Red Hat Security Advisory 2022-5483-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
ce70c2647076c3e2e1ce8691bcc4d5a053b71f02fc338cb8e6f439843c00f8bcRed Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.
91ea6d7e287cf68f884e0838fff02b750c8ceaf606330ce2c7b1403d1eb46d64Red Hat Security Advisory 2022-5201-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.5 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which apply security fixes and fix several bugs. Issues addressed include a traversal vulnerability.
0ed89745dca96ce3d4084d2ff69e0833e3f3df669d2223a3ae686ad91ed7ff0bRed Hat Security Advisory 2022-4956-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include privilege escalation and traversal vulnerabilities.
878315e02041e8cdde9d1b5e67ed064f3cf0e6605b2eb860d63e94f3d703f519Red Hat Security Advisory 2022-4814-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service and memory exhaustion vulnerabilities.
de3fa8ee040cf6c28c1affa37a50086f48d77a4fce95eaf6d26445098ef47a20Red Hat Security Advisory 2022-1988-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, memory leak, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
37a2bc5df5427ed04000a8d10823bd2aed8f25a960acdbe741e5cfa028d617dfRed Hat Security Advisory 2022-1975-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
76e7a83f67a9594d044f0555940c9cdc95fcacfd7cb6fe3ce07a4e4115106e22Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.
15f863255ce01b9af4125b6f699165597020889114335a232c7f75076dc7e35cRed Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.
ededc503492f31daf90a74b29a6e64b1e7ee98978cd963f10901af9667484f8eRed Hat Security Advisory 2021-3327-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
b20ba2534d111110aaf1bd0add4dc3ab65b04821835470cce71af9635bd44116Red Hat Security Advisory 2021-3328-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.
4f52d608a26aeced8b46022c6a00a641c50b6115116bab7260c93d4977dbab6aIt was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
2804a214253fb2c002641f38c8aae9e4023d617f9897b0c5c01ff06e5794df2bUbuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.
0109aef37883b59cfde530823abac56b2ccc7f8d9cf5d79c37274335d1792a6cUbuntu Security Notice 4917-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
0960410ba7e6e4040775aa7d07813ed851354f20fef02f6247a7d3b53d08796aUbuntu Security Notice 4916-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
731316af4af43b6a4f4a4888d410c88049b391c7650608ca1fd2ed0566f0f141Ubuntu Security Notice 4912-1 - Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
590166453ec29f1473b4cb64bcf7651991eb909ac482b366e52b4648a1f60409
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed