Details of VAR-202206-1106

ID

VAR-202206-1106

CVE

CVE-2022-21123

TITLE

Red Hat Security Advisory 2022-6991-01

Trust: 0.1

sources: PACKETSTORM: 169411

DESCRIPTION

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * The kernel-rt crashes where one task is indefinitely looping in __start_cfs_bandwidth() with the cfs_b->lock spinlock being held (BZ#2079976) * update to the latest RHEL7.9.z16 source tree (BZ#2100182) 4. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/ Security fix: * CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS Bug fixes: * Remove 1.9.1 from Proxy Patch Documentation (BZ# 2076856) * RHACM 2.3.12 images (BZ# 2101411) 3. Bugs fixed (https://bugzilla.redhat.com/): 2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation 2101411 - RHACM 2.3.12 images 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 5. In addition this updates provides mitigations for the "Retbleed" speculative execution attack and the "MMIO stale data" vulnerabilities. For additional information please refer to the following pages: https://xenbits.xen.org/xsa/advisory-404.html https://xenbits.xen.org/xsa/advisory-407.html For the stable distribution (bullseye), these problems have been fixed in version 4.14.5+24-g87d90d511c-1. We recommend that you upgrade your xen packages. For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLRp7MACgkQEMKTtsN8 TjbUmQ/+PCIyYjQJgGT14YBFpKnI/JjdBNRUAlSMK7k3fPhk+J8sQrRx5MqwxRm3 poejebvnbn2KS1Z/NVaiPnS40ryOOUnLBKVDAHqRvnvrc2GwEblGCmUVaBn+cn4M 2OCG2wfpgSDk4sk83obDY1qcQW/676eGY47ULwkG9C+n6wNC8FParq71sCA6UQqy XSWlU7o7pc17l8B1c2yTzfdDeXjSaXe9pavxNXDrowLi7taeTn5GwzhH4x1fPWrs rGHCY8+Kk8Vq8jEIYmZA7bvKuIFcWkcdQpxcAtbgUvtCRzaid19tcf9McvltivKe HaHQhkDJxg32DHcefXMNsh+F0pgXoodh97PdqWtjs49jAkaNZb37Eyn4n7Qt4APm 4oKAT+QA5wYmfDsBzgAczzV9zgY3/nRvYKNH6q9VMOFE3gZfzdzvyHzpegf2VVtf 7DuJKTi61tlt6aSzcDHlzdUAwW7sHXKFLRxgQu6tFD7NbEHzgj0iBlcFOnKDwa2s hHOE6Hlj1GXZUKjol5pRjnM33qGMJmRhnq45qqWaGe21r+EFw2HTAyCacJciPX+a QZ4LEy5+zmc8LFBcZq9kZAVkc91EtTiTPjffqHaVd4eAZvxtgCbqdXFdyRZa9ZRD +2+e1dRoiIF6L5PotQygXyKwvxU8ca6Ni9isvit3brbLjcGjhZk= =pXvE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Xen: Multiple Vulnerabilities Date: August 14, 2022 Bugs: #810341, #812485, #816882, #825354, #832039, #835401, #850802 ID: 202208-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). Background ========= Xen is a bare-metal hypervisor. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/xen < 4.15.3 >= 4.15.3 2 app-emulation/xen-tools < 4.15.3 >= 4.15.3 Description ========== Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Xen users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.15.3" All Xen tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-tools-4.15.3" References ========= [ 1 ] CVE-2021-28694 https://nvd.nist.gov/vuln/detail/CVE-2021-28694 [ 2 ] CVE-2021-28695 https://nvd.nist.gov/vuln/detail/CVE-2021-28695 [ 3 ] CVE-2021-28696 https://nvd.nist.gov/vuln/detail/CVE-2021-28696 [ 4 ] CVE-2021-28697 https://nvd.nist.gov/vuln/detail/CVE-2021-28697 [ 5 ] CVE-2021-28698 https://nvd.nist.gov/vuln/detail/CVE-2021-28698 [ 6 ] CVE-2021-28699 https://nvd.nist.gov/vuln/detail/CVE-2021-28699 [ 7 ] CVE-2021-28700 https://nvd.nist.gov/vuln/detail/CVE-2021-28700 [ 8 ] CVE-2021-28701 https://nvd.nist.gov/vuln/detail/CVE-2021-28701 [ 9 ] CVE-2021-28702 https://nvd.nist.gov/vuln/detail/CVE-2021-28702 [ 10 ] CVE-2021-28710 https://nvd.nist.gov/vuln/detail/CVE-2021-28710 [ 11 ] CVE-2022-21123 https://nvd.nist.gov/vuln/detail/CVE-2022-21123 [ 12 ] CVE-2022-21125 https://nvd.nist.gov/vuln/detail/CVE-2022-21125 [ 13 ] CVE-2022-21166 https://nvd.nist.gov/vuln/detail/CVE-2022-21166 [ 14 ] CVE-2022-23033 https://nvd.nist.gov/vuln/detail/CVE-2022-23033 [ 15 ] CVE-2022-23034 https://nvd.nist.gov/vuln/detail/CVE-2022-23034 [ 16 ] CVE-2022-23035 https://nvd.nist.gov/vuln/detail/CVE-2022-23035 [ 17 ] CVE-2022-26362 https://nvd.nist.gov/vuln/detail/CVE-2022-26362 [ 18 ] CVE-2022-26363 https://nvd.nist.gov/vuln/detail/CVE-2022-26363 [ 19 ] CVE-2022-26364 https://nvd.nist.gov/vuln/detail/CVE-2022-26364 [ 20 ] XSA-378 [ 21 ] XSA-379 [ 22 ] XSA-380 [ 23 ] XSA-382 [ 24 ] XSA-383 [ 25 ] XSA-384 [ 26 ] XSA-386 [ 27 ] XSA-390 [ 28 ] XSA-401 [ 29 ] XSA-402 [ 30 ] XSA-404 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2022:7279-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7279 Issue date: 2022-11-01 CVE Names: CVE-2022-2588 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS AUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS TUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) * hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123) * hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125) * hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RHEL8.6[64TB/240c Denali]:" vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107491) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW) 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation 6. Package List: Red Hat Enterprise Linux BaseOS AUS (v. 8.2): Source: kernel-4.18.0-193.93.1.el8_2.src.rpm aarch64: bpftool-4.18.0-193.93.1.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.aarch64.rpm perf-4.18.0-193.93.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.93.1.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.93.1.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.93.1.el8_2.s390x.rpm kernel-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm perf-4.18.0-193.93.1.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm perf-4.18.0-193.93.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm Red Hat Enterprise Linux BaseOS E4S (v. 8.2): Source: kernel-4.18.0-193.93.1.el8_2.src.rpm aarch64: bpftool-4.18.0-193.93.1.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.aarch64.rpm perf-4.18.0-193.93.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.93.1.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.93.1.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.93.1.el8_2.s390x.rpm kernel-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm perf-4.18.0-193.93.1.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm perf-4.18.0-193.93.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm Red Hat Enterprise Linux BaseOS TUS (v. 8.2): Source: kernel-4.18.0-193.93.1.el8_2.src.rpm aarch64: bpftool-4.18.0-193.93.1.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-devel-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-headers-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.aarch64.rpm perf-4.18.0-193.93.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-4.18.0-193.93.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.93.1.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-4.18.0-193.93.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-4.18.0-193.93.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.93.1.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.93.1.el8_2.s390x.rpm kernel-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-headers-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-4.18.0-193.93.1.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.93.1.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.93.1.el8_2.s390x.rpm perf-4.18.0-193.93.1.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-4.18.0-193.93.1.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm perf-4.18.0-193.93.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2FrqdzjgjWX9erEAQjbTw/+Ps/k3la19UWPfhXXquENlVWAjtSU+2al YnHn/MYUA6aKoNDiSrzqnPTRgrLGymgTNzvRkc4s+A/ZduwWrlVeJv39tXGx1GrV jdjuDXhigMHxaNFH5nlnQMYUhT5bGhOdPXIAuYkQc2j1lySXXs8LBK17E4vav4XD q5MEAkYC7n3WRR6i0c9cpEFBaWbysPE1NkMaJ9Ofc5kCFW4eaW/1IloahR/g0ifN drkBK160d1I2PoMLIF25rWE62viDwiZQZXqZ54UzzUnD1auzKTP3tOwyYrsi+lLU 1x9Wcik925mXtt+6m1FavuE2yPVs0kzQ34Q7mUinRchwKQUkiP643t2tadOCwDVx jOygsdFlzwm1ODZo7NG/xM3tLHxqbMXy0nV/YIJ1tbHEOxfcYMtIUQaOf5zfJzBr uVajIReonF0qZiNxVsdR/gl22t2jjIOaAPsmTq6h2KRZI2qEsI7Y+IgPKjDcCtzS noK0+G+x4k8hn0FDOA+4+4cd3aXhpEORxtjkRbJ7t12e1E1ZIck0SVOzoqjoAq7p LmPVxRZBQWVqIcR5IHKx7EZYLxRBLPR74u4zuK86VpESJm8Ie15YiXHY4RpbJFfa NgpWn5XipOXMl6KzyE5bEyzAle/NyhwoMX6kJ7gPP7irOeBpDVoVG2Go+Iq1xHvB ZPiXszO1jjc=k0bc -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. Bug Fix(es): * sched/pelt: Fix attach_entity_load_avg() corner case (BZ#2105360) * RHEL9[fleetwood][P9]:kdump fails to capture vmcore when crash is triggered while running forkoff. (BZ#2109144) * ISST-LTE:[P10 Everest] [5.14.0-70.9.1.el9_0.ppc64le] HPT:RHEL9.0:ecolp95: lpar crashed at __list_del_entry_valid+0x90/0x100 and LPM failed (BZ#2112823) * [rhel9] livepatch panic: RIP: 0010:0xffffffffc0e070c4 seq_read_iter+0x124/0x4b0 (BZ#2122625) * System crashes due to list_add double add at iwl_mvm_mac_wake_tx_queue+0x71 (BZ#2123315) * [Dell EMC 9.0 BUG] Any process performing I/O doesn't fail on degraded LVM RAID and IO process hangs (BZ#2126215) * [HPEMC RHEL 9.0 REGRESSION] net, e810, ice: not enough device MSI-X vectors (BZ#2126491) * RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127874) * Enable check-kabi (BZ#2132372) * Add symbols to stablelist (BZ#2132373) * Update RHEL9.1 kabi tooling (BZ#2132380) * kABI: Prepare the MM subsystem for kABI lockdown (BZ#2133464) * [Dell Storage 9.1 BUG] NVME command hang during storage array node reboot (BZ#2133553) * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134589) * crypto/testmgr.c should not list dh, ecdh-nist-p256, ecdh-nist-p384 as .fips_allowed = 1 (BZ#2136523) * FIPS self-tests for RSA pkcs7 signature verification (BZ#2136552) * [ovs-tc] Bad length in dpctl/dump-flows (BZ#2137354) * [RHEL9] s_pf0vf2: hw csum failure for mlx5 (BZ#2137355) * kernel memory leak while freeing nested actions (BZ#2137356) * ovs: backports from upstream (BZ#2137358) * kernel should conform to FIPS-140-3 requirements (both parts) (BZ#2139095) * [DELL EMC 9.0-RT BUG] System is not booting into RT Kernel with perc12. (BZ#2139214) * Fix panic in nbd/004 test (BZ#2139535) * Nested KVM is not working on RHEL 8.6 with hardware error 0x7 (BZ#2140141) * [RHEL9] Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142169) 4. ========================================================================= Ubuntu Security Notice USN-5529-1 July 21, 2022 linux-oem-5.17 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-5.17: Linux kernel for OEM systems Details: It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1789) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle an illegal instruction in a guest, resulting in a null pointer dereference. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2022-1852) Gerald Lee discovered that the NTFS file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2022-1973) It was discovered that the netfilter subsystem in the Linux kernel contained a buffer overflow in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-5.17.0-1013-oem 5.17.0-1013.14 linux-image-oem-22.04 5.17.0.1013.12 linux-image-oem-22.04a 5.17.0.1013.12 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5529-1 CVE-2022-1652, CVE-2022-1679, CVE-2022-1789, CVE-2022-1852, CVE-2022-1973, CVE-2022-2078, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-34494, CVE-2022-34495 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.17/5.17.0-1013.14

Trust: 1.98

sources: NVD: CVE-2022-21123 // VULHUB: VHN-406835 // VULMON: CVE-2022-21123 // PACKETSTORM: 169411 // PACKETSTORM: 168018 // PACKETSTORM: 167549 // PACKETSTORM: 168213 // PACKETSTORM: 169304 // PACKETSTORM: 168076 // PACKETSTORM: 169688 // PACKETSTORM: 168503 // PACKETSTORM: 170226 // PACKETSTORM: 167785

AFFECTED PRODUCTS

vendor:	intel	model:	sgx psw	scope:	lt	version:	2.17.100.3	Trust: 1.0
vendor:	intel	model:	sgx dcap	scope:	lt	version:	1.14.100.3	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	*	Trust: 1.0
vendor:	intel	model:	sgx psw	scope:	lt	version:	2.16.100.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	11.0	Trust: 1.0
vendor:	intel	model:	sgx sdk	scope:	lt	version:	2.17.100.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	intel	model:	sgx sdk	scope:	lt	version:	2.16.100.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	36	Trust: 1.0
vendor:	vmware	model:	esxi	scope:	eq	version:	7.0	Trust: 1.0

sources: NVD: CVE-2022-21123

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-21123
value:	MEDIUM
Trust: 1.0
VULHUB:	VHN-406835
value:	LOW
Trust: 0.1
VULMON:	CVE-2022-21123
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2022-21123
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-406835
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-21123
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-406835 // VULMON: CVE-2022-21123 // NVD: CVE-2022-21123

PROBLEMTYPE DATA

problemtype:

CWE-459

Trust: 1.1

sources: VULHUB: VHN-406835 // NVD: CVE-2022-21123

THREAT TYPE

local

Trust: 0.2

sources: PACKETSTORM: 167549 // PACKETSTORM: 167785

TYPE

code execution

Trust: 0.1

sources: PACKETSTORM: 168076

PATCH

title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-21123	Trust: 0.1
title:	Ubuntu Security Notice: USN-5485-1: Linux kernel vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5485-1	Trust: 0.1
title:	Ubuntu Security Notice: USN-5485-2: Linux kernel (OEM) vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5485-2	Trust: 0.1
title:	Red Hat: Moderate: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225939 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226460 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226437 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225937 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227280 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226872 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227279 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: USN-5484-1: Linux kernel vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5484-1	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226991 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226983 - Security Advisory	Trust: 0.1
title:	Debian Security Advisories: DSA-5178-1 intel-microcode -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=1e914c5a2547786f7ee2aba93fa4c45a	Trust: 0.1
title:	Debian CVElist Bug Report Logs: xen: New unreleased upstream fixes for 6 vulnerabilities in testing/unstable	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5fdc49cb53af49972ab3ac47e5a6b1bd	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.5.3 security fixes and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226954 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Moderate:OpenShift Container Platform 4.11.5 security and extras update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226537 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Container Platform 4.11.5 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226536 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Openshift Logging Bug Fix Release and Security Update (5.3.12)	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226560 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: USN-5486-1: Intel Microcode vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5486-1	Trust: 0.1
title:	Red Hat: Important: OpenShift Virtualization 4.9.7 Images security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228609 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228974 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228973 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: USN-5535-1: Intel Microcode vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5535-1	Trust: 0.1
title:	Ubuntu Security Notice: USN-5529-1: Linux kernel (OEM) vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5529-1	Trust: 0.1
title:	Debian Security Advisories: DSA-5184-1 xen -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=37cc577a7d3df607e62854fc340b6435	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Container Platform 3.11.784 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226252 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Container Platform 4.10.39 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227211 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Container Platform 4.9.51 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227216 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Container Platform 4.8.53 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227874 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226271 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: USN-5513-1: Linux kernel (AWS) vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5513-1	Trust: 0.1
title:	Ubuntu Security Notice: USN-5505-1: Linux kernel vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5505-1	Trust: 0.1
title:	Red Hat: Critical: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226696 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228267 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227933 - Security Advisory	Trust: 0.1
title:	Debian Security Advisories: DSA-5173-1 linux -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=acd6d70f5129be4a1390575252ec92a6	Trust: 0.1
title:	Hardware attacks / State of the art	url:	https://github.com/codexlynx/hardware-attacks-state-of-the-art	Trust: 0.1
title:	veracode-container-security-finding-parser	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-21123

EXTERNAL IDS

db:	NVD	id:	CVE-2022-21123	Trust: 2.2
db:	OPENWALL	id:	OSS-SECURITY/2022/06/16/1	Trust: 1.2
db:	PACKETSTORM	id:	167785	Trust: 0.2
db:	PACKETSTORM	id:	169688	Trust: 0.2
db:	PACKETSTORM	id:	168018	Trust: 0.2
db:	PACKETSTORM	id:	168503	Trust: 0.2
db:	PACKETSTORM	id:	168076	Trust: 0.2
db:	PACKETSTORM	id:	167549	Trust: 0.2
db:	PACKETSTORM	id:	170226	Trust: 0.2
db:	PACKETSTORM	id:	169719	Trust: 0.1
db:	PACKETSTORM	id:	168294	Trust: 0.1
db:	PACKETSTORM	id:	169690	Trust: 0.1
db:	PACKETSTORM	id:	168021	Trust: 0.1
db:	PACKETSTORM	id:	168538	Trust: 0.1
db:	PACKETSTORM	id:	169695	Trust: 0.1
db:	PACKETSTORM	id:	169941	Trust: 0.1
db:	PACKETSTORM	id:	169997	Trust: 0.1
db:	PACKETSTORM	id:	167714	Trust: 0.1
db:	PACKETSTORM	id:	168461	Trust: 0.1
db:	PACKETSTORM	id:	168694	Trust: 0.1
db:	PACKETSTORM	id:	167862	Trust: 0.1
db:	PACKETSTORM	id:	168364	Trust: 0.1
db:	PACKETSTORM	id:	167692	Trust: 0.1
db:	PACKETSTORM	id:	167545	Trust: 0.1
db:	PACKETSTORM	id:	168355	Trust: 0.1
db:	PACKETSTORM	id:	167746	Trust: 0.1
db:	VULHUB	id:	VHN-406835	Trust: 0.1
db:	VULMON	id:	CVE-2022-21123	Trust: 0.1
db:	PACKETSTORM	id:	169411	Trust: 0.1
db:	PACKETSTORM	id:	168213	Trust: 0.1
db:	PACKETSTORM	id:	169304	Trust: 0.1

sources: VULHUB: VHN-406835 // VULMON: CVE-2022-21123 // PACKETSTORM: 169411 // PACKETSTORM: 168018 // PACKETSTORM: 167549 // PACKETSTORM: 168213 // PACKETSTORM: 169304 // PACKETSTORM: 168076 // PACKETSTORM: 169688 // PACKETSTORM: 168503 // PACKETSTORM: 170226 // PACKETSTORM: 167785 // NVD: CVE-2022-21123

REFERENCES

url:	https://security.gentoo.org/glsa/202208-23	Trust: 1.3
url:	https://security.netapp.com/advisory/ntap-20220624-0008/	Trust: 1.2
url:	https://www.debian.org/security/2022/dsa-5173	Trust: 1.2
url:	https://www.debian.org/security/2022/dsa-5178	Trust: 1.2
url:	https://www.debian.org/security/2022/dsa-5184	Trust: 1.2
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html	Trust: 1.2
url:	https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html	Trust: 1.2
url:	http://www.openwall.com/lists/oss-security/2022/06/16/1	Trust: 1.2
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/	Trust: 1.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21166	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21125	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21123	Trust: 0.9
url:	https://access.redhat.com/security/cve/cve-2022-21123	Trust: 0.7
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2022-21166	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2022-21125	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.4
url:	https://access.redhat.com/articles/11258	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.3
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-5485-1	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-2588	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2588	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-32206	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-32208	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-29154	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23816	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26363	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26364	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23825	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26362	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29900	Trust: 0.2
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/	Trust: 0.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/459.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-45486	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-45486	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:6991	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-45485	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-45485	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5939	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1080.87~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.13.0-1031.37	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1028.32~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.13.0-1030.33	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1010.13	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1028.32	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1085.90	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1101.112	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1011.15	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.13/5.13.0-51.58~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1048.51~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.13/5.13.0-1031.37~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1070.75	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1080.87~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1136.147	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1122.127	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1048.51	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1009.11	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.13.0-1033.40	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.13.0-1036.43	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1012.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1145.160	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-fde/5.4.0-1085.90+cvm1.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/4.15.0-187.198	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.13.0-51.58	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.15.0-39.42	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1048.53	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1130.146	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1078.86~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1085.90~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1010.15	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1080.87	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1076.82	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.13/5.13.0-1036.43~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1078.86	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.4.0-120.136	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.13/5.13.0-1031.35~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1012.15	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.13/5.13.0-1033.40~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1076.82~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-intel-5.13/5.13.0-1017.19	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1080.87	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-120.136~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.13.0-1031.35	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1010.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1013.17	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-39.42	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2097	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26116	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-26116	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25314	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2068	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27782	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1729	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-32250	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27776	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1292	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22576	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1586	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1966	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2068	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3177	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2097	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-26137	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40528	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1966	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25313	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1586	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1012	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26137	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27774	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1785	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1012	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-40528	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1897	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3177	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2526	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:6271	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29824	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-31129	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/xen	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://xenbits.xen.org/xsa/advisory-407.html	Trust: 0.1
url:	https://xenbits.xen.org/xsa/advisory-404.html	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28697	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28701	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28696	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23035	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28710	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23034	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28698	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28694	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28699	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28695	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28700	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28702	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:7279	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0391	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-20107	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-34903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32206	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-20107	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32208	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:6560	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-30631	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0391	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30631	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-34903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29154	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:8973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1158	Trust: 0.1
url:	https://access.redhat.com/solutions/6971358	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-43945	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29900	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23825	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1158	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26373	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29901	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2639	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29901	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2639	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-43945	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26373	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2959	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2959	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1789	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2078	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1679	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5529-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1973	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oem-5.17/5.17.0-1013.14	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1852	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1652	Trust: 0.1

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 169411 // PACKETSTORM: 168018 // PACKETSTORM: 168213 // PACKETSTORM: 169688 // PACKETSTORM: 168503 // PACKETSTORM: 170226

SOURCES

db:	VULHUB	id:	VHN-406835
db:	VULMON	id:	CVE-2022-21123
db:	PACKETSTORM	id:	169411
db:	PACKETSTORM	id:	168018
db:	PACKETSTORM	id:	167549
db:	PACKETSTORM	id:	168213
db:	PACKETSTORM	id:	169304
db:	PACKETSTORM	id:	168076
db:	PACKETSTORM	id:	169688
db:	PACKETSTORM	id:	168503
db:	PACKETSTORM	id:	170226
db:	PACKETSTORM	id:	167785
db:	NVD	id:	CVE-2022-21123

LAST UPDATE DATE

2024-09-17T19:52:02.644000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-406835	date:	2022-08-19T00:00:00
db:	VULMON	id:	CVE-2022-21123	date:	2023-11-07T00:00:00
db:	NVD	id:	CVE-2022-21123	date:	2023-11-07T03:43:25.240

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-406835	date:	2022-06-15T00:00:00
db:	VULMON	id:	CVE-2022-21123	date:	2022-06-15T00:00:00
db:	PACKETSTORM	id:	169411	date:	2022-10-18T22:30:59
db:	PACKETSTORM	id:	168018	date:	2022-08-10T15:50:10
db:	PACKETSTORM	id:	167549	date:	2022-06-20T16:17:04
db:	PACKETSTORM	id:	168213	date:	2022-09-01T16:30:25
db:	PACKETSTORM	id:	169304	date:	2022-07-28T19:12:00
db:	PACKETSTORM	id:	168076	date:	2022-08-15T16:03:21
db:	PACKETSTORM	id:	169688	date:	2022-11-02T14:59:50
db:	PACKETSTORM	id:	168503	date:	2022-09-26T15:37:32
db:	PACKETSTORM	id:	170226	date:	2022-12-14T15:49:10
db:	PACKETSTORM	id:	167785	date:	2022-07-21T20:41:25
db:	NVD	id:	CVE-2022-21123	date:	2022-06-15T20:15:17.503