Red Hat Security Advisory 2022-0203-03 - The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.
f8cf326403466dc2f8a13e4486c28735Red Hat Security Advisory 2022-0202-04 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
a2c6170ec7ef0ffe6acbcce9e0c81942Red Hat Security Advisory 2022-0191-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.2 images.
47ce79c4c131f6c66d702d494119aef6Red Hat Security Advisory 2022-0199-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.
5ca07c32aff4c74e5d27d892ba305e0cUbuntu Security Notice 5241-1 - It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
43b058a26738d3b6497e455c57a0de19Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
6091dd663f500cf9a14590659a45e997Red Hat Security Advisory 2022-0190-04 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include an information leakage vulnerability.
30d3e8f093e17aa77b19f0c703d1b8a7Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.
9f91363df89636f977d7ec9755368e02Red Hat Security Advisory 2022-0114-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.41.
275a1cc6067f3e727a0e7c035868d73cRed Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.
e0eb112a753d6ef3f22146b159fde383Red Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.
015043f6fb8121a618a17b8b0ec788a3Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.
a0cd8289685e1605dfafad9ad4ee310eBackdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
235e6158650f534d03cf794bbe213c8cThe panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
78d4972e4013313c7d6d598a0bb2c3dcThe panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.
6e13ca6b026a5716e7f55a09e24384c8VulturiBuilder malware suffers from an insecure permissions vulnerability.
ae3e3340f93567f3bbe330d3e69b0088Ubuntu Security Notice 5233-2 - USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
f0f407e03474205e9889824bb5c1056bRed Hat Security Advisory 2022-0161-03 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
db60d1e4fafae62702992ac617bfc845Red Hat Security Advisory 2022-0184-02 - GEGL is a graph-based image processing framework.
2020240ca0bd5fe637f37de55eefeb3eRed Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.
7e95d48c61f1042f312eef724405c18bRed Hat Security Advisory 2022-0178-02 - GEGL is a graph-based image processing framework.
76950844bb5021c5daea2b0ed6482990Red Hat Security Advisory 2022-0177-02 - GEGL is a graph-based image processing framework.
e616b8081cfadcb5e8f2ff1142bedebfUbuntu Security Notice 5234-1 - Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information.
4c2093774eb23e84544eada6659c3eaaUbuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.
aff64bbef2e012395282891e40280155Red Hat Security Advisory 2022-0163-01 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct this security issue. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog.
edb346021e1155f3766f0f34e0530dd8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed