Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-33656 (GCVE-0-2021-33656)
Vulnerability from cvelistv5 – Published: 2022-07-18 14:44 – Updated: 2024-08-03 23:58
VLAI
EPSS
Summary
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
Severity
No CVSS data available.
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/s… | x_refsource_MISC |
| https://www.openeuler.org/en/security/cve/detail.… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2022/07/19/3 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | openEuler:kernel |
Affected:
<5.10.127
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:21.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel"
},
{
"name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/3"
},
{
"name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openEuler:kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\u003c5.10.127"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-02T18:06:13.000Z",
"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"shortName": "openEuler"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel"
},
{
"name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/3"
},
{
"name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "securities@openeuler.org",
"ID": "CVE-2021-33656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openEuler:kernel",
"version": {
"version_data": [
{
"version_value": "\u003c5.10.127"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch"
},
{
"name": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel",
"refsource": "MISC",
"url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel"
},
{
"name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/3"
},
{
"name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"assignerShortName": "openEuler",
"cveId": "CVE-2021-33656",
"datePublished": "2022-07-18T14:44:28.000Z",
"dateReserved": "2021-05-28T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:21.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-33656",
"date": "2026-05-27",
"epss": "0.0003",
"percentile": "0.09051"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-33656\",\"sourceIdentifier\":\"securities@openeuler.org\",\"published\":\"2022-07-18T15:15:08.043\",\"lastModified\":\"2025-04-02T18:33:53.340\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.\"},{\"lang\":\"es\",\"value\":\"Cuando es establecida la fuente con datos maliciosos por ioctl cmd PIO_FONT, el kernel escribir\u00e1 memoria fuera de l\u00edmites\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"securities@openeuler.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openatom:openeuler:20.03:-:*:*:lts:*:*:*\",\"matchCriteriaId\":\"E438DADF-863B-4CE2-BDA4-468E41809BDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openatom:openeuler:20.03:sp1:*:*:lts:*:*:*\",\"matchCriteriaId\":\"464D2E5A-0D36-4893-85A4-2267AE0333DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openatom:openeuler:20.03:sp3:*:*:lts:*:*:*\",\"matchCriteriaId\":\"A98D36A4-869D-4F90-9434-599915671828\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.127\",\"matchCriteriaId\":\"0F459694-1B3F-472F-88F7-6E97AD3958DD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/3\",\"source\":\"securities@openeuler.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch\",\"source\":\"securities@openeuler.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html\",\"source\":\"securities@openeuler.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel\",\"source\":\"securities@openeuler.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/07/19/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
alsa-2023:2736
Vulnerability from osv_almalinux
Published
2023-05-16 00:00
Modified
2023-05-19 22:03
Summary
Important: kernel-rt security and bug fix update
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
- net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
- malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
- when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)
- possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
- use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
- KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
- KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
- netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
- race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
- media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
- race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
- memory leak in ipv6_renew_options() (CVE-2022-3524)
- data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
- data races around sk->sk_prot (CVE-2022-3567)
- memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
- denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
- use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
- USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
- Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
- l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
- igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
- Executable Space Protection Bypass (CVE-2022-25265)
- Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)
- unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
- TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
- Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
- u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
- use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
- use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
- BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
- Denial of service in beacon protection for P2P-device (CVE-2022-42722)
- memory corruption in usbmon driver (CVE-2022-43750)
- NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
- NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
- use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
- Soft lockup occurred during __page_mapcount (CVE-2023-1582)
- slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-kvm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-kvm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.rt7.274.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)\n* when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n* use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)\n* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)\n* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)\n* Executable Space Protection Bypass (CVE-2022-25265)\n* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)\n* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)\n* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n* memory corruption in usbmon driver (CVE-2022-43750)\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)\n* Soft lockup occurred during __page_mapcount (CVE-2023-1582)\n* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:2736",
"modified": "2023-05-19T22:03:30Z",
"published": "2023-05-16T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-26341"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33655"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33656"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1462"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1679"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1789"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-20141"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2196"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-25265"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2663"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3028"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-30594"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3239"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3522"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3524"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3564"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3566"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3567"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3619"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3623"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3625"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3628"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3707"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39188"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39189"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41218"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4129"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41674"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42703"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42720"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42721"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42722"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-43750"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47929"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0394"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0461"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1195"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1582"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-23454"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2055499"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2061703"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2078466"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2084125"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2085300"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090723"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108691"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108696"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2114937"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122228"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2123056"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2124788"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2127985"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130141"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133483"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134377"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134451"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134506"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134528"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2137979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143893"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143943"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2144720"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150947"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150999"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2151270"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154171"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154235"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2160023"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2162120"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165721"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168246"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168297"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2176192"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2180936"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2023-2736.html"
}
],
"related": [
"CVE-2022-3564",
"CVE-2023-0461",
"CVE-2021-26341",
"CVE-2021-33655",
"CVE-2021-33656",
"CVE-2022-1462",
"CVE-2022-1679",
"CVE-2022-1789",
"CVE-2022-2196",
"CVE-2022-2663",
"CVE-2022-3028",
"CVE-2022-3239",
"CVE-2022-3522",
"CVE-2022-3524",
"CVE-2022-3566",
"CVE-2022-3567",
"CVE-2022-3619",
"CVE-2022-3623",
"CVE-2022-3625",
"CVE-2022-3628",
"CVE-2022-3707",
"CVE-2022-4129",
"CVE-2022-20141",
"CVE-2022-25265",
"CVE-2022-30594",
"CVE-2022-39188",
"CVE-2022-39189",
"CVE-2022-41218",
"CVE-2022-41674",
"CVE-2022-42703",
"CVE-2022-42720",
"CVE-2022-42721",
"CVE-2022-42722",
"CVE-2022-43750",
"CVE-2022-47929",
"CVE-2023-0394",
"CVE-2023-1195",
"CVE-2023-1582",
"CVE-2023-23454"
],
"summary": "Important: kernel-rt security and bug fix update"
}
alsa-2023:2951
Vulnerability from osv_almalinux
Published
2023-05-16 00:00
Modified
2023-05-19 22:11
Summary
Important: kernel security, bug fix, and enhancement update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2122230, BZ#2122267)
Security Fix(es):
- use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
- net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
- malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
- when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)
- possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
- use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
- KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
- KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
- netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
- race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
- media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
- race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
- memory leak in ipv6_renew_options() (CVE-2022-3524)
- data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
- data races around sk->sk_prot (CVE-2022-3567)
- memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
- denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
- use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
- USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
- Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
- l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
- igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
- Executable Space Protection Bypass (CVE-2022-25265)
- Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)
- unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
- TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
- Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
- u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
- use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
- use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
- BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
- Denial of service in beacon protection for P2P-device (CVE-2022-42722)
- memory corruption in usbmon driver (CVE-2022-43750)
- NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
- NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
- use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
- Soft lockup occurred during __page_mapcount (CVE-2023-1582)
- slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "bpftool"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-477.10.1.el8_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThe following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2122230, BZ#2122267)\n\nSecurity Fix(es):\n\n* use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)\n* when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n* use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)\n* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)\n* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)\n* Executable Space Protection Bypass (CVE-2022-25265)\n* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)\n* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)\n* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n* memory corruption in usbmon driver (CVE-2022-43750)\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)\n* Soft lockup occurred during __page_mapcount (CVE-2023-1582)\n* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:2951",
"modified": "2023-05-19T22:11:43Z",
"published": "2023-05-16T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:2951"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-26341"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33655"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33656"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1462"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1679"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1789"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-20141"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2196"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-25265"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2663"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3028"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-30594"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3239"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3522"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3524"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3564"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3566"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3567"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3619"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3623"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3625"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3628"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3707"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39188"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39189"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41218"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4129"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41674"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42703"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42720"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42721"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42722"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-43750"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47929"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0394"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0461"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1195"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1582"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-23454"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2055499"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2061703"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2078466"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2084125"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2085300"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090723"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108691"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108696"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2114937"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122228"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2123056"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2124788"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2127985"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130141"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133483"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134377"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134451"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134506"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134528"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2137979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143893"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143943"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2144720"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150947"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150999"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2151270"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154171"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154235"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2160023"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2162120"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165721"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168246"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168297"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2176192"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2180936"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2023-2951.html"
}
],
"related": [
"CVE-2022-3564",
"CVE-2023-0461",
"CVE-2021-26341",
"CVE-2021-33655",
"CVE-2021-33656",
"CVE-2022-1462",
"CVE-2022-1679",
"CVE-2022-1789",
"CVE-2022-2196",
"CVE-2022-2663",
"CVE-2022-3028",
"CVE-2022-3239",
"CVE-2022-3522",
"CVE-2022-3524",
"CVE-2022-3566",
"CVE-2022-3567",
"CVE-2022-3619",
"CVE-2022-3623",
"CVE-2022-3625",
"CVE-2022-3628",
"CVE-2022-3707",
"CVE-2022-4129",
"CVE-2022-20141",
"CVE-2022-25265",
"CVE-2022-30594",
"CVE-2022-39188",
"CVE-2022-39189",
"CVE-2022-41218",
"CVE-2022-41674",
"CVE-2022-42703",
"CVE-2022-42720",
"CVE-2022-42721",
"CVE-2022-42722",
"CVE-2022-43750",
"CVE-2022-47929",
"CVE-2023-0394",
"CVE-2023-1195",
"CVE-2023-1582",
"CVE-2023-23454"
],
"summary": "Important: kernel security, bug fix, and enhancement update"
}
BDU:2022-05829
Vulnerability from fstec - Published: 17.08.2022
VLAI
Title
Уязвимость ioctl cmd PIO_FONT ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями
Description
Уязвимость ioctl cmd PIO_FONT ядра операционной системы Linux связана с граничными ошибками при установке шрифта с вредоносными данными. Эксплуатация уязвимости может позволить нарушителю инициировать неограниченную запись и выполнить произвольный код с повышенными привилегиями
Severity
Vendor
Canonical Ltd., ООО «РусБИТех-Астра», Red Hat Inc., Сообщество свободного программного обеспечения, Novell Inc., ООО «Ред Софт», ООО «Открытая мобильная платформа»
Software Name
Ubuntu, Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Debian GNU/Linux, OpenSUSE Leap, РЕД ОС (запись в едином реестре российских программ №3751), Linux, ОС Аврора (запись в едином реестре российских программ №1543)
Software Version
18.04 LTS (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 16.04 ESM (Ubuntu), 15.3 (OpenSUSE Leap), 11 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 15.4 (OpenSUSE Leap), 9 (Red Hat Enterprise Linux), до 5.10.127 (Linux), 4.7 (Astra Linux Special Edition), до 4.0.2.209 (ОС Аврора)
Possible Mitigations
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для Linux:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2021-33656
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2021-33656
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2021-33656.html
Для ОС Аврора 3.2.1: https://cve.omprussia.ru/bb17321
Для ОС Аврора 3.2.2: https://cve.omprussia.ru/bb18322
Для ОС Аврора 3.2.3: https://cve.omprussia.ru/bb19323
Для ОС Аврора 4.0.2: https://cve.omprussia.ru/bb20402
Для Ubuntu:
https://ubuntu.com/security/notices/USN-5580-1
https://ubuntu.com/security/notices/USN-5589-1
https://ubuntu.com/security/notices/USN-5591-1
https://ubuntu.com/security/notices/USN-5591-2
https://ubuntu.com/security/notices/USN-5591-3
https://ubuntu.com/security/notices/USN-5591-4
https://ubuntu.com/security/notices/USN-5592-1
https://ubuntu.com/security/notices/USN-5595-1
https://ubuntu.com/security/notices/USN-5597-1
https://ubuntu.com/security/notices/USN-5598-1
https://ubuntu.com/security/notices/USN-5600-1
https://ubuntu.com/security/notices/USN-5603-1
https://ubuntu.com/security/notices/USN-5605-1
Для Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17
Для Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
Для ОС Astra Linux Special Edition 1.7:
- обновить пакет linux до 5.4.0-162.astra1+ci6 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
- обновить пакет linux-5.10 до 5.10.142-1.astra6+ci24 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
Для Astra Linux Special Edition 4.7:
- обновить пакет linux до 5.4.0-162.astra1+ci8 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47
- обновить пакет linux-5.10 до 5.10.142-1.astra6+ci24 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47
Для ОС Astra Linux 1.6 «Смоленск»:
- обновить пакет linux до 5.4.0-162.astra1+ci21 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
- обновить пакет linux-5.10 до 5.10.142-1.astra6+ci38 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16
Reference
https://redos.red-soft.ru/support/secure/
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch
https://security-tracker.debian.org/tracker/CVE-2021-33656
https://access.redhat.com/security/cve/CVE-2021-33656
https://www.suse.com/security/cve/CVE-2021-33656.html
https://cve.omprussia.ru/bb17321
https://cve.omprussia.ru/bb18322
https://cve.omprussia.ru/bb19323
https://cve.omprussia.ru/bb20402
https://ubuntu.com/security/notices/USN-5580-1
https://ubuntu.com/security/notices/USN-5589-1
https://ubuntu.com/security/notices/USN-5591-1
https://ubuntu.com/security/notices/USN-5591-2
https://ubuntu.com/security/notices/USN-5591-3
https://ubuntu.com/security/notices/USN-5591-4
https://ubuntu.com/security/notices/USN-5592-1
https://ubuntu.com/security/notices/USN-5595-1
https://ubuntu.com/security/notices/USN-5597-1
https://ubuntu.com/security/notices/USN-5598-1
https://ubuntu.com/security/notices/USN-5600-1
https://ubuntu.com/security/notices/USN-5603-1
https://ubuntu.com/security/notices/USN-5605-1
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
CWE
CWE-787
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "18.04 LTS (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 16.04 ESM (Ubuntu), 15.3 (OpenSUSE Leap), 11 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 15.4 (OpenSUSE Leap), 9 (Red Hat Enterprise Linux), \u0434\u043e 5.10.127 (Linux), 4.7 (Astra Linux Special Edition), \u0434\u043e 4.0.2.209 (\u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-33656\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2021-33656\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2021-33656.html\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.1: https://cve.omprussia.ru/bb17321\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.2: https://cve.omprussia.ru/bb18322\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.3: https://cve.omprussia.ru/bb19323\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 4.0.2: https://cve.omprussia.ru/bb20402\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-5580-1\nhttps://ubuntu.com/security/notices/USN-5589-1\nhttps://ubuntu.com/security/notices/USN-5591-1\nhttps://ubuntu.com/security/notices/USN-5591-2\nhttps://ubuntu.com/security/notices/USN-5591-3\nhttps://ubuntu.com/security/notices/USN-5591-4\nhttps://ubuntu.com/security/notices/USN-5592-1\nhttps://ubuntu.com/security/notices/USN-5595-1\nhttps://ubuntu.com/security/notices/USN-5597-1\nhttps://ubuntu.com/security/notices/USN-5598-1\nhttps://ubuntu.com/security/notices/USN-5600-1\nhttps://ubuntu.com/security/notices/USN-5603-1\nhttps://ubuntu.com/security/notices/USN-5605-1\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-162.astra1+ci6 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.142-1.astra6+ci24 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-162.astra1+ci8 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.142-1.astra6+ci24 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-162.astra1+ci21 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.142-1.astra6+ci38 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.08.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.09.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-05829",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-33656",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Debian GNU/Linux, OpenSUSE Leap, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Linux, \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 8 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 20.04 LTS , Canonical Ltd. Ubuntu 16.04 ESM , Novell Inc. OpenSUSE Leap 15.3 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. OpenSUSE Leap 15.4 , Red Hat Inc. Red Hat Enterprise Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 5.10.127 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.209 Aquarius CMP NS220 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.209 Byterg MVK-2020 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.209 F+ Life Tab Plus (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.209 Mashtab TrustPhone T1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ioctl cmd PIO_FONT \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ioctl cmd PIO_FONT \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0448\u0440\u0438\u0444\u0442\u0430 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/support/secure/\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch\nhttps://security-tracker.debian.org/tracker/CVE-2021-33656\nhttps://access.redhat.com/security/cve/CVE-2021-33656\nhttps://www.suse.com/security/cve/CVE-2021-33656.html\nhttps://cve.omprussia.ru/bb17321\nhttps://cve.omprussia.ru/bb18322\nhttps://cve.omprussia.ru/bb19323\nhttps://cve.omprussia.ru/bb20402\nhttps://ubuntu.com/security/notices/USN-5580-1\nhttps://ubuntu.com/security/notices/USN-5589-1\nhttps://ubuntu.com/security/notices/USN-5591-1\nhttps://ubuntu.com/security/notices/USN-5591-2\nhttps://ubuntu.com/security/notices/USN-5591-3\nhttps://ubuntu.com/security/notices/USN-5591-4\nhttps://ubuntu.com/security/notices/USN-5592-1\nhttps://ubuntu.com/security/notices/USN-5595-1\nhttps://ubuntu.com/security/notices/USN-5597-1\nhttps://ubuntu.com/security/notices/USN-5598-1\nhttps://ubuntu.com/security/notices/USN-5600-1\nhttps://ubuntu.com/security/notices/USN-5603-1\nhttps://ubuntu.com/security/notices/USN-5605-1\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,4)"
}
CERTFR-2022-AVI-721
Vulnerability from certfr_avis - Published: 2022-08-10 - Updated: 2022-08-10
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-ESPOS | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-BCL | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12-SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-LTSS | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12-SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2020-15393",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15393"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2022-34918",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2022-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2021-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39713"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2022-26490",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-1419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1419"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2022-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28389"
},
{
"name": "CVE-2022-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28390"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-10T00:00:00",
"last_revision_date": "2022-08-10T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-721",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222732-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222732-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222722-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222722-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222723-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222723-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222710-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222710-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222726-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222726-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222727-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222727-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222738-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222738-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222728-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222728-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222721-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222721-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222720-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222720-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222719-1 du 09 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222719-1/"
}
]
}
CERTFR-2022-AVI-741
Vulnerability from certfr_avis - Published: 2022-08-12 - Updated: 2022-08-12
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP1 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-1116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1116"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2022-34918",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2022-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2022-26490",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26490"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-1419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1419"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2022-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28389"
},
{
"name": "CVE-2021-39698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
},
{
"name": "CVE-2022-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28390"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-12T00:00:00",
"last_revision_date": "2022-08-12T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-741",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222750-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222750-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222761-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222761-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222759-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222759-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222789-1 du 11 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222789-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222745-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222745-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222741-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222741-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222783-1 du 11 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222783-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222762-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222762-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222781-1 du 11 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222781-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222780-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222780-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222776-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222776-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222770-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222770-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222779-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222779-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20222766-1 du 10 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222766-1"
}
]
}
CERTFR-2022-AVI-748
Vulnerability from certfr_avis - Published: 2022-08-17 - Updated: 2022-08-17
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-BCL | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Storage 7 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS | ||
| SUSE | N/A | SUSE Linux Enterprise Storage 6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP1 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing | ||
| SUSE | N/A | SUSE Enterprise Storage 7 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | N/A | SUSE Enterprise Storage 6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.0 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 15-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Storage 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-1116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1116"
},
{
"name": "CVE-2022-20132",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20132"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2022-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2585"
},
{
"name": "CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2022-33981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33981"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-17T00:00:00",
"last_revision_date": "2022-08-17T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-748",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222827-1 du 16 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222827-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222809-1 du 15 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222809-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222808-1 du 15 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222808-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222803-1 du 12 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222803-1/"
}
]
}
CERTFR-2022-AVI-757
Vulnerability from certfr_avis - Published: 2022-08-19 - Updated: 2022-08-19
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-BCL |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-15393",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15393"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2021-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39713"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-19T00:00:00",
"last_revision_date": "2022-08-19T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-757",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222840-1 du 18 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222840-1/"
}
]
}
CERTFR-2022-AVI-766
Vulnerability from certfr_avis - Published: 2022-08-24 - Updated: 2022-08-24
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données, un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro versions antérieures à 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro versions antérieures à 5.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Storage 7.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro versions ant\u00e9rieures \u00e0 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro versions ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-1116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1116"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2639"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2020-36516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36516"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2022-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-24T00:00:00",
"last_revision_date": "2022-08-24T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Suse du 23 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222875-1/"
}
],
"reference": "CERTFR-2022-AVI-766",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un contournement de la politique de\ns\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Suse SUSE-SU-2022:2875-1 du 23 ao\u00fbt 2022",
"url": null
}
]
}
CERTFR-2022-AVI-768
Vulnerability from certfr_avis - Published: 2022-08-25 - Updated: 2022-08-25
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service à distance, une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2021-33061",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33061"
},
{
"name": "CVE-2022-20368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20368"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
}
],
"initial_release_date": "2022-08-25T00:00:00",
"last_revision_date": "2022-08-25T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 24 ao\u00fbt 2022",
"url": "https://ubuntu.com/security/notices/USN-5577-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 24 ao\u00fbt 2022",
"url": "https://ubuntu.com/security/notices/USN-5579-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 24 ao\u00fbt 2022",
"url": "https://ubuntu.com/security/notices/USN-5580-1"
}
],
"reference": "CERTFR-2022-AVI-768",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans\u00a0le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, une ex\u00e9cution de code\narbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5580-1 du 24 ao\u00fbt 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5577-1 du 24 ao\u00fbt 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5579-1 du 24 ao\u00fbt 2022",
"url": null
}
]
}
CERTFR-2022-AVI-774
Vulnerability from certfr_avis - Published: 2022-08-26 - Updated: 2022-08-26
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-29581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29581"
},
{
"name": "CVE-2022-1116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1116"
},
{
"name": "CVE-2020-36557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36557"
},
{
"name": "CVE-2022-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2639"
},
{
"name": "CVE-2022-33741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33741"
},
{
"name": "CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"name": "CVE-2020-36516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36516"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2022-33742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33742"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-33740",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33740"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2318"
},
{
"name": "CVE-2022-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
},
{
"name": "CVE-2022-26365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26365"
},
{
"name": "CVE-2020-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36558"
}
],
"initial_release_date": "2022-08-26T00:00:00",
"last_revision_date": "2022-08-26T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-774",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20222892-1 du 25 ao\u00fbt 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222892-1/"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…