VAR-202206-1186
Vulnerability from variot - Updated: 2026-03-09 22:00Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. plural Intel(R) Processor contains an incomplete cleanup vulnerability.Information may be obtained.
The following packages have been upgraded to a later upstream version: kernel (4.18.0).
Bug Fix(es):
-
DR, Ignore modify TTL if ConnectX-5 doesn't support it (BZ#2075549)
-
execve exit tracepoint not called (BZ#2106663)
-
Unable to boot RHEL-8.6 on Brazos max. config (Install is success) (BZ#2107475)
-
"vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107490)
-
soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110773)
-
Allow substituting custom vmlinux.h for the build (BZ#2116407)
-
7) - noarch, x86_64
Bug Fix(es):
-
The kernel-rt crashes where one task is indefinitely looping in __start_cfs_bandwidth() with the cfs_b->lock spinlock being held (BZ#2079976)
-
update to the latest RHEL7.9.z16 source tree (BZ#2100182)
-
Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.12 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):
2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation 2101411 - RHACM 2.3.12 images 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2022:6251
Space precludes documenting all of the container images in this advisory.
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images. Solution:
For OpenShift Container Platform 3.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/3.11/upgrading/index.html
- Bugs fixed (https://bugzilla.redhat.com/):
2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
- ========================================================================= Ubuntu Security Notice USN-5529-1 July 21, 2022
linux-oem-5.17 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-oem-5.17: Linux kernel for OEM systems
Details:
It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679)
Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789)
Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852)
Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973)
It was discovered that the netfilter subsystem in the Linux kernel contained a buffer overflow in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2078)
It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125)
It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166)
It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495)
Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: linux-image-5.17.0-1013-oem 5.17.0-1013.14 linux-image-oem-22.04 5.17.0.1013.12 linux-image-oem-22.04a 5.17.0.1013.12
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-5529-1 CVE-2022-1652, CVE-2022-1679, CVE-2022-1789, CVE-2022-1852, CVE-2022-1973, CVE-2022-2078, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-34494, CVE-2022-34495
Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.17/5.17.0-1013.14 . 9) - x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166
Various researchers discovered flaws in Intel processors,
collectively referred to as MMIO Stale Data vulnerabilities, which
may result in information leak to local users.
For details please refer to
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html
CVE-2022-21151
Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi
discovered that for some Intel processors optimization removal or
modification of security-critical code may result in information
disclosure to local users.
For the oldstable distribution (buster), these problems have been fixed in version 3.20220510.1~deb10u1.
For the stable distribution (bullseye), these problems have been fixed in version 3.20220510.1~deb11u1.
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLFiNRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QsfQ/7BFnYhmBMr5u1iyXJY79QkOuBFij/I7N5doGb/5m/LTbUOKgHKlI3XKqr NHbWZWQZVO7gexkZIdGSY2RnCtVS1oNkKxNzuFVxkPjbsRpJJBAyPqoY6JogDjhM 18jXAyZqB5tfZdGohiHBeVDsQwP5M3IPTdG2USoLOwcwd5+BK8ZgdrLrREDHo9mA +VJU8fhGRpdminz5MR2NPenu5jgG2JVKAhFRC8ioy92umF/5c/C6wRAyQsRid4lZ i+lzWAOQbUzvUGlomDrjqtSEn0fVQR2A0VoU+5AQnln8fODQmSLOHo/Ti00RuUUL 8WLfrKnfimXvTWnUeWKLCnHIRCbzLBfPa1EPbCagkD7XDkcYd+MWLm0C6RhUvBPN p3U9AbWstO4z2RjldX1DYUVeCR5zQqBT6pAY6G14MqIvuqrAodi9p0jgjOchdCUZ Hv4H6b0F7QusCZrj1onfe4//CG5AmN0D8E/QKCKNBplJmciVg2o/8R0hTfaKDK8v NhUYBkEWnG0zUlo93Qkapqc00j5i7cbXKbzRV3zPa42WtypoS8yd/tftZ6y7yBpa lHZOAVcfdDcN7jm9U9ZV3tVCCs3Cu5wb3ZYoYyhfEZBpEgCQ7YEEPQffTq9Y3LMN 4IUiKp8LINReMEEfV8My7PB2fX8dvti2lEQ/pJfAC/XKNoassd0= =8N2y -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2022:6460-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6460 Issue date: 2022-09-13 CVE Names: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
-
Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
-
Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)
-
slub corruption during LPM of hnv interface (BZ#2081250)
-
Affinity broken due to vector space exhaustion (BZ#2084646)
-
'rmmod pmt_telemetry' panics on ADL-P IOTG (BZ#2091079)
-
Unable to boot RHEL-8.6 on Brazos max. config (Install is success) (BZ#2092241)
-
kernel crash after reboot of T14/G2 AMD laptop (mt7921e module) (BZ#2095654)
-
mt7921: free resources on pci_probe error path (BZ#2101684)
-
NLM should be more defensive if underlying FS changes fl_owner (BZ#2102099)
-
RHEL8/async-pf Guest call trace when reboot after postcopy migration with high stress workload (BZ#2105340)
-
execve exit tracepoint not called (BZ#2106662)
-
QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)
-
KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)
-
KVM selftests fail to compile (BZ#2107655)
-
Some monitor have no display with AMD W6400 when boot into OS. (BZ#2109826)
-
Percpu counter usage is gradually getting increasing during podman container recreation. (BZ#2110039)
-
multipath failed to recover after EEH hit on flavafish adapter on Denali(qla2xxx/flavafish/RHEL8.6/Denali) (BZ#2110768)
-
soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)
-
trouble re-assigning MACs to VFs, ice stricter than other drivers (BZ#2111936)
-
Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)
-
Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117026)
-
Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)
-
kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)
-
ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)
-
bridge over bond over ice ports has no connection (BZ#2118580)
-
Fix max VLANs available for VF (BZ#2118581)
-
offline selftest failed (BZ#2118582)
-
INTEL NVMUpdate utility ver 3.20 is failing to update firmware on E810-XXVDA4T (WPC) (BZ#2118583)
-
VM configured with failover interface will coredump after been migrating from source host to target host(only iavf driver) (BZ#2118705)
-
Fix max VLANs available for untrusted VF (BZ#2118707)
-
Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset (BZ#2120776)
Enhancement(s):
-
KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)
-
KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)
-
ice: Driver Update (BZ#2102359)
-
iavf: Driver Update (BZ#2102360)
-
iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: kernel-4.18.0-372.26.1.el8_6.src.rpm
aarch64: bpftool-4.18.0-372.26.1.el8_6.aarch64.rpm bpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-core-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-cross-headers-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-core-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-devel-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-modules-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-devel-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-headers-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-modules-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-tools-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-tools-libs-4.18.0-372.26.1.el8_6.aarch64.rpm perf-4.18.0-372.26.1.el8_6.aarch64.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm python3-perf-4.18.0-372.26.1.el8_6.aarch64.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-372.26.1.el8_6.noarch.rpm kernel-doc-4.18.0-372.26.1.el8_6.noarch.rpm
ppc64le: bpftool-4.18.0-372.26.1.el8_6.ppc64le.rpm bpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-core-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-cross-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-core-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-tools-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-tools-libs-4.18.0-372.26.1.el8_6.ppc64le.rpm perf-4.18.0-372.26.1.el8_6.ppc64le.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm python3-perf-4.18.0-372.26.1.el8_6.ppc64le.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm
s390x: bpftool-4.18.0-372.26.1.el8_6.s390x.rpm bpftool-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm kernel-4.18.0-372.26.1.el8_6.s390x.rpm kernel-core-4.18.0-372.26.1.el8_6.s390x.rpm kernel-cross-headers-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-core-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-devel-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-modules-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-372.26.1.el8_6.s390x.rpm kernel-devel-4.18.0-372.26.1.el8_6.s390x.rpm kernel-headers-4.18.0-372.26.1.el8_6.s390x.rpm kernel-modules-4.18.0-372.26.1.el8_6.s390x.rpm kernel-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm kernel-tools-4.18.0-372.26.1.el8_6.s390x.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-core-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-devel-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-modules-4.18.0-372.26.1.el8_6.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm perf-4.18.0-372.26.1.el8_6.s390x.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm python3-perf-4.18.0-372.26.1.el8_6.s390x.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm
x86_64: bpftool-4.18.0-372.26.1.el8_6.x86_64.rpm bpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-core-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-cross-headers-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-core-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-devel-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-modules-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-devel-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-headers-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-modules-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-tools-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-tools-libs-4.18.0-372.26.1.el8_6.x86_64.rpm perf-4.18.0-372.26.1.el8_6.x86_64.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm python3-perf-4.18.0-372.26.1.el8_6.x86_64.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: bpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.aarch64.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm kernel-tools-libs-devel-4.18.0-372.26.1.el8_6.x86_64.rpm perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm python3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYyCB1NzjgjWX9erEAQjx1g/+KpIc2rESQgtzICCW50Ha+ZjaOZiuIgGV 1wDzgsyj7JRxGOIhGY3edJp7sdtoT0+CoWTdjENZrNhQlQ9UhRSpJ+8vdGy5WooO fwwKBffteRMEl8YTO/U8fstclEKXK3MB93ZxEHgS0L3UQY/AUU5XqSzB4a4rV9RJ DpFQcnw3dHIrtMKHs4HMrm8+Q8ezq9UmVbl472ecnfmNXfHDhOmUGGlUrT22SX9p Zn/UXCiWZxIt+Vh2uTrIgs4hiSJPAqD/lGHjLQpaR26uciZnndLui2s4W91F7yN4 ZifRDwrSAMtsRoln7Z8HL6H59tw4vHwAY1rD5ATwk9EqhRtaetE+v0hzM+BRBhri dpZnKUhMiUDNTUKqmpbBZjh4IuSKI6AkaQenFnMQWTp027B6o0EjhqpiEdLaA0R/ pYewm2OKbulyoUeVhC5GOMX6g8ckGa5h2o4Fr+fkaptELQN1VniYEu88O7pRqaqR lW3MrcYIEowDxyiMLehgtIxjyawzfmi0fficXzCf8xEXm8fmqlrXu4lfhKV4g3WI Y9j8INFYc4inopUBsQM1zXWV00nCDxAvaYPhOYI0VjO11jxOCOcBheOlwS1sseOv Bjram7oqf2DuVSINeTAgbHMLMA4AGEcNMsOAN/mwdq6ZBpEYmCf48pvZwQscW7qv a685GRAjoyY= =4AwP -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "sgx sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.16.100.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "sgx psw",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.16.100.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 1.0,
"vendor": "xen",
"version": "*"
},
{
"model": "sgx sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.17.100.3"
},
{
"model": "sgx psw",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "2.17.100.3"
},
{
"model": "esxi",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "sgx dcap",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "1.14.100.3"
},
{
"model": "intel sgx dcap",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "xen",
"scope": null,
"trust": 0.8,
"vendor": "xen \u30d7\u30ed\u30b8\u30a7\u30af\u30c8",
"version": null
},
{
"model": "intel sgx psw",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "esxi",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "intel sgx sdk",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "168294"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "168355"
}
],
"trust": 0.6
},
"cve": "CVE-2022-21125",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2022-21125",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-406836",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-21125",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-21125",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-21125",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-21125",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-21125",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULHUB",
"id": "VHN-406836",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2022-21125",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. plural Intel(R) Processor contains an incomplete cleanup vulnerability.Information may be obtained. \n\nThe following packages have been upgraded to a later upstream version:\nkernel (4.18.0). \n\nBug Fix(es):\n\n* DR, Ignore modify TTL if ConnectX-5 doesn\u0027t support it (BZ#2075549)\n\n* execve exit tracepoint not called (BZ#2106663)\n\n* Unable to boot RHEL-8.6 on Brazos max. config (Install is success)\n(BZ#2107475)\n\n* \"vmcore failed, _exitcode:139\" error observed while capturing vmcore\nduring fadump after memory remove. incomplete vmcore is captured. \n(BZ#2107490)\n\n* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110773)\n\n* Allow substituting custom vmlinux.h for the build (BZ#2116407)\n\n4. 7) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* The kernel-rt crashes where one task is indefinitely looping in\n__start_cfs_bandwidth() with the cfs_b-\u003elock spinlock being held\n(BZ#2079976)\n\n* update to the latest RHEL7.9.z16 source tree (BZ#2100182)\n\n4. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.12 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):\n\n2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation\n2101411 - RHACM 2.3.12 images\n2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n\n5. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 3.11.784. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2022:6251\n\nSpace precludes documenting all of the container images in this advisory. \n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images. Solution:\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass\n\n5. =========================================================================\nUbuntu Security Notice USN-5529-1\nJuly 21, 2022\n\nlinux-oem-5.17 vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-oem-5.17: Linux kernel for OEM systems\n\nDetails:\n\nIt was discovered that the Atheros ath9k wireless device driver in the\nLinux kernel did not properly handle some error conditions, leading to a\nuse-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2022-1679)\n\nYongkang Jia discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle guest TLB mapping invalidation requests in\nsome situations. An attacker in a guest VM could use this to cause a denial\nof service (system crash) in the host OS. (CVE-2022-1789)\n\nQiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor\nimplementation in the Linux kernel did not properly handle an illegal\ninstruction in a guest, resulting in a null pointer dereference. An\nattacker in a guest VM could use this to cause a denial of service (system\ncrash) in the host OS. (CVE-2022-1852)\n\nGerald Lee discovered that the NTFS file system implementation in the Linux\nkernel did not properly handle certain error conditions, leading to a use-\nafter-free vulnerability. A local attacker could use this to cause a denial\nof service (system crash) or possibly expose sensitive information. \n(CVE-2022-1973)\n\nIt was discovered that the netfilter subsystem in the Linux kernel\ncontained a buffer overflow in certain situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2022-2078)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on multi-core shared buffers. A local attacker could\npossibly use this to expose sensitive information. (CVE-2022-21123)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on microarchitectural fill buffers. A local attacker could\npossibly use this to expose sensitive information. (CVE-2022-21125)\n\nIt was discovered that some Intel processors did not properly perform\ncleanup during specific special register write operations. A local attacker\ncould possibly use this to expose sensitive information. (CVE-2022-21166)\n\nIt was discovered that the virtio RPMSG bus driver in the Linux kernel\ncontained a double-free vulnerability in certain error conditions. A local\nattacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2022-34494, CVE-2022-34495)\n\nMinh Yuan discovered that the floppy disk driver in the Linux kernel\ncontained a race condition, leading to a use-after-free vulnerability. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2022-1652)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n linux-image-5.17.0-1013-oem 5.17.0-1013.14\n linux-image-oem-22.04 5.17.0.1013.12\n linux-image-oem-22.04a 5.17.0.1013.12\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5529-1\n CVE-2022-1652, CVE-2022-1679, CVE-2022-1789, CVE-2022-1852,\n CVE-2022-1973, CVE-2022-2078, CVE-2022-21123, CVE-2022-21125,\n CVE-2022-21166, CVE-2022-34494, CVE-2022-34495\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux-oem-5.17/5.17.0-1013.14\n. 9) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nCVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166\n\n Various researchers discovered flaws in Intel processors,\n collectively referred to as MMIO Stale Data vulnerabilities, which\n may result in information leak to local users. \n\n For details please refer to\n https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html\n\nCVE-2022-21151\n\n Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi\n discovered that for some Intel processors optimization removal or\n modification of security-critical code may result in information\n disclosure to local users. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 3.20220510.1~deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 3.20220510.1~deb11u1. \n\nWe recommend that you upgrade your intel-microcode packages. \n\nFor the detailed security status of intel-microcode please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/intel-microcode\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLFiNRfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0QsfQ/7BFnYhmBMr5u1iyXJY79QkOuBFij/I7N5doGb/5m/LTbUOKgHKlI3XKqr\nNHbWZWQZVO7gexkZIdGSY2RnCtVS1oNkKxNzuFVxkPjbsRpJJBAyPqoY6JogDjhM\n18jXAyZqB5tfZdGohiHBeVDsQwP5M3IPTdG2USoLOwcwd5+BK8ZgdrLrREDHo9mA\n+VJU8fhGRpdminz5MR2NPenu5jgG2JVKAhFRC8ioy92umF/5c/C6wRAyQsRid4lZ\ni+lzWAOQbUzvUGlomDrjqtSEn0fVQR2A0VoU+5AQnln8fODQmSLOHo/Ti00RuUUL\n8WLfrKnfimXvTWnUeWKLCnHIRCbzLBfPa1EPbCagkD7XDkcYd+MWLm0C6RhUvBPN\np3U9AbWstO4z2RjldX1DYUVeCR5zQqBT6pAY6G14MqIvuqrAodi9p0jgjOchdCUZ\nHv4H6b0F7QusCZrj1onfe4//CG5AmN0D8E/QKCKNBplJmciVg2o/8R0hTfaKDK8v\nNhUYBkEWnG0zUlo93Qkapqc00j5i7cbXKbzRV3zPa42WtypoS8yd/tftZ6y7yBpa\nlHZOAVcfdDcN7jm9U9ZV3tVCCs3Cu5wb3ZYoYyhfEZBpEgCQ7YEEPQffTq9Y3LMN\n4IUiKp8LINReMEEfV8My7PB2fX8dvti2lEQ/pJfAC/XKNoassd0=\n=8N2y\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2022:6460-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:6460\nIssue date: 2022-09-13\nCVE Names: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Incomplete cleanup of multi-core shared buffers (aka SBDR)\n(CVE-2022-21123)\n\n* Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n(CVE-2022-21125)\n\n* Incomplete cleanup in specific special register write operations (aka\nDRPW) (CVE-2022-21166)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)\n\n* slub corruption during LPM of hnv interface (BZ#2081250)\n\n* Affinity broken due to vector space exhaustion (BZ#2084646)\n\n* \u0027rmmod pmt_telemetry\u0027 panics on ADL-P IOTG (BZ#2091079)\n\n* Unable to boot RHEL-8.6 on Brazos max. config (Install is success)\n(BZ#2092241)\n\n* kernel crash after reboot of T14/G2 AMD laptop (mt7921e module)\n(BZ#2095654)\n\n* mt7921: free resources on pci_probe error path (BZ#2101684)\n\n* NLM should be more defensive if underlying FS changes fl_owner\n(BZ#2102099)\n\n* RHEL8/async-pf Guest call trace when reboot after postcopy migration with\nhigh stress workload (BZ#2105340)\n\n* execve exit tracepoint not called (BZ#2106662)\n\n* QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)\n\n* KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)\n\n* KVM selftests fail to compile (BZ#2107655)\n\n* Some monitor have no display with AMD W6400 when boot into OS. \n(BZ#2109826)\n\n* Percpu counter usage is gradually getting increasing during podman\ncontainer recreation. (BZ#2110039)\n\n* multipath failed to recover after EEH hit on flavafish adapter on\nDenali(qla2xxx/flavafish/RHEL8.6/Denali) (BZ#2110768)\n\n* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)\n\n* trouble re-assigning MACs to VFs, ice stricter than other drivers\n(BZ#2111936)\n\n* Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)\n\n* Multicast packets are not received by all VFs on the same port even\nthough they have the same VLAN (BZ#2117026)\n\n* Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)\n\n* kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)\n\n* ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)\n\n* bridge over bond over ice ports has no connection (BZ#2118580)\n\n* Fix max VLANs available for VF (BZ#2118581)\n\n* offline selftest failed (BZ#2118582)\n\n* INTEL NVMUpdate utility ver 3.20 is failing to update firmware on\nE810-XXVDA4T (WPC) (BZ#2118583)\n\n* VM configured with failover interface will coredump after been migrating\nfrom source host to target host(only iavf driver) (BZ#2118705)\n\n* Fix max VLANs available for untrusted VF (BZ#2118707)\n\n* Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset\n(BZ#2120776)\n\nEnhancement(s):\n\n* KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)\n\n* KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)\n\n* ice: Driver Update (BZ#2102359)\n\n* iavf: Driver Update (BZ#2102360)\n\n* iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)\n2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nkernel-4.18.0-372.26.1.el8_6.src.rpm\n\naarch64:\nbpftool-4.18.0-372.26.1.el8_6.aarch64.rpm\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-core-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-cross-headers-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-core-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-devel-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-modules-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-devel-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-headers-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-modules-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-modules-extra-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-tools-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-tools-libs-4.18.0-372.26.1.el8_6.aarch64.rpm\nperf-4.18.0-372.26.1.el8_6.aarch64.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\npython3-perf-4.18.0-372.26.1.el8_6.aarch64.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\n\nnoarch:\nkernel-abi-stablelists-4.18.0-372.26.1.el8_6.noarch.rpm\nkernel-doc-4.18.0-372.26.1.el8_6.noarch.rpm\n\nppc64le:\nbpftool-4.18.0-372.26.1.el8_6.ppc64le.rpm\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-core-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-cross-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-core-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-headers-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-modules-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-modules-extra-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-tools-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-tools-libs-4.18.0-372.26.1.el8_6.ppc64le.rpm\nperf-4.18.0-372.26.1.el8_6.ppc64le.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\npython3-perf-4.18.0-372.26.1.el8_6.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\n\ns390x:\nbpftool-4.18.0-372.26.1.el8_6.s390x.rpm\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-core-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-cross-headers-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-core-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-devel-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-modules-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debug-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-debuginfo-common-s390x-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-devel-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-headers-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-modules-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-tools-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-core-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-devel-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-modules-4.18.0-372.26.1.el8_6.s390x.rpm\nkernel-zfcpdump-modules-extra-4.18.0-372.26.1.el8_6.s390x.rpm\nperf-4.18.0-372.26.1.el8_6.s390x.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\npython3-perf-4.18.0-372.26.1.el8_6.s390x.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.s390x.rpm\n\nx86_64:\nbpftool-4.18.0-372.26.1.el8_6.x86_64.rpm\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-core-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-cross-headers-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-core-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-devel-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-modules-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-devel-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-headers-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-modules-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-modules-extra-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-tools-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-tools-libs-4.18.0-372.26.1.el8_6.x86_64.rpm\nperf-4.18.0-372.26.1.el8_6.x86_64.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\npython3-perf-4.18.0-372.26.1.el8_6.x86_64.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\nkernel-tools-libs-devel-4.18.0-372.26.1.el8_6.aarch64.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.aarch64.rpm\n\nppc64le:\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\nkernel-tools-libs-devel-4.18.0-372.26.1.el8_6.ppc64le.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\nkernel-tools-libs-devel-4.18.0-372.26.1.el8_6.x86_64.rpm\nperf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\npython3-perf-debuginfo-4.18.0-372.26.1.el8_6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYyCB1NzjgjWX9erEAQjx1g/+KpIc2rESQgtzICCW50Ha+ZjaOZiuIgGV\n1wDzgsyj7JRxGOIhGY3edJp7sdtoT0+CoWTdjENZrNhQlQ9UhRSpJ+8vdGy5WooO\nfwwKBffteRMEl8YTO/U8fstclEKXK3MB93ZxEHgS0L3UQY/AUU5XqSzB4a4rV9RJ\nDpFQcnw3dHIrtMKHs4HMrm8+Q8ezq9UmVbl472ecnfmNXfHDhOmUGGlUrT22SX9p\nZn/UXCiWZxIt+Vh2uTrIgs4hiSJPAqD/lGHjLQpaR26uciZnndLui2s4W91F7yN4\nZifRDwrSAMtsRoln7Z8HL6H59tw4vHwAY1rD5ATwk9EqhRtaetE+v0hzM+BRBhri\ndpZnKUhMiUDNTUKqmpbBZjh4IuSKI6AkaQenFnMQWTp027B6o0EjhqpiEdLaA0R/\npYewm2OKbulyoUeVhC5GOMX6g8ckGa5h2o4Fr+fkaptELQN1VniYEu88O7pRqaqR\nlW3MrcYIEowDxyiMLehgtIxjyawzfmi0fficXzCf8xEXm8fmqlrXu4lfhKV4g3WI\nY9j8INFYc4inopUBsQM1zXWV00nCDxAvaYPhOYI0VjO11jxOCOcBheOlwS1sseOv\nBjram7oqf2DuVSINeTAgbHMLMA4AGEcNMsOAN/mwdq6ZBpEYmCf48pvZwQscW7qv\na685GRAjoyY=\n=4AwP\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21125"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "168294"
},
{
"db": "PACKETSTORM",
"id": "167785"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "169316"
},
{
"db": "PACKETSTORM",
"id": "168355"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-21125",
"trust": 3.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/06/16/1",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU94721039",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU99464755",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-166-11",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167785",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168294",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168355",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "169719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169688",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168503",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169695",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169941",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169997",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168461",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168694",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167862",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167692",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170226",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-406836",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-21125",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169409",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169852",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169316",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "168294"
},
{
"db": "PACKETSTORM",
"id": "167785"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "169316"
},
{
"db": "PACKETSTORM",
"id": "168355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"id": "VAR-202206-1186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T22:00:02.790000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00615",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-21125"
},
{
"title": "Ubuntu Security Notice: USN-5485-1: Linux kernel vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5485-1"
},
{
"title": "Ubuntu Security Notice: USN-5485-2: Linux kernel (OEM) vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5485-2"
},
{
"title": "Red Hat: Moderate: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225939 - Security Advisory"
},
{
"title": "Red Hat: Moderate: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226460 - Security Advisory"
},
{
"title": "Red Hat: Moderate: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226437 - Security Advisory"
},
{
"title": "Red Hat: Moderate: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225937 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227280 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226872 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227279 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5484-1: Linux kernel vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5484-1"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226991 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226983 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-5178-1 intel-microcode -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=1e914c5a2547786f7ee2aba93fa4c45a"
},
{
"title": "Debian CVElist Bug Report Logs: xen: New unreleased upstream fixes for 6 vulnerabilities in testing/unstable",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5fdc49cb53af49972ab3ac47e5a6b1bd"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.5.3 security fixes and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226954 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Moderate:OpenShift Container Platform 4.11.5 security and extras update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226537 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.11.5 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226536 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Openshift Logging Bug Fix Release and Security Update (5.3.12)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226560 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5535-1: Intel Microcode vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5535-1"
},
{
"title": "Red Hat: Important: OpenShift Virtualization 4.9.7 Images security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228609 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228974 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228973 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5529-1: Linux kernel (OEM) vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5529-1"
},
{
"title": "Debian Security Advisories: DSA-5184-1 xen -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=37cc577a7d3df607e62854fc340b6435"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 3.11.784 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226252 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.10.39 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227211 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.9.51 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227216 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.8.53 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227874 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226271 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5513-1: Linux kernel (AWS) vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5513-1"
},
{
"title": "Ubuntu Security Notice: USN-5505-1: Linux kernel vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5505-1"
},
{
"title": "Red Hat: Critical: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226696 - Security Advisory"
},
{
"title": "Red Hat: Moderate: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228267 - Security Advisory"
},
{
"title": "Red Hat: Moderate: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227933 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-5173-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=acd6d70f5129be4a1390575252ec92a6"
},
{
"title": "Hardware attacks / State of the art",
"trust": 0.1,
"url": "https://github.com/codexlynx/hardware-attacks-state-of-the-art "
},
{
"title": "veracode-container-security-finding-parser",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-459",
"trust": 1.1
},
{
"problemtype": "incomplete cleanup (CWE-459) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21125"
},
{
"trust": 1.2,
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"trust": 1.2,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94721039/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99464755/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-21125"
},
{
"trust": 0.6,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21166"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-21166"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-21123"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21123"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-26116"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26116"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26137"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-26137"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3177"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-2526"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29154"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1679"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/459.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5485-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45486"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45485"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2588"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2588"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5939"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25314"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27782"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27776"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-22576"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-40528"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25313"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27774"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1012"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-40528"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6271"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29824"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31129"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-34169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39226"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:6251"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-39226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21541"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/3.11/upgrading/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2526"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-46784"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6252"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-46784"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2078"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5529-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1973"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem-5.17/5.17.0-1013.14"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1280"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23825"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1353"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29581"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1679"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-36946"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/6971358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28893"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-26373"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1353"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24448"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21151"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/intel-microcode"
},
{
"trust": 0.1,
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21127"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:6460"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "168294"
},
{
"db": "PACKETSTORM",
"id": "167785"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "169316"
},
{
"db": "PACKETSTORM",
"id": "168355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-406836"
},
{
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"db": "PACKETSTORM",
"id": "169409"
},
{
"db": "PACKETSTORM",
"id": "168018"
},
{
"db": "PACKETSTORM",
"id": "168213"
},
{
"db": "PACKETSTORM",
"id": "168294"
},
{
"db": "PACKETSTORM",
"id": "167785"
},
{
"db": "PACKETSTORM",
"id": "169852"
},
{
"db": "PACKETSTORM",
"id": "169316"
},
{
"db": "PACKETSTORM",
"id": "168355"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-406836"
},
{
"date": "2022-06-15T00:00:00",
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"date": "2022-10-18T22:30:43",
"db": "PACKETSTORM",
"id": "169409"
},
{
"date": "2022-08-10T15:50:10",
"db": "PACKETSTORM",
"id": "168018"
},
{
"date": "2022-09-01T16:30:25",
"db": "PACKETSTORM",
"id": "168213"
},
{
"date": "2022-09-07T17:19:14",
"db": "PACKETSTORM",
"id": "168294"
},
{
"date": "2022-07-21T20:41:25",
"db": "PACKETSTORM",
"id": "167785"
},
{
"date": "2022-11-15T16:41:36",
"db": "PACKETSTORM",
"id": "169852"
},
{
"date": "2022-07-28T19:12:00",
"db": "PACKETSTORM",
"id": "169316"
},
{
"date": "2022-09-13T15:42:59",
"db": "PACKETSTORM",
"id": "168355"
},
{
"date": "2023-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"date": "2022-06-15T20:15:17.547000",
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-406836"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-21125"
},
{
"date": "2023-08-23T06:27:00",
"db": "JVNDB",
"id": "JVNDB-2022-011636"
},
{
"date": "2025-05-05T17:17:37.500000",
"db": "NVD",
"id": "CVE-2022-21125"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "167785"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Intel(R)\u00a0Processor\u00a0 Incomplete Cleanup Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-011636"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bypass",
"sources": [
{
"db": "PACKETSTORM",
"id": "168294"
}
],
"trust": 0.1
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.