ID

VAR-202210-1070

CVE

CVE-2022-40304

TITLE

Red Hat Security Advisory 2023-1448-01

DESCRIPTION

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. libxml2 is an open source library for parsing XML documents. It is written in C language and can be called by many languages, such as C language, C++, XSH. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. This advisory covers container images for the release. JIRA issues fixed (https://issues.jboss.org/): OSSM-1330 - Allow specifying secret as pilot server cert when using CertificateAuthority: Custom OSSM-2342 - Run OSSM operator on infrastructure nodes OSSM-2371 - Kiali in read-only mode still can change the log level of the envoy proxies OSSM-2373 - Can't login to Kiali with "Error trying to get OAuth metadata" OSSM-2374 - Deleting a SMM also deletes the SMMR in OpenShift Service Mesh OSSM-2492 - Default tolerations in SMCP not passed to Jaeger OSSM-2493 - Default nodeSelector and tolerations in SMCP not passed to Kiali OSSM-3317 - Error: deployment.accessible_namespaces set to ['**'] 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5271-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 05, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxml2 CVE ID : CVE-2022-40303 CVE-2022-40304 Debian Bug : 1022224 1022225 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. CVE-2022-40303 Maddie Stone discovered that missing safety checks in several functions can result in integer overflows when parsing a XML document with the XML_PARSE_HUGE option enabled. CVE-2022-40304 Ned Williamson and Nathan Wachholz discovered a vulnerability when handling detection of entity reference cycles, which may result in corrupted dictionary entries. This flaw may lead to logic errors, including memory errors like double free flaws. For the stable distribution (bullseye), these problems have been fixed in version 2.9.10+dfsg-6.7+deb11u3. We recommend that you upgrade your libxml2 packages. JIRA issues fixed (https://issues.jboss.org/): LOG-3533 - tls.cert, tls.key and passphrase are not passed to the fluentd configuration when forwarding logs using syslog over TLS LOG-3534 - [release-5.5] [Administrator Console] Seeing "parse error" while using Severity filter for cluster view user 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenStack Platform 16.2 (osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container) security update Advisory ID: RHSA-2023:1079-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2023:1079 Issue date: 2023-03-06 CVE Names: CVE-2021-46848 CVE-2022-2879 CVE-2022-4415 CVE-2022-35737 CVE-2022-40303 CVE-2022-40304 CVE-2022-41715 CVE-2022-41717 CVE-2022-47629 ==================================================================== 1. Summary: An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Security Fix(es): * archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879) * regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests 5. JIRA issues fixed (https://issues.jboss.org/): OSPK8-664 - Unexpected "unassigned" hostRefs in OSBMS halt further reconcile loops 6. References: https://access.redhat.com/security/cve/CVE-2021-46848 https://access.redhat.com/security/cve/CVE-2022-2879 https://access.redhat.com/security/cve/CVE-2022-4415 https://access.redhat.com/security/cve/CVE-2022-35737 https://access.redhat.com/security/cve/CVE-2022-40303 https://access.redhat.com/security/cve/CVE-2022-40304 https://access.redhat.com/security/cve/CVE-2022-41715 https://access.redhat.com/security/cve/CVE-2022-41717 https://access.redhat.com/security/cve/CVE-2022-47629 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZAYw69zjgjWX9erEAQhpKw/+IoljDi48GfOED0GN7xDhf0dClmlzuPnM ozrwsuBpcFWlY62saZacWkG4UBfLTubkMEdkuWlNrP0TNxSFOzWRDBZpsp6KHzsg 5t8doz9jHTsPP60q/PEOni6Jw8Z5zCN9qVRprNPObEAZdoHaPZpQI6dJkZMSd6Pf q40hJkI0nu+GEknlJtUbJqaCf7sED6/Tn2uGrFYuL+uKEcw7Dh8Up0c3QFYjHxCH H4kTOyiBCsbQNztdDhR+/hBEezSFSw/WgXynvzS2SyP4gQ/AhV5af53KJ0nJieC7 KnH9RKVR2h5PkRRGiH3yBG/Vl4Y13P4fh3rwjUWZGCp4LhjzS0pqjsyYzBnFJODT GjX+nEi5z15OMuxO6YrignuDfMMisz2OUY1XZa2M9CQUDBkQyikwSOdMfDk2LVS+ dznlfqNejn7CDA4mUwkpQ1NsQXi9MEVI9UhN5sf/SASoIj1uGG20fot1w1gQyEka kFpwz2FyvXA8xGruJbRmV6QuWLxZmXeosjRWQZhJL9KcuuAdQgVSfqFQYHrEGOxa oJbqdOv1GAauwPPhH49eoShzi3jwRyzuEQIsxwz73nY+TSOHmTdnynn+nSSREXb0 qNkHwGMi9RsC+HmXj/qzmwge5BjChwLQxLsAj+6FOCwFvtyU9jbr/y4hq8CAmGFa eAniE3J/0sc=r2R4 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . This release includes security and bug fixes, and enhancements. Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/): 2160492 - CVE-2023-22482 ArgoCD: JWT audience claim is not verified 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2 macOS Big Sur 11.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213534. BOM Available for: macOS Big Sur Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks. CVE-2022-42821: Jonathan Bar Or of Microsoft DriverKit Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32942: Linus Henze of Pinauten GmbH (pinauten.de) IOHIDFamily Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2022-42864: Tommy Muir (@Muirey03) Kernel Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2022-46689: Ian Beer of Google Project Zero Kernel Available for: macOS Big Sur Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42845: Adam Doupé of ASU SEFCOM Kernel Available for: macOS Big Sur Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year Lab libxml2 Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2022-40303: Maddie Stone of Google Project Zero libxml2 Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero ppp Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42840: an anonymous researcher xar Available for: macOS Big Sur Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A type confusion issue was addressed with improved checks. CVE-2022-42841: Thijs Alkemade (@xnyhps) of Computest Sector 7 macOS Big Sur 11.7.2 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. Bugs fixed (https://bugzilla.redhat.com/): 2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be 2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents 2167819 - CVE-2023-23947 ArgoCD: Users with any cluster secret update access may update out-of-bounds cluster secrets 5

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

TYPE

overflow, code execution

EXPLOIT AVAILABILITY

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2024-11-20T19:55:02.268000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE