ID

VAR-202203-0111

CVE

CVE-2022-22624

TITLE

Apple Security Advisory 2022-03-14-2

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-03-14-2 watchOS 8.5 watchOS 8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213193. Accelerate Framework Available for: Apple Watch Series 3 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-22633: an anonymous researcher AppleAVD Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory corruption issue was addressed with improved validation. CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. CVE-2022-22611: Xingyu Jin of Google ImageIO Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22596: an anonymous researcher CVE-2022-22640: sqrtpwn Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher Kernel Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders Kernel Available for: Apple Watch Series 3 and later Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6) libarchive Available for: Apple Watch Series 3 and later Impact: Multiple issues in libarchive Description: Multiple memory corruption issues existed in libarchive. CVE-2021-36976 MediaRemote Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to identify what other applications a user has installed Description: An access issue was addressed with improved access restrictions. CVE-2022-22670: Brandon Azad Phone Available for: Apple Watch Series 3 and later Impact: A user may be able to bypass the Emergency SOS passcode prompt Description: This issue was addressed with improved checks. CVE-2022-22618: Yicong Ding (@AntonioDing) Preferences Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Safari Available for: Apple Watch Series 3 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A user interface issue was addressed. CVE-2022-22654: Abdullah Md Shaleh of take0ver Sandbox Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran Siri Available for: Apple Watch Series 3 and later Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation. CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/) UIKit Available for: Apple Watch Series 3 and later Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative WebKit Available for: Apple Watch Series 3 and later Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google Additional recognition AirDrop We would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance. Bluetooth We would like to acknowledge an anonymous researcher for their assistance. Face Gallery We would like to acknowledge Tian Zhang (@KhaosT) for their assistance. Safari We would like to acknowledge Konstantin Darutkin of FingerprintJS (fingerprintjs.com) for their assistance. Shortcuts We would like to acknowledge Baibhav Anand Jha of Streamers Land for their assistance. Siri We would like to acknowledge an anonymous researcher for their assistance. syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance. UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance. Wallet We would like to acknowledge an anonymous researcher for their assistance. WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance. WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance. Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p rhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9 Y2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap MQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9 0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC eCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG x517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b Z5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF t088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ sLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5 GKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O 9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq -----END PGP SIGNATURE----- . Summary: OpenShift API for Data Protection (OADP) 1.1.2 is now available. Description: OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Security Fix(es) from Bugzilla: * golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880) * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 5. JIRA issues fixed (https://issues.jboss.org/): OADP-1056 - DPA fails validation if multiple BSLs have the same provider OADP-1150 - Handle docker env config changes in the oadp-operator OADP-1217 - update velero + restic to 1.9.5 OADP-1256 - Backup stays in progress status after restic pod is restarted due to OOM killed OADP-1289 - Restore partially fails with error "Secrets \"deployer-token-rrjqx\" not found" OADP-290 - Remove creation/usage of velero-privileged SCC 6. Bugs fixed (https://bugzilla.redhat.com/): 2142707 - CVE-2022-42920 Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing 5. This advisory covers container images for the release. JIRA issues fixed (https://issues.jboss.org/): OSSM-1977 - Support for Istio Gateway API in Kiali OSSM-2083 - Update maistra/istio 2.3 to Istio 1.14.5 OSSM-2147 - Unexpected validation message on Gateway object OSSM-2169 - Member controller doesn't retry on conflict OSSM-2170 - Member namespaces aren't cleaned up when a cluster-scoped SMMR is deleted OSSM-2179 - Wasm plugins only support OCI images with 1 layer OSSM-2184 - Istiod isn't allowed to delete analysis distribution report configmap OSSM-2188 - Member namespaces not cleaned up when SMCP is deleted OSSM-2189 - If multiple SMCPs exist in a namespace, the controller reconciles them all OSSM-2190 - The memberroll controller reconciles SMMRs with invalid name OSSM-2232 - The member controller reconciles ServiceMeshMember with invalid name OSSM-2241 - Remove v2.0 from Create ServiceMeshControlPlane Form OSSM-2251 - CVE-2022-3962 openshift-istio-kiali-container: kiali: content spoofing [ossm-2.3] OSSM-2308 - add root CA certificates to kiali container OSSM-2315 - be able to customize openshift auth timeouts OSSM-2324 - Gateway injection does not work when pods are created by cluster admins OSSM-2335 - Potential hang using Traces scatterplot chart OSSM-2338 - Federation deployment does not need router mode sni-dnat OSSM-2344 - Restarting istiod causes Kiali to flood CRI-O with port-forward requests OSSM-2375 - Istiod should log member namespaces on every update OSSM-2376 - ServiceMesh federation stops working after the restart of istiod pod OSSM-535 - Support validationMessages in SMCP OSSM-827 - ServiceMeshMembers point to wrong SMCP name 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:7704-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704 Issue date: 2022-11-08 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary: An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: webkit2gtk3-2.36.7-1.el8.src.rpm aarch64: webkit2gtk3-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el8.i686.rpm webkit2gtk3-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: glib2-2.56.4-159.el8.src.rpm aarch64: glib2-2.56.4-159.el8.aarch64.rpm glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-tests-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm ppc64le: glib2-2.56.4-159.el8.ppc64le.rpm glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-tests-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-2.56.4-159.el8.s390x.rpm glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-tests-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-2.56.4-159.el8.i686.rpm glib2-2.56.4-159.el8.x86_64.rpm glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-2.56.4-159.el8.i686.rpm glib2-devel-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-tests-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-static-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm noarch: glib2-doc-2.56.4-159.el8.noarch.rpm ppc64le: glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-static-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-static-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-static-2.56.4-159.el8.i686.rpm glib2-static-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. Description: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Bug Fix(es): * Cloning a Block DV to VM with Filesystem with not big enough size comes to endless loop - using pvc api (BZ#2033191) * Restart of VM Pod causes SSH keys to be regenerated within VM (BZ#2087177) * Import gzipped raw file causes image to be downloaded and uncompressed to TMPDIR (BZ#2089391) * [4.11] VM Snapshot Restore hangs indefinitely when backed by a snapshotclass (BZ#2098225) * Fedora version in DataImportCrons is not 'latest' (BZ#2102694) * [4.11] Cloned VM's snapshot restore fails if the source VM disk is deleted (BZ#2109407) * CNV introduces a compliance check fail in "ocp4-moderate" profile - routes-protected-by-tls (BZ#2110562) * Nightly build: v4.11.0-578: index format was changed in 4.11 to file-based instead of sqlite-based (BZ#2112643) * Unable to start windows VMs on PSI setups (BZ#2115371) * [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24 (BZ#2128997) * Mark Windows 11 as TechPreview (BZ#2129013) * 4.11.1 rpms (BZ#2139453) This advisory contains the following OpenShift Virtualization 4.11.1 images. RHEL-8-CNV-4.11 virt-cdi-operator-container-v4.11.1-5 virt-cdi-uploadserver-container-v4.11.1-5 virt-cdi-apiserver-container-v4.11.1-5 virt-cdi-importer-container-v4.11.1-5 virt-cdi-controller-container-v4.11.1-5 virt-cdi-cloner-container-v4.11.1-5 virt-cdi-uploadproxy-container-v4.11.1-5 checkup-framework-container-v4.11.1-3 kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.1-7 kubevirt-tekton-tasks-create-datavolume-container-v4.11.1-7 kubevirt-template-validator-container-v4.11.1-4 virt-handler-container-v4.11.1-5 hostpath-provisioner-operator-container-v4.11.1-4 virt-api-container-v4.11.1-5 vm-network-latency-checkup-container-v4.11.1-3 cluster-network-addons-operator-container-v4.11.1-5 virtio-win-container-v4.11.1-4 virt-launcher-container-v4.11.1-5 ovs-cni-marker-container-v4.11.1-5 hyperconverged-cluster-webhook-container-v4.11.1-7 virt-controller-container-v4.11.1-5 virt-artifacts-server-container-v4.11.1-5 kubevirt-tekton-tasks-modify-vm-template-container-v4.11.1-7 kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.1-7 libguestfs-tools-container-v4.11.1-5 hostpath-provisioner-container-v4.11.1-4 kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.1-7 kubevirt-tekton-tasks-copy-template-container-v4.11.1-7 cnv-containernetworking-plugins-container-v4.11.1-5 bridge-marker-container-v4.11.1-5 virt-operator-container-v4.11.1-5 hostpath-csi-driver-container-v4.11.1-4 kubevirt-tekton-tasks-create-vm-from-template-container-v4.11.1-7 kubemacpool-container-v4.11.1-5 hyperconverged-cluster-operator-container-v4.11.1-7 kubevirt-ssp-operator-container-v4.11.1-4 ovs-cni-plugin-container-v4.11.1-5 kubevirt-tekton-tasks-cleanup-vm-container-v4.11.1-7 kubevirt-tekton-tasks-operator-container-v4.11.1-2 cnv-must-gather-container-v4.11.1-8 kubevirt-console-plugin-container-v4.11.1-9 hco-bundle-registry-container-v4.11.1-49 3. Bugs fixed (https://bugzilla.redhat.com/): 2033191 - Cloning a Block DV to VM with Filesystem with not big enough size comes to endless loop - using pvc api 2064857 - CVE-2022-24921 golang: regexp: stack exhaustion via a deeply nested expression 2070772 - When specifying pciAddress for several SR-IOV NIC they are not correctly propagated to libvirt XML 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar 2087177 - Restart of VM Pod causes SSH keys to be regenerated within VM 2089391 - Import gzipped raw file causes image to be downloaded and uncompressed to TMPDIR 2091856 - ?Edit BootSource? action should have more explicit information when disabled 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2098225 - [4.11] VM Snapshot Restore hangs indefinitely when backed by a snapshotclass 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 2102694 - Fedora version in DataImportCrons is not 'latest' 2109407 - [4.11] Cloned VM's snapshot restore fails if the source VM disk is deleted 2110562 - CNV introduces a compliance check fail in "ocp4-moderate" profile - routes-protected-by-tls 2112643 - Nightly build: v4.11.0-578: index format was changed in 4.11 to file-based instead of sqlite-based 2115371 - Unable to start windows VMs on PSI setups 2119613 - GiB changes to B in Template's Edit boot source reference modal 2128554 - The storageclass of VM disk is different from quick created and customize created after changed the default storageclass 2128872 - [4.11]Can't restore cloned VM 2128997 - [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24 2129013 - Mark Windows 11 as TechPreview 2129235 - [RFE] Add "Copy SSH command" to VM action list 2134668 - Cannot edit ssh even vm is stopped 2139453 - 4.11.1 rpms 5. JIRA issues fixed (https://issues.jboss.org/): LOG-3293 - log-file-metric-exporter container has not limits exhausting the resources of the node 6. Solution: For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html For Red Hat OpenShift Logging 5.5, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html 4. JIRA issues fixed (https://issues.jboss.org/): LOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster LOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch LOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn't support multiple CAs LOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. LOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value LOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed LOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue LOG-3310 - [release-5.5] Can't choose correct CA ConfigMap Key when creating lokistack in Console LOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config 6

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

TYPE

overflow, spoof, code execution

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2024-12-25T22:58:00.579000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE