Ubuntu Security Notice 5362-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.
15aee9355fdfa4005c244c11432f609c7d439bd4c9e2bb1fc22da50bd8c0cbbdRed Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.
2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67bRed Hat Security Advisory 2022-0735-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.
0f428578537f68dfaf14cf427f755f1edf5314f8b08ecb6c1be275b4a8bd343eRed Hat Security Advisory 2022-0540-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, heap overflow, and privilege escalation vulnerabilities.
923f3586648f88116e40f30ce55effbcd7d2b6a803d6888a77b92b4b0e0c6d09Red Hat Security Advisory 2022-0283-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.42.
b534dd4b6617fbc93a6f5689f9254fa1f24dd599e91f50c3815185d89fde9713Debian Linux Security Advisory 5050-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
201719841d62e63a9df601bb25c6296f57bb40b4ff04b69e300f0b1ed9ce5c7aThis archive contains demo exploits for CVE-2022-0185. There are two versions here. The non-kctf version (fuse version) specifically targets Ubuntu with kernel version 5.11.0-44. It does not directly return a root shell, but makes /bin/bash suid, which will lead to trivial privilege escalation. Adjusting the single_start and modprobe_path offsets should allow it to work on most other Ubuntu versions that have kernel version 5.7 or higher; for versions between 5.1 and 5.7, the spray will need to be improved as in the kctf version. The exploitation strategy relies on FUSE and SYSVIPC elastic objects to achieve arbitrary write. The kctf version achieves code execution as the root user in the root namespace, but has at most 50% reliability - it is targeted towards Kubernetes 1.22 (1.22.3-gke.700). This exploitation strategy relies on pipes and SYSVIPC elastic objects to trigger a stack pivot and execute a ROP chain in kernelspace.
8f9e0a3bd934c75bb63bb75c98368d05ec18006a64e52a0bc3f9ae155f0b72c1Local privilege escalation exploit for a Linux kernel slab out-of-bounds write vulnerability. This exploit has been tested in an Ubuntu 21.04 Hirsute with kernel 5.11.0.
46970cc27a7bf55e660be14e1e0975df3058aefb276d3341c8fb2e841fe683c9Red Hat Security Advisory 2022-0232-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.
1021642cd93d107bd3c68e50bdb465f39863c1f58e9f9dd4d9463294024f05b0Red Hat Security Advisory 2022-0231-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and privilege escalation vulnerabilities.
57770ee1c33dbd8dba6dacf04547cf9e17773b3c538fd57af340bf40ac1aa736William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
ebdd28169715872d3dae12d04faac30cc03a75e8432f2814b583409805684cf6Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
f38197d468b0ac1b459114cface6fdb664c54f6bfdf6561758bfbe79ee4a41e0Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.
9285d1161496f0d2f04d09373979faf3ed79e7a3f31a711af8ec8c440d65e0ceRed Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.
255bbad280ff777117f481929995d0e8be22db96c27a7cbab200dab6e85e611dRed Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.
027360ba53dd866197d83e94c2fa0af7a9631774a89b45f9aad23660f6067bd1Red Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.
3a8d39b382e67ddc84b361946493d6691df59cc769794212d341668be76b83b5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed