Red Hat Security Advisory 2022-1988-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, memory leak, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
37a2bc5df5427ed04000a8d10823bd2aed8f25a960acdbe741e5cfa028d617dfRed Hat Security Advisory 2022-1975-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
76e7a83f67a9594d044f0555940c9cdc95fcacfd7cb6fe3ce07a4e4115106e22Ubuntu Security Notice 5361-1 - It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service. Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets.
c315b3f99c654dc04603839d125f1fe9f0159f30ff823c00d323d0852627c9cfRed Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.
2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67bUbuntu Security Notice 5267-3 - USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
4a5754d3205b26805abdee8471083dc8dc84e0eb92a3e64f7fad52257c035f4cUbuntu Security Notice 5267-2 - USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem.
1fa802d233f94d6e25c95108667119d85ca0d36cae93f6c46bb286febc0cf8daUbuntu Security Notice 5268-1 - Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
b8ba9e5c3e6439e47e28cee9eee4587c8f0d9fce5daef2974af08b9d6e1a91e8Ubuntu Security Notice 5267-1 - It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
60617003df6660f9983fff1c2b80b1947ece89928c93e406ca26afce7c3ebf67Ubuntu Security Notice 5266-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
9ba4147ccb5d95d45a49f7b9e0eac111cb9c9b306758eaa6f87e04a0bcc1f34eUbuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1Red Hat Security Advisory 2022-0236-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.
3e5a6bec35c6856aa056bb4ac5262b34cdac38f80ac88be73be24efc217c752cRed Hat Security Advisory 2022-0063-06 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
c84c038c92bb6a1bc8473039834465b0179c88c022a2c76894a288c9ffd97cd5Red Hat Security Advisory 2022-0065-05 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
40e4a0ec6d21c586409f55a567705f5d041db004a9c79906afa098e121353a07Ubuntu Security Notice 5207-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps.
63504dd3c2b3abff85b5c8960e3f39b8f7a1ce6773225176a4d31ae19837a516Ubuntu Security Notice 5165-1 - It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface implementation. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
a0b01b9f4766a141e1c20c5d99e1ca222d00d4498a726851cff5f6c91eb4780c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed