) is a Windows LSA-spoofing vulnerability that rates 8.1 out of 10 on the CVSS vulnerability-severity scale – however, Microsoft notes in its advisory that it should be bumped up to critical (CVSS 9.8) if used in Windows NT LAN Manager (NTLM) relay attacks.

"\[A\]n unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM," Microsoft warns in its advisory – a concerning situation considering that domain controllers provide high-level access to privileges.

Now deprecated, NTLM uses a weak authentication protocol that can easily reveal credentials and session keys. In a relay attack, bad actors can capture an authentication and relay it to another server – which they can then use to authenticate to the remote server with the compromised user's privileges.

That said, the bug is tougher to exploit than most, explains Trend Micro Zero Day Initiative (ZDI) researcher Dustin Childs in a Tuesday blog. "The threat actor would need to be in the logical network path between the target and the resource requested (e.g., man-in-the-middle), but since this is listed as under active attack, someone must have figured out how to make that happen."

Tyler Reguly, manager of security R&D at Tripwire, tells Dark Reading that the bug could be related to a previously seen threat known as PetitPotam, which emerged in July to allow attackers to force remote Windows systems to reveal easily crackable password hashes.

"Based on Microsoft’s provided links, this looks to be related to the previous PetitPotam patch," he notes, adding that researchers will be guessing about that. "This is a prime example of where detailed executive summaries that explain what is happening were useful in the past. It would be great if Microsoft could return to providing those on a regular basis," he says.

Microsoft also patched two other zero-days, including a critical bug (CVE-2022-29972, CVSS not available) in Insight Software's Magnitude Simba Amazon Redshift ODBC Driver – "a third-party ODBC data connector used to connect to Amazon Redshift, in Integration Runtime (IR) in Azure Synapse Pipelines, and Azure Data Factory," as ZDI's Childs explains.

He adds, "This update is complicated enough for Microsoft to blog about the bug and how it affects multiple Microsoft services."

The final zero-day (CVE-2022-22713, CVSS 5.6) is an important-rated bug in Windows Hyper-V that could allow denial-of-service (DoS).

**Leading Lights: Critical Microsoft Security Bugs to Patch Now**  
As far as other patches for admins to prioritize this month, some of the critical-rated issues are far-reaching across organizational infrastructure and could affect millions of companies, researchers warn.

"The big news is the critical vulnerabilities that need to be highlighted for immediate action," Chris Hass, director of security at Automox, tells Dark Reading. "This month features vulnerabilities in a number of applications that are prevalent in most enterprise organizations, including NSF, Remote Desktop Client, and Active Directory."

For instance, the critical bug affecting Windows Network File System, or NFS (CVE-2022-26937, CVSS 9.8) could allow unauthenticated remote code-execution (RCE) in the context of the highly privileged NFS service, according to Microsoft's advisory. To boot, its ubiquity is Log4j-like: It "is present in every Windows Server version from 2008 forward," Hass says, "which puts most organizations at risk if action isn't taken quickly."

Further, "these types of vulnerabilities will potentially appeal to ransomware operators as they could lead to the kind of exposure of critical data, often part of a ransom attempt," Kevin Breen, director of cyber threat research at Immersive Labs, tells Dark Reading.

In terms of who should especially prioritize the patch, "NFS isn't on by default, but it's prevalent in environment where Windows systems are mixed with other OSes such as Linux or Unix. If this describes your environment, you should definitely test and deploy this patch quickly," Childs warns.

As for other critical bugs to consider, Breen flags CVE-2022-22017 (CVSS 8.8), an RCE issue in the also-ubiquitous Remote Desktop (RDP) Client.

"With more remote workers than ever, enterprises need to put anything affecting RDP on the radar — especially given its popularity with ransomware actors and access brokers," he warns.

The Active Directory bug (CVE-2022-26923, CVSS 8.8) is found in Domain Services and could allow elevation of privilege thanks to an issue with the issuance of certificates. ZDI, which reported the bug, says that an attacker can gain access to a certificate to authenticate to a DC with a high level of privilege, allowing any domain-authenticated user to become a domain admin if Active Directory Certificate Services are running.

"This is a very common deployment," Childs says. "Considering the severity of this bug and the relative ease of exploit, it would not surprise me to see active attacks using this technique sooner rather than later."

Of less concern, Breen says, are a group of 10 RCE bugs in LDAP (the most severe, CVE-2022-22012, has a CVSS score of 9.8). These "appear particularly threatening; however, they have been marked by Microsoft as 'exploitation less likely' as they require a default configuration unlikely to exist in most environments," he notes. "It's not to say there is no need to patch these, rather a reminder that context is important when prioritizing patches."

**The Worst of the Rest**  
A handful of other vulnerabilities that also stood out to researchers are worth noting here, starting with Windows Print Spooler, which has long presented an attractive bull's-eye for cyberattackers.

"There were several Windows Print Spooler vulnerabilities patched this month, including two information disclosure flaws (CVE-2022-29114, CVE-2022-29140) and two elevation of privilege flaws (CVE-2022-29104, CVE-2022-29132)," Satnam Narang, staff research engineer at Tenable, tells Dark Reading. "All of the flaws are rated as important, and two of the three are considered more likely to be exploited. Windows Print Spooler continues to remain a valuable target for attackers since PrintNightmare was disclosed nearly a year ago. Elevation-of-privilege flaws in particular should be carefully prioritized, as we've seen ransomware groups like Conti favor them as part of its playbook."

Breen also highlighted two other important-rated bugs as patching priorities:

*   CVE-2022-29108, a remotely executable flaw in Sharepoint that could likely be abused by an attacker seeking to move laterally across an organization. "Requiring authenticated access to exploit, it could be used by a threat actor to steal confidential information or inject documents with malicious code or macros that could be part of a wider attack chain," Breen warns.
*   A bug in Azure Data Factory (no CVE assigned) is remotely exploitable and can expose an enterprise’s confidential data, according to Breen.

Virsec CTO and co-founder Satya Gupta says that overall, the broader context of Microsoft's patching trends is important to consider for defenders. Specifically, in the last year, more than a third of the patches (1,330, or 36%) are for RCE issues.

"This of course represents a massive opportunity for malicious actors to compromise nearly any customer," he says. "In total, several of May's vulnerabilities represent a Log4j level of exposure, particularly if you consider what it would take to patch millions of servers."

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A

_Published May 2, 2022_

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices (Google devices). For Google devices, security patch levels of 2022-05-05 or later address all issues in this bulletin and all issues in the May 2022 Android Security Bulletin. To learn how to check a device's security patch level, see Check and update your Android version.

All supported Google devices will receive an update to the 2022-05-05 patch level. We encourage all customers to accept these updates to their devices.

**Announcements**

*   In addition to the security vulnerabilities described in the May 2022 Android Security Bulletin, Google devices also contain patches for the security vulnerabilities described below.

**Security patches**

Vulnerabilities are grouped under the component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, severity, and updated Android Open Source Project (AOSP) versions (where applicable). When available, we link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.

**Pixel**

    

CVE

References

Type

Severity

Component

CVE-2022-20120

A-203213034\*

RCE

Critical

Bootloader

CVE-2022-20117

A-217475903\*

ID

Critical

Titan-M

CVE-2021-4083

A-216408350  
Upstream kernel

EoP

High

Kernel

CVE-2022-20118

A-205707793\*

EoP

High

Kernel

CVE-2022-20119

A-213170715\*

ID

High

Display/Graphics

CVE-2022-20121

A-212573046\*

ID

High

USCCDMService

**Qualcomm components**

   

CVE

References

Severity

Component

CVE-2021-35084

A-204909067  
QC-CR#3001178

Moderate

WLAN

CVE-2021-35085

A-204012850  
QC-CR#3001331

Moderate

WLAN

CVE-2021-35092

A-204909309  
QC-CR#2985885 \[2\]

Moderate

Modem

CVE-2021-35098

A-190503256  
QC-CR#2966419

Moderate

Audio

**Qualcomm closed-source components**

   

CVE

References

Severity

Component

CVE-2021-35079

A-204908838\*

Moderate

Closed-source component

**Functional patches**

For details on the new bug fixes and functional patches included in this release, refer to the Pixel Community forum.

**Common questions and answers**

This section answers common questions that may occur after reading this bulletin.

**1\. How do I determine if my device is updated to address these issues?**

Security patch levels of 2022-05-05 or later address all issues associated with the 2022-05-05 security patch level and all previous patch levels. To learn how to check a device's security patch level, read the instructions on the Google device update schedule.

**2\. What do the entries in the _Type_ column mean?**

Entries in the _Type_ column of the vulnerability details table reference the classification of the security vulnerability.

 

Abbreviation

Definition

RCE

Remote code execution

EoP

Elevation of privilege

ID

Information disclosure

DoS

Denial of service

N/A

Classification not available

**3\. What do the entries in the _References_ column mean?**

Entries under the _References_ column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.

 

Prefix

Reference

A-

Android bug ID

QC-

Qualcomm reference number

M-

MediaTek reference number

N-

NVIDIA reference number

B-

Broadcom reference number

U-

UNISOC reference number

**4\. What does an \* next to the Android bug ID in the _References_ column mean?**

Issues that are not publicly available have an \* next to the Android bug ID in the _References_ column. The update for that issue is generally contained in the latest binary drivers for Pixel devices available from the Google Developer site.

**5\. Why are security vulnerabilities split between this bulletin and the Android Security Bulletins?**

Security vulnerabilities that are documented in the Android Security Bulletins are required to declare the latest security patch level on Android devices. Additional security vulnerabilities, such as those documented in this bulletin are not required for declaring a security patch level.

**Versions**

  

Version

Date

Notes

1.0

May 2, 2022

Bulletin Published

CVE-2022-20121: Pixel Update Bulletin—May 2022  |  Android Open Source Project

.NET Framework Denial of Service Vulnerability

CVE-2022-30130

.NET Framework Denial of Service Vulnerability.

Tag

#dos