exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

CVE-2022-29154

Status Candidate

Overview

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).

Related Files

Ubuntu Security Notice USN-5921-1
Posted Mar 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5921-1 - Koen van Hove discovered that the rsync client incorrectly validated filenames returned by servers. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to write arbitrary files, and possibly escalate privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-29154
SHA-256 | 35d52e9980c3b3b1564055c12ccb518fb324abda65d1fd79b116b82879e48886
Red Hat Security Advisory 2022-7058-01
Posted Oct 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7058-01 - OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. This advisory contains an update for OpenShift sandboxed containers with security fixes and a bug fix. Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-24675, CVE-2022-2832, CVE-2022-29154, CVE-2022-30632, CVE-2022-32206
SHA-256 | 952618897141c2bcf07e60e877ff3c20659f892e7d4f3e17083ce9ccf958ffc0
Red Hat Security Advisory 2022-6890-01
Posted Oct 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6890-01 - Red Hat OpenShift Virtualization release 4.8.7 is now available with updates to packages and images that fix several bugs and add enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2022-0494, CVE-2022-1271, CVE-2022-1353, CVE-2022-1798, CVE-2022-23852, CVE-2022-2526, CVE-2022-29154
SHA-256 | 865dc2437127f82ee61a3bbf22c54a44ff05b2aef2f0dc94202891053162f66d
Red Hat Security Advisory 2022-6714-01
Posted Sep 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6714-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes new features and bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-24675, CVE-2022-24921, CVE-2022-28327, CVE-2022-29154, CVE-2022-29526
SHA-256 | 69050ff141090bf4e5efd74a234911043d10d39b379930b9257258af6d9efab7
Red Hat Security Advisory 2022-6560-01
Posted Sep 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6560-01 - An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208, CVE-2022-34903
SHA-256 | d134f436fdff639de70a03b7b3975885bf861fbed06c5479cdbcb07453bd6f5d
Red Hat Security Advisory 2022-6681-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6681-01 - Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1271, CVE-2022-1353, CVE-2022-1798, CVE-2022-2526, CVE-2022-29154
SHA-256 | 35fe0c51a1e2d8d57b8f5b189f065486839edc6ee7397371f98e2e4d322f3113
Red Hat Security Advisory 2022-6551-01
Posted Sep 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-1012, CVE-2022-2132, CVE-2022-2526, CVE-2022-2588, CVE-2022-29154, CVE-2022-32250
SHA-256 | b6b288369992a125e61cf713243fbc771ddaa180c88cffe38888b1fae6e5a6e9
Red Hat Security Advisory 2022-6308-01
Posted Sep 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.49. There are no RPMs for this release. Space precludes documenting all of the container images in this advisory. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-26945, CVE-2022-29154, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323, CVE-2022-30631
SHA-256 | f4ec47e45b2995e738ba4d5c413b3b051001f01fbe44c23ae6384ac45cd9c4fd
Red Hat Security Advisory 2022-6507-01
Posted Sep 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6507-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-31129, CVE-2022-32206, CVE-2022-32208, CVE-2022-32250
SHA-256 | 75e089711468232e4bcdf04ef4e769e7d5a865f427fde9d59fd2c9c9691dd6f8
Red Hat Security Advisory 2022-6322-01
Posted Sep 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6322-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.59. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | b37c61fa9b0a01715103937414cdcd1f8bbc6653e67753636e2aab8aac2a3188
Red Hat Security Advisory 2022-6422-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6422-01 - Multicluster Engine for Kubernetes 2.0.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-31129, CVE-2022-32206, CVE-2022-32208, CVE-2022-36067
SHA-256 | f9f497cd32f3eec88a2d2917982db7ed736ec611fb5beef51d8ac5bf18b4848e
Red Hat Security Advisory 2022-6317-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6317-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.48. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | 3f15efc05225b6294bf65a1ea6b228f58c09a6d5457425ee2388893c1ab723c3
Red Hat Security Advisory 2022-6318-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6318-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.48. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-29154
SHA-256 | 4511e638f28be3573a983b40c9c0db3cb4646873e67037396373a221a14ada01
Red Hat Security Advisory 2022-6263-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-34169
SHA-256 | f81d6d7743dfee9d3117b3d90921d3f45e47a85facb6f384cd437bf521688c88
Red Hat Security Advisory 2022-6262-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-34169
SHA-256 | 72548ddc1adb7743918cfe4de6f5c9572a4cdabfee46870057e2ef7ea8b5251e
Red Hat Security Advisory 2022-6258-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6258-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.31. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-0494, CVE-2022-1353, CVE-2022-2526, CVE-2022-26945, CVE-2022-29154, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323
SHA-256 | 9c03774205c2409f2fc031eeb76457ce7e96dea9a3a0cdf65ae28bf54eaa5970
Red Hat Security Advisory 2022-6287-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.3. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-2526, CVE-2022-29154, CVE-2022-32206, CVE-2022-32208
SHA-256 | cdfa110c52d5f36c1043dcb84bbdac933a90042102886ff5182c1c46a467e01f
Red Hat Security Advisory 2022-6252-02
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2021-3177, CVE-2021-39226, CVE-2021-46784, CVE-2022-1271, CVE-2022-1552, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154
SHA-256 | 3579463a99c4e63010aef250904c7f9f1b1b3fbe1da0e14d8bd0f44d9140902f
Red Hat Security Advisory 2022-6182-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6182-01 - Openshift Logging Bug Fix Release. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208
SHA-256 | 4099c4aee454dfe06715c49e580c20892cb9106441a44fb59f068ac2c01cd719
Red Hat Security Advisory 2022-6370-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1705, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-1962, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-28131, CVE-2022-29154, CVE-2022-30629
SHA-256 | 777679cec736f94ae1f91650c8132afe0be4445086f9d7ed52509ab3707b3edc
Red Hat Security Advisory 2022-6183-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6183-01 - Logging Subsystem 5.4.5 for Red Hat OpenShift has been released. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-1705, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32148, CVE-2022-32206, CVE-2022-32208
SHA-256 | deb14193a53634d9562af8ba160cd856b0498c98c238f89208e101f38e1c3aec
Red Hat Security Advisory 2022-6345-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6345-01 - Multicluster engine for Kubernetes 2.1 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-1705, CVE-2022-1962, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-28131, CVE-2022-29154, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633
SHA-256 | 067e9a9058c8e804a43cdc37f32da13c181243e7f27bcb77c8e67261c1b42d57
Red Hat Security Advisory 2022-6344-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6344-01 - Logging Subsystem 5.5.1 for Red Hat OpenShift has been released. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32148, CVE-2022-32206, CVE-2022-32208
SHA-256 | 9f699527ab1ebb891364aada3736d49b37fffd23024040057f1a711405164e80
Red Hat Security Advisory 2022-6290-01
Posted Sep 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6290-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-3634, CVE-2021-40528, CVE-2022-1271, CVE-2022-1292, CVE-2022-1586, CVE-2022-2068, CVE-2022-2097, CVE-2022-21698, CVE-2022-24675, CVE-2022-25313, CVE-2022-25314, CVE-2022-26691, CVE-2022-28327, CVE-2022-29154
SHA-256 | 443a0aac6af9d5fe21a01d1493535af36861fdd77dc1fd48c74332d392859668
Red Hat Security Advisory 2022-6170-01
Posted Aug 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6170-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-29154
SHA-256 | 58505a1e3be304824bde5489d0f30d38e4e025d8b239fd72d324436e40bb560f
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close