Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.
8fedbbf10be56ed3244024efc11739ae41c56ec0cebbc5d2689f162776226891Red Hat Security Advisory 2022-8974-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, code execution, out of bounds write, and privilege escalation vulnerabilities.
6d35672261df38aa85cd2ee464c60cd4122ef8f495ae23678e628e5bf760d2c8Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
ebafaab2d5db4b2842460331e69fe77801e170fb619cc3bd4e090cd8f02623deUbuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c3624c07f86cdfd2b3713a4f62018465ad2c42db0469b2ff000d4ff889d73b83Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d0a1c25c6eb1d9a7ff69a8217addefb3508ac783bad0f3c1762570c079322a29Red Hat Security Advisory 2022-8431-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include an information leakage vulnerability.
bde63b47a05fa71e76f75535ab11d13194617f32effd054fa1677bd6f9f48500Red Hat Security Advisory 2022-8008-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Issues addressed include denial of service and information leakage vulnerabilities.
f27bc3e529f8aa8ebd57f3027862054868818878916e80cbd4d078f8cadc588fRed Hat Security Advisory 2022-7434-01 - A Red Hat OpenShift security update has been provided for the Logging Subsystem.
8955b3daac257bb1e631eab88f1476668bf890ade5b3c2f9df79ac69caf7f1a7Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.
7e65b18002978caefe3c4db2dc816316d156cfdc8df48304228fbb8fa76dbb4fRed Hat Security Advisory 2022-7457-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage and memory exhaustion vulnerabilities.
72c93ef5fad8294ebe3afa3b48f3853ab0bb3fb7dd60c2174498a5cadd63ae36Red Hat Security Advisory 2022-7822-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an information leakage vulnerability.
0f953845060b331fa03695eb343bb0b9cbb60d9d42b8a73f3bd5d9e8578a2f78Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.
97a4f05892f5310eee304e4ddc0379cfce9b9f7cd23d75d375041238621f622eRed Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.
cecb4ff726f2e2ac5392c18e54da018333c6e9f6ac8100a7ea617dcc091c62bfRed Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.
6d28e160aebd967897f3d87e1e5bfd567b29c6dba8e6d1fe4a5120cd1a1c659bRed Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.
7ac9e1c7f562a5f00c685c3f4a883358404bdb691f54031e1c202dfc1880d591Red Hat Security Advisory 2022-7134-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, information leakage, privilege escalation, and use-after-free vulnerabilities.
6a450fa6510675d96313a97083abb8cf1284fa5ccbb8758fe7a577703508c005Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
7e26c2475110ff7340d7988275fa609b265fd44e6f52933eac803e2512ab54abDebian Linux Security Advisory 5207-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a834fc5673ea42539aceee3099b521390b2bb10a60b230031ba7bb0a98087e77Ubuntu Security Notice 5566-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
86abaa0c5ce8d1a30e303a39ce1a671f08409990567bd2c247492e7141a9725bUbuntu Security Notice 5565-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
484e185b1094f77c20937b1f6cdb7e94436b94b7ed29b91894907086a9eaadadUbuntu Security Notice 5564-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
1a35f7b41237a476900dc251a309728112baf4d626a8583783752c7b50a75005Debian Linux Security Advisory 5184-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation. In addition this updates provides mitigations for the "Retbleed" speculative execution attack and the "MMIO stale data" vulnerabilities.
a6ef7fc52f33a44647f11ad73447e266d15867256950bda60e55581335321822Red Hat Security Advisory 2022-4590-1 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
7d03737a1820f3fda0e1f92f7f1e70ecd0071e3480d13eadc0e84ce0193c21d3Red Hat Security Advisory 2022-4589-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.0. Issues addressed include a bypass vulnerability.
f7449c533eb9b6f9a1d5c7aa7709c8c394e15845f28460d977ac0fc4e6946567Debian Linux Security Advisory 5129-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
6e82db6dff6f96ecfd161cadff7557dfe1491b1ae4e54374528ba5655397ec6e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed