Ubuntu Security Notice 5092-3 - USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.
2f8462834b9c412b2c94caea0415569d6a8d0a25ce4c553b1643bb9766389a30Ubuntu Security Notice 5096-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
98f615f379d8346abea7dc65ffd543f999a46dbda2ec8a72bcaac4dbaea40126Red Hat Security Advisory 2021-3694-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
b1ce9e701282280a5c2dbdfafd7782a607b33f330152c096fdc1e2b3c2debde0Ubuntu Security Notice 5092-2 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.
fe6e6f7b890fe9c454e6d8b6981a93e9900e3e12cc8de38080233a23b6f9f395Ubuntu Security Notice 5092-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.
ebcf129926760acf6a8d3e98fe23c9b1ac0c8a4d82db537ed58774cee102bccfRed Hat Security Advisory 2021-3598-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
3a62781802214e6eb77a0d28fc9fa05ebee3d12366b8219cccc000ace400db7eRed Hat Security Advisory 2021-3447-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds access vulnerability.
21758e8d20602709b14092a3a74aa61609c2b08c0cdf3db47ba5c33f5c238629Red Hat Security Advisory 2021-3440-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an out of bounds access vulnerability.
fae235b4ccbe50e1ad6b6e53ea379ae4dba89eb999daacdc31c324c7824828a8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed