ID

VAR-202207-0107


CVE

CVE-2022-2097


TITLE

AES-NI  Use assembly optimized implementation  32  bit  x86  In-memory data disclosure vulnerability in platform

Trust: 0.8

sources: JVNDB: JVNDB-2022-002433

DESCRIPTION

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). The issue in CVE-2022-1292 did not find other places in the `c_rehash` script where it possibly passed the file names of certificates being hashed to a command executed through the shell. Some operating systems distribute this script in a manner where it is automatically executed. On these operating systems, this flaw allows an malicious user to execute arbitrary commands with the privileges of the script. (CVE-2022-2097). Solution: The OpenShift Service Mesh Release Notes provide information on the features and known issues: https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html 4. JIRA issues fixed (https://issues.jboss.org/): OSSM-1105 - IOR doesn't support a host with namespace/ prefix OSSM-1205 - Specifying logging parameter will make istio-ingressgateway and istio-egressgateway failed to start OSSM-1668 - [Regression] jwksResolverCA field in SMCP is missing OSSM-1718 - Istio Operator pauses reconciliation when gateway deployed to non-control plane namespace OSSM-1775 - [Regression] Incorrect 3scale image specified for 2.0 control planes OSSM-1800 - IOR should copy labels from Gateway to Route OSSM-1805 - Reconcile SMCP when Kiali is not available OSSM-1846 - SMCP fails to reconcile when enabling PILOT_ENABLE_GATEWAY_API_DEPLOYMENT_CONTROLLER OSSM-1868 - Container release for Maistra 2.2.2 6. Summary: This is an updated release of the Self Node Remediation Operator. The Self Node Remediation Operator replaces the Poison Pill Operator, and is delivered by Red Hat Workload Availability. Description: The Self Node Remediation Operator works in conjunction with the Machine Health Check or the Node Health Check Operators to provide automatic remediation of unhealthy nodes by rebooting them. This minimizes downtime for stateful applications and RWO volumes, as well as restoring compute capacity in the event of transient failures. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.11.1 bug fix and security update Advisory ID: RHSA-2022:6103-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:6103 Issue date: 2022-08-23 CVE Names: CVE-2022-1012 CVE-2022-1292 CVE-2022-1586 CVE-2022-1785 CVE-2022-1897 CVE-2022-1927 CVE-2022-2068 CVE-2022-2097 CVE-2022-30629 CVE-2022-30631 CVE-2022-32250 ==================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2022:6102 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html Security Fix(es): * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-x86_64 The image digest is sha256:97410a5db655a9d3017b735c2c0747c849d09ff551765e49d5272b80c024a844 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-s390x The image digest is sha256:13734de7e796e46f5403ef9ee918be88c12fdc9b73acb8777e0cc7c56a276794 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-ppc64le The image digest is sha256:d0019b6b8b32cc9fea06562e6ce175086fa7de7b2b7dce171a8ac1a57f92f10b (For aarch64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-aarch64 The image digest is sha256:3394a79e173ac17bc96a7256665701d3d7e2a95535a12f2ceb19ceb41dcd6b79 All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2033256 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the module.vpc.aws_route_table.private_routes resource 2040715 - post 1.23 rebase: regression in service-load balancer reliability 2063622 - Failed to install the podman package from repo rhocp-4.10-for-rhel-8-x86_64-rpms 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2102576 - [4.11] [Cluster storage Operator] DefaultStorageClassController report fake message "No default StorageClass for this platform" on azure and openstack 2103638 - No need to pass to-image-base for `oc adm release new` command when use --from-release 2103899 - [OVN] bonding fails after active-backup fail-over and reboot, kargs static IP 2104386 - OVS-Configure doesn't iterate connection names containing spaces correctly 2104435 - [dpu-network-operator] Updating images to be consistent with ART 2104510 - Update ose-machine-config-operator images to be consistent with ART 2104687 - MCP upgrades can stall waiting for master node reboots since MCC no longer gets drained 2105056 - Openshift-Ansible RHEL 8 CI update 2105444 - [OVN] Node to service traffic is blocked if service is "internalTrafficPolicy: Local" even backed pod is on the same node 2106772 - openshift4/ose-operator-registry image is vulnerable to multiple CVEs 2106795 - crio umask sometimes set to 0000 2107003 - The bash completion doesn't work for get subcommand 2107045 - OLM updates namespace labels even if they haven't changed 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 2107777 - Pipeline status filter and status colors doesn't work correctly with non-english languages 2107871 - Import: Advanced option sentence is splited into two parts and headlines has no padding 2108021 - Machine Controller stuck with Terminated Instances while Provisioning on AWS 2109052 - Add to application dropdown options are not visible on application-grouping sidebar action dropdown. 2109205 - HTTPS_PROXY ENV missing in some CSI driver operators 2109270 - Kube controllers crash when nodes are shut off in OpenStack 2109489 - Reply to arp requests on interfaces with no ip 2109709 - Namespace value is missing on the list when selecting "All namespaces" for operators 2109731 - alertmanager-main pods failing to start due to startupprobe timeout 2109866 - Cannot delete a Machine if a VM got stuck in ERROR 2109977 - storageclass should not be created for unsupported vsphere version 2110482 - [vsphere] failed to create cluster if datacenter is embedded in a Folder 2110723 - openshift-tests: allow -f to match tests for any test suite 2110737 - Master node in SchedulingDisabled after upgrade from 4.10.24 -> 4.11.0-rc.4 2111037 - Affinity rule created in console deployment for single-replica infrastructure 2111347 - dummy bug for 4.10.z bz2111335 2111471 - Node internal DNS address is not set for machine 2111475 - Fetch internal IPs of vms from dhcp server 2111587 - [4.11] Export OVS metrics 2111619 - Pods are unable to reach clusterIP services, ovn-controller isn't installing the group mod flows correctly 2111992 - OpenShift controller manager needs permissions to get/create/update leases for leader election 2112297 - bond-cni: Backport "mac duplicates" 4.11 2112353 - lifecycle.posStart hook does not have network connectivity. 2112908 - Search resource "virtualmachine" in "Home -> Search" crashes the console 2112912 - sum_irate doesn't work in OCP 4.8 2113926 - hypershift cluster deployment hang due to nil pointer dereference for hostedControlPlane.Spec.Etcd.Managed 2113938 - Fix e2e tests for [reboots][machine_config_labels] (tsc=nowatchdog) 2114574 - can not upgrade. Incorrect reading of olm.maxOpenShiftVersion 2114602 - Upgrade failing because restrictive scc is injected into version pod 2114964 - kola dhcp.propagation test failing 2115315 - README file for helm charts coded in Chinese shows messy characters when viewing in developer perspective. 2115435 - [4.11] INIT container stuck forever 2115564 - ClusterVersion availableUpdates is stale: PromQL conditional risks vs. slow/stuck Thanos 2115817 - Updates / config metrics are not available in 4.11 2116009 - Node Tuning Operator(NTO) - OCP upgrade failed due to node-tuning CO still progressing 2116557 - Order of config attributes are not maintained during conversion of PT4l from ptpconfig to ptp4l.0.config file 2117223 - kubernetes-nmstate-operator fails to install with error "no channel heads (entries not replaced by another entry) found in channel" 2117324 - catalog-operator fatal error: concurrent map writes 2117353 - kola dhcp.propagation test out of memory 2117370 - Migrate openshift-ansible to ansible-core 2117746 - Bump to latest k8s.io 1.24 release 2118214 - dummy bug for 4.10.z bz2118209 2118375 - pass the "--quiet" option via the buildconfig for s2i 5. JIRA issues fixed (https://issues.jboss.org/): OCPBUGS-1 - Test Bug 6. References: https://access.redhat.com/security/cve/CVE-2022-1012 https://access.redhat.com/security/cve/CVE-2022-1292 https://access.redhat.com/security/cve/CVE-2022-1586 https://access.redhat.com/security/cve/CVE-2022-1785 https://access.redhat.com/security/cve/CVE-2022-1897 https://access.redhat.com/security/cve/CVE-2022-1927 https://access.redhat.com/security/cve/CVE-2022-2068 https://access.redhat.com/security/cve/CVE-2022-2097 https://access.redhat.com/security/cve/CVE-2022-30629 https://access.redhat.com/security/cve/CVE-2022-30631 https://access.redhat.com/security/cve/CVE-2022-32250 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYwUXddzjgjWX9erEAQhaVQ/+LoSAe5mCgjPe0+gupmu0jxSmErna51Gz LBlcOWhmgSi2LDYiLl0x5fIg1rQuFX87rSqo0397m7k4Wcon7ztOeDBAtc120fbP i3N+2C+t2wrRPkObvGYKwiCj15+CZP/pIoTQqBlwzqcMAOBLPkXmyXgPaGiA12W7 MoZlSyeEfyx2r636op+e9GC6ysmP2Jq7v+IU2H5/fK7fwPb2lnEIqZV/VXQB4+n7 U7x4Rlng+iLwqalJjCgWY8VLHBQPbIkAQoWS1rMj4f/VEzdbJf7tXNwJOBlPaaJ0 qn8aVZt0b0DMnW0NERm08jg6SYIx8jwMjC/E9Y+JkLdI4nO7f22TOEXgocKHpSMi jm6yLG6Klvjio8rT0+tYB9QBgo8owR5QxhTH3+ffcdlNqDWk33wt8da2n0vCKY4w iC1p3bTxCFdxkPz8FkF/p+nVrI5ZGTNd94Q29YiK+BtlGVAVGGqk208YVcQ85RH2 8YQminXLeLt/RA4cKm/4eq5PlGW7lXAsKVM4UxiYZdqWe/WFuW5zoaF1IdcbNL1p dZaaS1Dy9KvEzF6LPeVFcBg7ouGkdWtBwWQcEGV4bzPjbik8HkiIOkd4J1uT6KHs di3yYWJc3Q1mHuXV7byNUhaQQtpkiB/jDAUiQ0ggOfTawBbwleBMgxwUt38sMtpV 6FmWxlUydm8=6nTC -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . This advisory contains the following OpenShift Virtualization 4.11.0 images: RHEL-8-CNV-4.11 ==============hostpath-provisioner-container-v4.11.0-21 kubevirt-tekton-tasks-operator-container-v4.11.0-29 kubevirt-template-validator-container-v4.11.0-17 bridge-marker-container-v4.11.0-26 hostpath-csi-driver-container-v4.11.0-21 cluster-network-addons-operator-container-v4.11.0-26 ovs-cni-marker-container-v4.11.0-26 virtio-win-container-v4.11.0-16 ovs-cni-plugin-container-v4.11.0-26 kubemacpool-container-v4.11.0-26 hostpath-provisioner-operator-container-v4.11.0-24 cnv-containernetworking-plugins-container-v4.11.0-26 kubevirt-ssp-operator-container-v4.11.0-54 virt-cdi-uploadserver-container-v4.11.0-59 virt-cdi-cloner-container-v4.11.0-59 virt-cdi-operator-container-v4.11.0-59 virt-cdi-importer-container-v4.11.0-59 virt-cdi-uploadproxy-container-v4.11.0-59 virt-cdi-controller-container-v4.11.0-59 virt-cdi-apiserver-container-v4.11.0-59 kubevirt-tekton-tasks-modify-vm-template-container-v4.11.0-7 kubevirt-tekton-tasks-create-vm-from-template-container-v4.11.0-7 kubevirt-tekton-tasks-copy-template-container-v4.11.0-7 checkup-framework-container-v4.11.0-67 kubevirt-tekton-tasks-cleanup-vm-container-v4.11.0-7 kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.0-7 kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.0-7 kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.0-7 vm-network-latency-checkup-container-v4.11.0-67 kubevirt-tekton-tasks-create-datavolume-container-v4.11.0-7 hyperconverged-cluster-webhook-container-v4.11.0-95 cnv-must-gather-container-v4.11.0-62 hyperconverged-cluster-operator-container-v4.11.0-95 kubevirt-console-plugin-container-v4.11.0-83 virt-controller-container-v4.11.0-105 virt-handler-container-v4.11.0-105 virt-operator-container-v4.11.0-105 virt-launcher-container-v4.11.0-105 virt-artifacts-server-container-v4.11.0-105 virt-api-container-v4.11.0-105 libguestfs-tools-container-v4.11.0-105 hco-bundle-registry-container-v4.11.0-587 Security Fix(es): * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798) * golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) * golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772) * golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773) * golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1937609 - VM cannot be restarted 1945593 - Live migration should be blocked for VMs with host devices 1968514 - [RFE] Add cancel migration action to virtctl 1993109 - CNV MacOS Client not signed 1994604 - [RFE] - Add a feature to virtctl to print out a message if virtctl is a different version than the server side 2001385 - no "name" label in virt-operator pod 2009793 - KBase to clarify nested support status is missing 2010318 - with sysprep config data as cfgmap volume and as cdrom disk a windows10 VMI fails to LiveMigrate 2025276 - No permissions when trying to clone to a different namespace (as Kubeadmin) 2025401 - [TEST ONLY] [CNV+OCS/ODF] Virtualization poison pill implemenation 2026357 - Migration in sequence can be reported as failed even when it succeeded 2029349 - cluster-network-addons-operator does not serve metrics through HTTPS 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error 2031857 - Add annotation for URL to download the image 2033077 - KubeVirtComponentExceedsRequestedMemory Prometheus Rule is Failing to Evaluate 2035344 - kubemacpool-mac-controller-manager not ready 2036676 - NoReadyVirtController and NoReadyVirtOperator are never triggered 2039976 - Pod stuck in "Terminating" state when removing VM with kernel boot and container disks 2040766 - A crashed Windows VM cannot be restarted with virtctl or the UI 2041467 - [SSP] Support custom DataImportCron creating in custom namespaces 2042402 - LiveMigration with postcopy misbehave when failure occurs 2042809 - sysprep disk requires autounattend.xml if an unattend.xml exists 2045086 - KubeVirtComponentExceedsRequestedMemory Prometheus Rule is Failing to Evaluate 2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2047186 - When entering to a RH supported template, it changes the project (namespace) to ?OpenShift? 2051899 - 4.11.0 containers 2052094 - [rhel9-cnv] VM fails to start, virt-handler error msg: Couldn't configure ip nat rules 2052466 - Event does not include reason for inability to live migrate 2052689 - Overhead Memory consumption calculations are incorrect 2053429 - CVE-2022-23806 golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control 2056467 - virt-template-validator pods getting scheduled on the same node 2057157 - [4.10.0] HPP-CSI-PVC fails to bind PVC when node fqdn is long 2057310 - qemu-guest-agent does not report information due to selinux denials 2058149 - cluster-network-addons-operator deployment's MULTUS_IMAGE is pointing to brew image 2058925 - Must-gather: for vms with longer name, gather_vms_details fails to collect qemu, dump xml logs 2059121 - [CNV-4.11-rhel9] virt-handler pod CrashLoopBackOff state 2060485 - virtualMachine with duplicate interfaces name causes MACs to be rejected by Kubemacpool 2060585 - [SNO] Failed to find the virt-controller leader pod 2061208 - Cannot delete network Interface if VM has multiqueue for networking enabled. 2061723 - Prevent new DataImportCron to manage DataSource if multiple DataImportCron pointing to same DataSource 2063540 - [CNV-4.11] Authorization Failed When Cloning Source Namespace 2063792 - No DataImportCron for CentOS 7 2064034 - On an upgraded cluster NetworkAddonsConfig seems to be reconciling in a loop 2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server 2064857 - CVE-2022-24921 golang: regexp: stack exhaustion via a deeply nested expression 2064936 - Migration of vm from VMware reports pvc not large enough 2065014 - Feature Highlights in CNV 4.10 contains links to 4.7 2065019 - "Running VMs per template" in the new overview tab counts VMs that are not running 2066768 - [CNV-4.11-HCO] User Cannot List Resource "namespaces" in API group 2067246 - [CNV]: Unable to ssh to Virtual Machine post changing Flavor tiny to custom 2069287 - Two annotations for VM Template provider name 2069388 - [CNV-4.11] kubemacpool-mac-controller - TLS handshake error 2070366 - VM Snapshot Restore hangs indefinitely when backed by a snapshotclass 2070864 - non-privileged user cannot see catalog tiles 2071488 - "Migrate Node to Node" is confusing. 2071549 - [rhel-9] unable to create a non-root virt-launcher based VM 2071611 - Metrics documentation generators are missing metrics/recording rules 2071921 - Kubevirt RPM is not being built 2073669 - [rhel-9] VM fails to start 2073679 - [rhel-8] VM fails to start: missing virt-launcher-monitor downstream 2073982 - [CNV-4.11-RHEL9] 'virtctl' binary fails with 'rc1' with 'virtctl version' command 2074337 - VM created from registry cannot be started 2075200 - VLAN filtering cannot be configured with Intel X710 2075409 - [CNV-4.11-rhel9] hco-operator and hco-webhook pods CrashLoopBackOff 2076292 - Upgrade from 4.10.1->4.11 using nightly channel, is not completing with error "could not complete the upgrade process. KubeVirt is not with the expected version. Check KubeVirt observed version in the status field of its CR" 2076379 - must-gather: ruletables and qemu logs collected as a part of gather_vm_details scripts are zero bytes file 2076790 - Alert SSPDown is constantly in Firing state 2076908 - clicking on a template in the Running VMs per Template card leads to 404 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar 2078700 - Windows template boot source should be blank 2078703 - [RFE] Please hide the user defined password when customizing cloud-init 2078709 - VM conditions column have wrong key/values 2078728 - Common template rootDisk is not named correctly 2079366 - rootdisk is not able to edit 2079674 - Configuring preferred node affinity in the console results in wrong yaml and unschedulable VM 2079783 - Actions are broken in topology view 2080132 - virt-launcher logs live migration in nanoseconds if the migration is stuck 2080155 - [RFE] Provide the progress of VM migration in the source virt launcher pod 2080547 - Metrics kubevirt_hco_out_of_band_modifications_count, does not reflect correct modification count when label is added to priorityclass/kubevirt-cluster-critical in a loop 2080833 - Missing cloud init script editor in the scripts tab 2080835 - SSH key is set using cloud init script instead of new api 2081182 - VM SSH command generated by UI points at api VIP 2081202 - cloud-init for Windows VM generated with corrupted "undefined" section 2081409 - when viewing a common template details page, user need to see the message "can't edit common template" on all tabs 2081671 - SSH service created outside the UI is not discoverable 2081831 - [RFE] Improve disk hotplug UX 2082008 - LiveMigration fails due to loss of connection to destination host 2082164 - Migration progress timeout expects absolute progress 2082912 - [CNV-4.11] HCO Being Unable to Reconcile State 2083093 - VM overview tab is crashed 2083097 - ?Mount Windows drivers disk? should not show when the template is not ?windows? 2083100 - Something keeps loading in the ?node selector? modal 2083101 - ?Restore default settings? never become available while editing CPU/Memory 2083135 - VM fails to schedule with vTPM in spec 2083256 - SSP Reconcile logging improvement when CR resources are changed 2083595 - [RFE] Disable VM descheduler if the VM is not live migratable 2084102 - [e2e] Many elements are lacking proper selector like 'data-test-id' or 'data-test' 2084122 - [4.11]Clone from filesystem to block on storage api with the same size fails 2084418 - ?Invalid SSH public key format? appears when drag ssh key file to ?Authorized SSH Key? field 2084431 - User credentials for ssh is not in correct format 2084476 - The Virtual Machine Authorized SSH Key is not shown in the scripts tab. 2084532 - Console is crashed while detaching disk 2084610 - Newly added Kubevirt-plugin pod is missing resources.requests values (cpu/memory) 2085320 - Tolerations rules is not adding correctly 2085322 - Not able to stop/restart VM if the VM is staying in "Starting" 2086272 - [dark mode] Titles in Overview tab not visible enough in dark mode 2086278 - Cloud init script edit add " hostname='' " when is should not be added 2086281 - [dark mode] Helper text in Scripts tab not visible enough on dark mode 2086286 - [dark mode] The contrast of the Labels and edit labels not look good in the dark mode 2086293 - [dark mode] Titles in Parameters tab not visible enough in dark mode 2086294 - [dark mode] Can't see the number inside the donut chart in VMs per template card 2086303 - non-priv user can't create VM when namespace is not selected 2086479 - some modals use ?Save? and some modals use ?Submit? 2086486 - cluster overview getting started card include old information 2086488 - Cannot cancel vm migration if the migration pod is not schedulable in the backend 2086769 - Missing vm.kubevirt.io/template.namespace label when creating VM with the wizard 2086803 - When clonnig a template we need to update vm labels and annotaions to match new template 2086825 - VM restore PVC uses exact source PVC request size 2086849 - Create from YAML example is not runnable 2087188 - When VM is stopped - adding disk failed to show 2087189 - When VM is stopped - adding disk failed to show 2087232 - When chosing a vm or template while in all-namespace, and returning to list, namespace is changed 2087546 - "Quick Starts" is missing in Getting started card 2087547 - Activity and Status card are missing in Virtualization Overview 2087559 - template in "VMs per template" should take user to vm list page 2087566 - Remove the ?auto upload? label from template in the catalog if the auto-upload boot source not exists 2087570 - Page title should be ?VirtualMachines? and not ?Virtual Machines? 2087577 - "VMs per template" load time is a bit long 2087578 - Terminology "VM" should be "Virtual Machine" in all places 2087582 - Remove VMI and MTV from the navigation 2087583 - [RFE] Show more info about boot source in template list 2087584 - Template provider should not be mandatory 2087587 - Improve the descriptive text in the kebab menu of template 2087589 - Red icons shows in storage disk source selection without a good reason 2087590 - [REF] "Upload a new file to a PVC" should not open the form in a new tab 2087593 - "Boot method" is not a good name in overview tab 2087603 - Align details card for single VM overview with the design doc 2087616 - align the utilization card of single VM overview with the design 2087701 - [RFE] Missing a link to VMI from running VM details page 2087717 - Message when editing template boot source is wrong 2088034 - Virtualization Overview crashes when a VirtualMachine has no labels 2088355 - disk modal shows all storage classes as default 2088361 - Attached disk keeps in loading status when add disk to a power off VM by non-privileged user 2088379 - Create VM from catalog does not respect the storageclass of the template's boot source 2088407 - Missing create button in the template list 2088471 - [HPP] hostpath-provisioner-csi does not comply with restricted security context 2088472 - Golden Images import cron jobs are not getting updated on upgrade to 4.11 2088477 - [4.11.z] VMSnapshot restore fails to provision volume with size mismatch error 2088849 - "dataimportcrontemplate.kubevirt.io/enable" field does not do any validation 2089078 - ConsolePlugin kubevirt-plugin is not getting reconciled by hco 2089271 - Virtualization appears twice in sidebar 2089327 - add network modal crash when no networks available 2089376 - Virtual Machine Template without dataVolumeTemplates gets blank page 2089477 - [RFE] Allow upload source when adding VM disk 2089700 - Drive column in Disks card of Overview page has duplicated values 2089745 - When removing all disks from customize wizard app crashes 2089789 - Add windows drivers disk is missing when template is not windows 2089825 - Top consumers card on Virtualization Overview page should keep display parameters as set by user 2089836 - Card titles on single VM Overview page does not have hyperlinks to relevant pages 2089840 - Cant create snapshot if VM is without disks 2089877 - Utilization card on single VM overview - timespan menu lacks 5min option 2089932 - Top consumers card on single VM overview - View by resource dropdown menu needs an update 2089942 - Utilization card on single VM overview - trend charts at the bottom should be linked to proper metrics 2089954 - Details card on single VM overview - VNC console has grey padding 2089963 - Details card on single VM overview - Operating system info is not available 2089967 - Network Interfaces card on single VM overview - name tooltip lacks info 2089970 - Network Interfaces card on single VM overview - IP tooltip 2089972 - Disks card on single VM overview -typo 2089979 - Single VM Details - CPU|Memory edit icon misplaced 2089982 - Single VM Details - SSH modal has redundant VM name 2090035 - Alert card is missing in single VM overview 2090036 - OS should be "Operating system" and host should be "hostname" in single vm overview 2090037 - Add template link in single vm overview details card 2090038 - The update field under the version in overview should be consistent with the operator page 2090042 - Move the edit button close to the text for "boot order" and "ssh access" 2090043 - "No resource selected" in vm boot order 2090046 - Hardware devices section In the VM details and Template details should be aligned with catalog page 2090048 - "Boot mode" should be editable while VM is running 2090054 - Services ?kubernetes" and "openshift" should not be listing in vm details 2090055 - Add link to vm template in vm details page 2090056 - "Something went wrong" shows on VM "Environment" tab 2090057 - "?" icon is too big in environment and disk tab 2090059 - Failed to add configmap in environment tab due to validate error 2090064 - Miss "remote desktop" in console dropdown list for windows VM 2090066 - [RFE] Improve guest login credentials 2090068 - Make the "name" and "Source" column wider in vm disk tab 2090131 - Key's value in "add affinity rule" modal is too small 2090350 - memory leak in virt-launcher process 2091003 - SSH service is not deleted along the VM 2091058 - After VM gets deleted, the user is redirected to a page with a different namespace 2091309 - While disabling a golden image via HCO, user should not be required to enter the whole spec. 2091406 - wrong template namespace label when creating a vm with wizard 2091754 - Scheduling and scripts tab should be editable while the VM is running 2091755 - Change bottom "Save" to "Apply" on cloud-init script form 2091756 - The root disk of cloned template should be editable 2091758 - "OS" should be "Operating system" in template filter 2091760 - The provider should be empty if it's not set during cloning 2091761 - Miss "Edit labels" and "Edit annotations" in template kebab button 2091762 - Move notification above the tabs in template details page 2091764 - Clone a template should lead to the template details 2091765 - "Edit bootsource" is keeping in load in template actions dropdown 2091766 - "Are you sure you want to leave this page?" pops up when click the "Templates" link 2091853 - On Snapshot tab of single VM "Restore" button should move to the kebab actions together with the Delete 2091863 - BootSource edit modal should list affected templates 2091868 - Catalog list view has two columns named "BootSource" 2091889 - Devices should be editable for customize template 2091897 - username is missing in the generated ssh command 2091904 - VM is not started if adding "Authorized SSH Key" during vm creation 2091911 - virt-launcher pod remains as NonRoot after LiveMigrating VM from NonRoot to Root 2091940 - SSH is not enabled in vm details after restart the VM 2091945 - delete a template should lead to templates list 2091946 - Add disk modal shows wrong units 2091982 - Got a lot of "Reconciler error" in cdi-deployment log after adding custom DataImportCron to hco 2092048 - When Boot from CD is checked in customized VM creation - Disk source should be Blank 2092052 - Virtualization should be omitted in Calatog breadcrumbs 2092071 - Getting started card in Virtualization overview can not be hidden. 2092079 - Error message stays even when problematic field is dismissed 2092158 - PrometheusRule kubevirt-hyperconverged-prometheus-rule is not getting reconciled by HCO 2092228 - Ensure Machine Type for new VMs is 8.6 2092230 - [RFE] Add indication/mark to deprecated template 2092306 - VM is stucking with WaitingForVolumeBinding if creating via "Boot from CD" 2092337 - os is empty in VM details page 2092359 - [e2e] data-test-id includes all pvc name 2092654 - [RFE] No obvious way to delete the ssh key from the VM 2092662 - No url example for rhel and windows template 2092663 - no hyperlink for URL example in disk source "url" 2092664 - no hyperlink to the cdi uploadproxy URL 2092781 - Details card should be removed for non admins. 2092783 - Top consumers' card should be removed for non admins. 2092787 - Operators links should be removed from Getting started card 2092789 - "Learn more about Operators" link should lead to the Red Hat documentation 2092951 - ?Edit BootSource? action should have more explicit information when disabled 2093282 - Remove links to 'all-namespaces/' for non-privileged user 2093691 - Creation flow drawer left padding is broken 2093713 - Required fields in creation flow should be highlighted if empty 2093715 - Optional parameters section in creation flow is missing bottom padding 2093716 - CPU|Memory modal button should say "Restore template settings? 2093772 - Add a service in environment it reminds a pending change in boot order 2093773 - Console crashed if adding a service without serial number 2093866 - Cannot create vm from the template `vm-template-example` 2093867 - OS for template 'vm-template-example' should matching the version of the image 2094202 - Cloud-init username field should have hint 2094207 - Cloud-init password field should have auto-generate option 2094208 - SSH key input is missing validation 2094217 - YAML view should reflect shanges in SSH form 2094222 - "?" icon should be placed after red asterisk in required fields 2094323 - Workload profile should be editable in template details page 2094405 - adding resource on enviornment isnt showing on disks list when vm is running 2094440 - Utilization pie charts figures are not based on current data 2094451 - PVC selection in VM creation flow does not work for non-priv user 2094453 - CD Source selection in VM creation flow is missing Upload option 2094465 - Typo in Source tooltip 2094471 - Node selector modal for non-privileged user 2094481 - Tolerations modal for non-privileged user 2094486 - Add affinity rule modal 2094491 - Affinity rules modal button 2094495 - Descheduler modal has same text in two lines 2094646 - [e2e] Elements on scheduling tab are missing proper data-test-id 2094665 - Dedicated Resources modal for non-privileged user 2094678 - Secrets and ConfigMaps can't be added to Windows VM 2094727 - Creation flow should have VM info in header row 2094807 - hardware devices dropdown has group title even with no devices in cluster 2094813 - Cloudinit password is seen in wizard 2094848 - Details card on Overview page - 'View details' link is missing 2095125 - OS is empty in the clone modal 2095129 - "undefined" appears in rootdisk line in clone modal 2095224 - affinity modal for non-privileged users 2095529 - VM migration cancelation in kebab action should have shorter name 2095530 - Column sizes in VM list view 2095532 - Node column in VM list view is visible to non-privileged user 2095537 - Utilization card information should display pie charts as current data and sparkline charts as overtime 2095570 - Details tab of VM should not have Node info for non-privileged user 2095573 - Disks created as environment or scripts should have proper label 2095953 - VNC console controls layout 2095955 - VNC console tabs 2096166 - Template "vm-template-example" is binding with namespace "default" 2096206 - Inconsistent capitalization in Template Actions 2096208 - Templates in the catalog list is not sorted 2096263 - Incorrectly displaying units for Disks size or Memory field in various places 2096333 - virtualization overview, related operators title is not aligned 2096492 - Cannot create vm from a cloned template if its boot source is edited 2096502 - "Restore template settings" should be removed from template CPU editor 2096510 - VM can be created without any disk 2096511 - Template shows "no Boot Source" and label "Source available" at the same time 2096620 - in templates list, edit boot reference kebab action opens a modal with different title 2096781 - Remove boot source provider while edit boot source reference 2096801 - vnc thumbnail in virtual machine overview should be active on page load 2096845 - Windows template's scripts tab is crashed 2097328 - virtctl guestfs shouldn't required uid = 0 2097370 - missing titles for optional parameters in wizard customization page 2097465 - Count is not updating for 'prometheusrule' component when metrics kubevirt_hco_out_of_band_modifications_count executed 2097586 - AccessMode should stay on ReadWriteOnce while editing a disk with storage class HPP 2098134 - "Workload profile" column is not showing completely in template list 2098135 - Workload is not showing correct in catalog after change the template's workload 2098282 - Javascript error when changing boot source of custom template to be an uploaded file 2099443 - No "Quick create virtualmachine" button for template 'vm-template-example' 2099533 - ConsoleQuickStart for HCO CR's VM is missing 2099535 - The cdi-uploadproxy certificate url should be opened in a new tab 2099539 - No storage option for upload while editing a disk 2099566 - Cloudinit should be replaced by cloud-init in all places 2099608 - "DynamicB" shows in vm-example disk size 2099633 - Doc links needs to be updated 2099639 - Remove user line from the ssh command section 2099802 - Details card link shouldn't be hard-coded 2100054 - Windows VM with WSL2 guest fails to migrate 2100284 - Virtualization overview is crashed 2100415 - HCO is taking too much time for reconciling kubevirt-plugin deployment 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 2101164 - [dark mode] Number of alerts in Alerts card not visible enough in dark mode 2101192 - AccessMode should stay on ReadWriteOnce while editing a disk with storage class HPP 2101430 - Using CLOUD_USER_PASSWORD in Templates parameters breaks VM review page 2101454 - Cannot add PVC boot source to template in 'Edit Boot Source Reference' view as a non-priv user 2101485 - Cloudinit should be replaced by cloud-init in all places 2101628 - non-priv user cannot load dataSource while edit template's rootdisk 2101954 - [4.11]Smart clone and csi clone leaves tmp unbound PVC and ObjectTransfer 2102076 - Using CLOUD_USER_PASSWORD in Templates parameters breaks VM review page 2102116 - [e2e] elements on Template Scheduling tab are missing proper data-test-id 2102117 - [e2e] elements on VM Scripts tab are missing proper data-test-id 2102122 - non-priv user cannot load dataSource while edit template's rootdisk 2102124 - Cannot add PVC boot source to template in 'Edit Boot Source Reference' view as a non-priv user 2102125 - vm clone modal is displaying DV size instead of PVC size 2102127 - Cannot add NIC to VM template as non-priv user 2102129 - All templates are labeling "source available" in template list page 2102131 - The number of hardware devices is not correct in vm overview tab 2102135 - [dark mode] Number of alerts in Alerts card not visible enough in dark mode 2102143 - vm clone modal is displaying DV size instead of PVC size 2102256 - Add button moved to right 2102448 - VM disk is deleted by uncheck "Delete disks (1x)" on delete modal 2102543 - Add button moved to right 2102544 - VM disk is deleted by uncheck "Delete disks (1x)" on delete modal 2102545 - VM filter has two "Other" checkboxes which are triggered together 2104617 - Storage status report "OpenShift Data Foundation is not available" even the operator is installed 2106175 - All pages are crashed after visit Virtualization -> Overview 2106258 - All pages are crashed after visit Virtualization -> Overview 2110178 - [Docs] Text repetition in Virtual Disk Hot plug instructions 2111359 - kubevirt plugin console is crashed after creating a vm with 2 nics 2111562 - kubevirt plugin console crashed after visit vmi page 2117872 - CVE-2022-1798 kubeVirt: Arbitrary file read on the host from KubeVirt VMs 5. Bugs fixed (https://bugzilla.redhat.com/): 2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays 2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service 5. JIRA issues fixed (https://issues.jboss.org/): LOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster LOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch LOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn't support multiple CAs LOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. LOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value LOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed LOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue LOG-3310 - [release-5.5] Can't choose correct CA ConfigMap Key when creating lokistack in Console LOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config 6. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Bugs fixed (https://bugzilla.redhat.com/): 2081494 - CVE-2022-1292 openssl: c_rehash script allows command injection 2097310 - CVE-2022-2068 openssl: the c_rehash script allows command injection 2100554 - OpenSSL testsuite certificates expired [rhel-8.6.0.z] 2104905 - CVE-2022-2097 openssl: AES OCB fails to encrypt some bytes 6. Package List: Red Hat Enterprise Linux BaseOS (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7

Trust: 2.43

sources: NVD: CVE-2022-2097 // JVNDB: JVNDB-2022-002433 // VULMON: CVE-2022-2097 // PACKETSTORM: 168222 // PACKETSTORM: 168182 // PACKETSTORM: 168139 // PACKETSTORM: 168392 // PACKETSTORM: 168289 // PACKETSTORM: 170179 // PACKETSTORM: 170162 // PACKETSTORM: 167948

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontap antivirus connectorscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.1.1

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:1.1.1q

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:36

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:3.0.0

Trust: 1.0

vendor:siemensmodel:sinec insscope:ltversion:1.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:3.0.5

Trust: 1.0

vendor:siemensmodel:sinec insscope:eqversion:1.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:netappmodel:active iq unified managerscope: - version: -

Trust: 0.8

vendor:日立model:hitachi tuning managerscope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope: - version: -

Trust: 0.8

vendor:日立model:hitachi device managerscope: - version: -

Trust: 0.8

vendor:日本電気model:spoolserver/reportfilingscope: - version: -

Trust: 0.8

vendor:netappmodel:h410cscope: - version: -

Trust: 0.8

vendor:netappmodel:h410sscope: - version: -

Trust: 0.8

vendor:日本電気model:nec cyber security platformscope: - version: -

Trust: 0.8

vendor:日本電気model:witchymailscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:netappmodel:h500sscope: - version: -

Trust: 0.8

vendor:netappmodel:h300sscope: - version: -

Trust: 0.8

vendor:netappmodel:h700sscope: - version: -

Trust: 0.8

vendor:netappmodel:clustered data ontap antivirus connectorscope: - version: -

Trust: 0.8

vendor:日立model:日立アドバンストサーバ ha8000v シリーズscope: - version: -

Trust: 0.8

vendor:日本電気model:univergescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-002433 // NVD: CVE-2022-2097

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-2097
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-2097
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-379
value: MEDIUM

Trust: 0.6

VULMON: CVE-2022-2097
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-2097
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2022-2097
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2022-2097
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2022-2097 // JVNDB: JVNDB-2022-002433 // CNNVD: CNNVD-202207-379 // NVD: CVE-2022-2097

PROBLEMTYPE DATA

problemtype:CWE-327

Trust: 1.0

problemtype:Inappropriate cryptographic strength (CWE-326) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-002433 // NVD: CVE-2022-2097

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202207-379

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-202207-379

PATCH

title:hitachi-sec-2023-126url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/

Trust: 0.8

title:OpenSSL Fixes for encryption problem vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=205716

Trust: 0.6

title:Amazon Linux 2: ALAS2-2023-1974url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2023-1974

Trust: 0.1

title:Red Hat: url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-2097

Trust: 0.1

title:Debian CVElist Bug Report Logs: openssl: CVE-2022-2097url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=740b837c53d462fc86f3cb0849b86ca0

Trust: 0.1

title:Red Hat: Moderate: openssl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225818 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: openssl security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226224 - Security Advisory

Trust: 0.1

title:Debian Security Advisories: DSA-5343-1 openssl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=b6a11b827fe9cfaea9c113b2ad37856f

Trust: 0.1

title:Red Hat: Important: Release of containers for OSP 16.2.z director operator tech previewurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226517 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Self Node Remediation Operator 0.4.1 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226184 - Security Advisory

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-147url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-147

Trust: 0.1

title:Red Hat: Critical: Multicluster Engine for Kubernetes 2.0.2 security and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226422 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.11.1 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226103 - Security Advisory

Trust: 0.1

title:Brocade Security Advisories: Access Deniedurl:https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=38e06d13217149784c0941a3098b8989

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-195url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-195

Trust: 0.1

title:Red Hat: Important: Node Maintenance Operator 4.11.1 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226188 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Openshift Logging Security and Bug Fix update (5.3.11)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226182 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Logging Subsystem 5.5.0 - Red Hat OpenShift security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226051 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift Service Mesh 2.2.2 Containers security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226283 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Logging Subsystem 5.4.5 Security and Bug Fix Updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226183 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226507 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: RHOSDT 2.6.0 operator/operand containers Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227055 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift sandboxed containers 1.3.1 security fix and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227058 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: New container image for Red Hat Ceph Storage 5.2 Security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226024 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: RHACS 3.72 enhancement and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226714 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226290 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Gatekeeper Operator v0.2 security and container updatesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226348 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Multicluster Engine for Kubernetes 2.1 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226345 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: RHSA: Submariner 0.13 - security and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226346 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226430 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226370 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226271 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226696 - Security Advisory

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Centerurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2023-126

Trust: 0.1

title:Red Hat: Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226156 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Virtualization 4.11.1 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228750 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Virtualization 4.11.0 Images security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226526 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226429 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Virtualization 4.12.0 Images security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20230408 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Openshift Logging 5.3.14 bug fix release and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228889 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228781 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225069 - Security Advisory

Trust: 0.1

title:https://github.com/jntass/TASSL-1.1.1url:https://github.com/jntass/TASSL-1.1.1

Trust: 0.1

title:BIF - The Fairwinds Base Image Finder Clienturl:https://github.com/FairwindsOps/bif

Trust: 0.1

title:https://github.com/tianocore-docs/ThirdPartySecurityAdvisoriesurl:https://github.com/tianocore-docs/ThirdPartySecurityAdvisories

Trust: 0.1

title:GitHub Actions CI App Pipelineurl:https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc

Trust: 0.1

title:https://github.com/cdupuis/image-apiurl:https://github.com/cdupuis/image-api

Trust: 0.1

title:OpenSSL-CVE-liburl:https://github.com/chnzzh/OpenSSL-CVE-lib

Trust: 0.1

title:PoC in GitHuburl:https://github.com/nomi-sec/PoC-in-GitHub

Trust: 0.1

title:PoC in GitHuburl:https://github.com/manas3c/CVE-POC

Trust: 0.1

sources: VULMON: CVE-2022-2097 // JVNDB: JVNDB-2022-002433 // CNNVD: CNNVD-202207-379

EXTERNAL IDS

db:NVDid:CVE-2022-2097

Trust: 4.1

db:SIEMENSid:SSA-332410

Trust: 1.7

db:ICS CERTid:ICSA-23-017-03

Trust: 0.9

db:JVNid:JVNVU93250330

Trust: 0.8

db:JVNid:JVNVU90782730

Trust: 0.8

db:JVNid:JVNVU96381485

Trust: 0.8

db:JVNid:JVNVU99464755

Trust: 0.8

db:ICS CERTid:ICSA-24-165-10

Trust: 0.8

db:ICS CERTid:ICSA-24-165-11

Trust: 0.8

db:ICS CERTid:ICSA-23-166-11

Trust: 0.8

db:JVNDBid:JVNDB-2022-002433

Trust: 0.8

db:PACKETSTORMid:168222

Trust: 0.7

db:PACKETSTORMid:168182

Trust: 0.7

db:PACKETSTORMid:167948

Trust: 0.7

db:AUSCERTid:ESB-2022.6434

Trust: 0.6

db:AUSCERTid:ESB-2023.1074

Trust: 0.6

db:AUSCERTid:ESB-2022.3977

Trust: 0.6

db:AUSCERTid:ESB-2022.4122

Trust: 0.6

db:AUSCERTid:ESB-2022.4747

Trust: 0.6

db:AUSCERTid:ESB-2022.4233

Trust: 0.6

db:AUSCERTid:ESB-2022.4323

Trust: 0.6

db:AUSCERTid:ESB-2022.4669

Trust: 0.6

db:AUSCERTid:ESB-2022.4525

Trust: 0.6

db:AUSCERTid:ESB-2022.4568

Trust: 0.6

db:AUSCERTid:ESB-2022.6290

Trust: 0.6

db:AUSCERTid:ESB-2022.3353

Trust: 0.6

db:AUSCERTid:ESB-2022.4601

Trust: 0.6

db:AUSCERTid:ESB-2022.3486

Trust: 0.6

db:AUSCERTid:ESB-2022.4296

Trust: 0.6

db:AUSCERTid:ESB-2023.1430

Trust: 0.6

db:AUSCERTid:ESB-2022.3814

Trust: 0.6

db:AUSCERTid:ESB-2022.6333

Trust: 0.6

db:AUSCERTid:ESB-2022.3316

Trust: 0.6

db:AUSCERTid:ESB-2022.4167

Trust: 0.6

db:AUSCERTid:ESB-2022.4101

Trust: 0.6

db:AUSCERTid:ESB-2022.5247

Trust: 0.6

db:CS-HELPid:SB2022070537

Trust: 0.6

db:CS-HELPid:SB2022071612

Trust: 0.6

db:CS-HELPid:SB2022072011

Trust: 0.6

db:CS-HELPid:SB2022071153

Trust: 0.6

db:CS-HELPid:SB2022070647

Trust: 0.6

db:PACKETSTORMid:168022

Trust: 0.6

db:PACKETSTORMid:168204

Trust: 0.6

db:PACKETSTORMid:168112

Trust: 0.6

db:PACKETSTORMid:167703

Trust: 0.6

db:PACKETSTORMid:168284

Trust: 0.6

db:PACKETSTORMid:168538

Trust: 0.6

db:PACKETSTORMid:168387

Trust: 0.6

db:PACKETSTORMid:169443

Trust: 0.6

db:PACKETSTORMid:168378

Trust: 0.6

db:PACKETSTORMid:167708

Trust: 0.6

db:PACKETSTORMid:168351

Trust: 0.6

db:PACKETSTORMid:168714

Trust: 0.6

db:PACKETSTORMid:168187

Trust: 0.6

db:CNNVDid:CNNVD-202207-379

Trust: 0.6

db:VULMONid:CVE-2022-2097

Trust: 0.1

db:PACKETSTORMid:168139

Trust: 0.1

db:PACKETSTORMid:168392

Trust: 0.1

db:PACKETSTORMid:168289

Trust: 0.1

db:PACKETSTORMid:170179

Trust: 0.1

db:PACKETSTORMid:170162

Trust: 0.1

sources: VULMON: CVE-2022-2097 // JVNDB: JVNDB-2022-002433 // PACKETSTORM: 168222 // PACKETSTORM: 168182 // PACKETSTORM: 168139 // PACKETSTORM: 168392 // PACKETSTORM: 168289 // PACKETSTORM: 170179 // PACKETSTORM: 170162 // PACKETSTORM: 167948 // CNNVD: CNNVD-202207-379 // NVD: CVE-2022-2097

REFERENCES

url:https://www.openssl.org/news/secadv/20220705.txt

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20220715-0011/

Trust: 1.7

url:https://security.gentoo.org/glsa/202210-02

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf

Trust: 1.7

url:https://www.debian.org/security/2023/dsa-5343

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20230420-0008/

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2022-2097

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-2097

Trust: 1.3

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93

Trust: 1.1

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=919925673d6c9cfed3c1085497f5dfbbed5fc431

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/v6567jerrhhjw2gngjgkdrnhr7snpzk7/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/r6ck57nbqftpumxapjurcgxuyt76nqak/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vcmnwkerpbkoebnl7clttx3zzczlh7xa/

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20240621-0006/

Trust: 1.0

url:https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-03

Trust: 0.9

url:http://jvn.jp/vu/jvnvu96381485/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90782730/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu99464755/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93250330/index.html

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-11

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2022-1292

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2022-2068

Trust: 0.8

url:https://bugzilla.redhat.com/):

Trust: 0.8

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2022-1586

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1785

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1897

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1927

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/r6ck57nbqftpumxapjurcgxuyt76nqak/

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vcmnwkerpbkoebnl7clttx3zzczlh7xa/

Trust: 0.6

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93

Trust: 0.6

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/v6567jerrhhjw2gngjgkdrnhr7snpzk7/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3316

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4747

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3977

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4669

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3814

Trust: 0.6

url:https://packetstormsecurity.com/files/168538/red-hat-security-advisory-2022-6696-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167948/red-hat-security-advisory-2022-5818-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168222/red-hat-security-advisory-2022-6283-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168182/red-hat-security-advisory-2022-6184-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167703/openssl-toolkit-3.0.5.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6290

Trust: 0.6

url:https://packetstormsecurity.com/files/168204/red-hat-security-advisory-2022-6224-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4296

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070647

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4233

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6434

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-2097/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3486

Trust: 0.6

url:https://packetstormsecurity.com/files/168378/red-hat-security-advisory-2022-6507-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5247

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6333

Trust: 0.6

url:https://vigilance.fr/vulnerability/openssl-no-chiffrement-via-aes-ocb-32-bit-x86-aes-ni-assembly-38729

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071612

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.1074

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071153

Trust: 0.6

url:https://packetstormsecurity.com/files/168112/red-hat-security-advisory-2022-6051-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167708/ubuntu-security-notice-usn-5502-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168187/red-hat-security-advisory-2022-6188-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168284/red-hat-security-advisory-2022-6183-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.1430

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb20220720110

Trust: 0.6

url:https://packetstormsecurity.com/files/168351/red-hat-security-advisory-2022-6430-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070537

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4101

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4167

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3353

Trust: 0.6

url:https://packetstormsecurity.com/files/168022/red-hat-security-advisory-2022-6024-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4122

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4323

Trust: 0.6

url:https://packetstormsecurity.com/files/168714/gentoo-linux-security-advisory-202210-02.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4525

Trust: 0.6

url:https://packetstormsecurity.com/files/169443/red-hat-security-advisory-2022-7058-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4568

Trust: 0.6

url:https://packetstormsecurity.com/files/168387/red-hat-security-advisory-2022-6517-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4601

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-2068

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-1292

Trust: 0.5

url:https://issues.jboss.org/):

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1897

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1927

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1586

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1785

Trust: 0.4

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-30631

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-30631

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36516

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-24448

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26710

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22628

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21618

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-3515

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0168

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21628

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-3709

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0617

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0924

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0562

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2639

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0908

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1055

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0865

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35527

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35525

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26373

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26709

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-20368

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1048

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3640

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0561

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0617

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-39399

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0562

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0854

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22629

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-29581

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1016

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2078

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22844

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2938

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21499

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-36946

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-42003

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0865

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36558

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27405

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-3709

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0909

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1852

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0561

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-35527

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0854

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-30293

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27406

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0168

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21624

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1304

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26717

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21626

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-28390

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36558

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26716

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30002

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36518

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27950

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27404

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2586

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-23960

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3640

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-30002

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36518

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0891

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1184

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-35525

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22624

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2509

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26700

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-25255

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-26719

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-34903

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21619

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-42004

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-37434

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1355

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36516

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22662

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-28893

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/327.html

Trust: 0.1

url:https://alas.aws.amazon.com/al2/alas-2023-1974.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/fairwindsops/bif

Trust: 0.1

url:https://alas.aws.amazon.com/al2022/alas-2022-195.html

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30635

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1962

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30635

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-31107

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30632

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28131

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-28131

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30633

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30632

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30633

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-31107

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1962

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6184

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6103

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32250

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30629

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1012

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1012

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32250

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30629

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6102

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6526

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28327

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27776

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27774

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4189

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24407

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1629

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3634

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-38561

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24921

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-38185

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-25313

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27191

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-29824

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23772

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1798

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23177

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1621

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44717

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27782

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3737

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21698

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44716

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22576

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-40528

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25219

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31566

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-25314

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43527

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4115

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23773

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24675

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-17541

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32206

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32208

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32206

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2526

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6182

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32208

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2526

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-29154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-29154

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:8889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-42898

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:8781

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-41715

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2879

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32189

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2880

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27664

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-37603

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5818

Trust: 0.1

sources: VULMON: CVE-2022-2097 // JVNDB: JVNDB-2022-002433 // PACKETSTORM: 168222 // PACKETSTORM: 168182 // PACKETSTORM: 168139 // PACKETSTORM: 168392 // PACKETSTORM: 168289 // PACKETSTORM: 170179 // PACKETSTORM: 170162 // PACKETSTORM: 167948 // CNNVD: CNNVD-202207-379 // NVD: CVE-2022-2097

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 168222 // PACKETSTORM: 168182 // PACKETSTORM: 168139 // PACKETSTORM: 168392 // PACKETSTORM: 168289 // PACKETSTORM: 170179 // PACKETSTORM: 170162 // PACKETSTORM: 167948

SOURCES

db:VULMONid:CVE-2022-2097
db:JVNDBid:JVNDB-2022-002433
db:PACKETSTORMid:168222
db:PACKETSTORMid:168182
db:PACKETSTORMid:168139
db:PACKETSTORMid:168392
db:PACKETSTORMid:168289
db:PACKETSTORMid:170179
db:PACKETSTORMid:170162
db:PACKETSTORMid:167948
db:CNNVDid:CNNVD-202207-379
db:NVDid:CVE-2022-2097

LAST UPDATE DATE

2025-04-01T20:30:46.392000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-2097date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2022-002433date:2024-06-17T08:34:00
db:CNNVDid:CNNVD-202207-379date:2023-04-21T00:00:00
db:NVDid:CVE-2022-2097date:2024-06-21T19:15:23.083

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-2097date:2022-07-05T00:00:00
db:JVNDBid:JVNDB-2022-002433date:2022-09-27T00:00:00
db:PACKETSTORMid:168222date:2022-09-01T16:33:07
db:PACKETSTORMid:168182date:2022-08-25T15:29:18
db:PACKETSTORMid:168139date:2022-08-24T13:06:10
db:PACKETSTORMid:168392date:2022-09-15T14:20:18
db:PACKETSTORMid:168289date:2022-09-07T17:09:04
db:PACKETSTORMid:170179date:2022-12-09T14:52:40
db:PACKETSTORMid:170162date:2022-12-08T16:34:22
db:PACKETSTORMid:167948date:2022-08-04T14:48:07
db:CNNVDid:CNNVD-202207-379date:2022-07-05T00:00:00
db:NVDid:CVE-2022-2097date:2022-07-05T11:15:08.340