HYCU 4.5.0-364 security updates

This release contains fixes for the following vulnerabilities:

  • RHSA-2022:1065:
    • CVE-2022-0778: openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
  • RHSA-2022:0951:
    • CVE-2021-45960: expat: Large number of prefixed XML attributes on a single tag can crash libexpat
    • CVE-2021-46143: expat: Integer overflow in doProlog in xmlparse.c
    • CVE-2022-22822: expat: Integer overflow in addBinding in xmlparse.c
    • CVE-2022-22823: expat: Integer overflow in build_model in xmlparse.c
    • CVE-2022-22824: expat: Integer overflow in defineAttribute in xmlparse.c
    • CVE-2022-22825: expat: Integer overflow in lookup in xmlparse.c
    • CVE-2022-22826: expat: Integer overflow in nextScaffoldPart in xmlparse.c
    • CVE-2022-22827: expat: Integer overflow in storeAtts in xmlparse.c
    • CVE-2022-23852: expat: Integer overflow in function XML_GetBuffer
    • CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
    • CVE-2022-25236: expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
    • CVE-2022-25315: expat: Integer overflow in storeRawNames()
  • RHSA-2022:0899:
    • CVE-2022-23308: libxml2: Use-after-free of ID and IDREF attributes
  • RHSA-2022:0896:
    • CVE-2021-3999: glibc: Off-by-one buffer overflow/underflow in getcwd()
    • CVE-2022-23218: glibc: Stack-based buffer overflow in svcunix_create via long pathnames
    • CVE-2022-23219: glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
  • RHSA-2022:0894:
    • CVE-2022-0261: vim: Heap-based buffer overflow in block_insert() in src/ops.c
    • CVE-2022-0318: vim: Heap-based buffer overflow in utf_head_off() in mbyte.c
    • CVE-2022-0359: vim: Heap-based buffer overflow in init_ccline() in ex_getln.c
    • CVE-2022-0361: vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow
    • CVE-2022-0392: vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c
    • CVE-2022-0413: vim: Use after free in src/ex_cmds.c
  • RHSA-2022:0892:
    • CVE-2021-23177: libarchive: extracting a symlink with ACLs modifies ACLs of target
    • CVE-2021-31566: libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive
  • RHSA-2022:0849:
    • CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
    • CVE-2021-4154: kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout
    • CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
    • CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
    • CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
    • CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation
  • RHSA-2022:0825:
    • CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
    • CVE-2021-4154: kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout
    • CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
    • CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
    • CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
    • CVE-2022-0516: kernel: missing check in ioctl allows kernel memory read/write
    • CVE-2022-0847: kernel: improper initialization of the "flags" member of the new pipe_buffer
    • CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation
  • RHSA-2022:0658:
    • CVE-2022-24407: cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
  • RHSA-2022:0370:
    • CVE-2021-4122: cryptsetup: disable encryption via header rewrite
  • RHSA-2022:0368:
    • CVE-2021-3521: rpm: RPM does not require subkeys to have a valid binding signature
  • RHSA-2022:0366:
    • CVE-2021-3872: vim: heap-based buffer overflow in win_redr_status() in drawscreen.c
    • CVE-2021-3984: vim: illegal memory access in find_start_brace() in cindent.c when C-indenting
    • CVE-2021-4019: vim: heap-based buffer overflow in find_help_tags() in help.c
    • CVE-2021-4192: vim: use-after-free in win_linetabsize()
    • CVE-2021-4193: vim: out-of-bound read in getvcol()
  • RHSA-2022:0332:
    • CVE-2021-44142: samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
  • RHSA-2022:0307:
    • CVE-2022-21248: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)
    • CVE-2022-21282: OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)
    • CVE-2022-21283: OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813)
    • CVE-2022-21293: OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)
    • CVE-2022-21294: OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416)
    • CVE-2022-21296: OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)
    • CVE-2022-21299: OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646)
    • CVE-2022-21305: OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
    • CVE-2022-21340: OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)
    • CVE-2022-21341: OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236)
    • CVE-2022-21360: OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
    • CVE-2022-21365: OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)
  • RHSA-2022:0267:
    • CVE-2021-4034: polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector
  • RHSA-2022:0232:
    • CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
    • CVE-2022-0185: kernel: fs_context: heap overflow in legacy parameter handling
  • RHSA-2022:0188:
    • CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
    • CVE-2022-0185: kernel: fs_context: heap overflow in legacy parameter handling
  • RHSA-2021:5227:
    • CVE-2021-20321: kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()
  • RHSA-2021:5226:
    • CVE-2021-3712: openssl: Read buffer overruns processing ASN.1 strings
  • RHSA-2021:5082:
    • CVE-2016-2124: samba: SMB1 client connections can be downgraded to plaintext authentication
    • CVE-2020-25717: samba: Active Directory (AD) domain user could become root on domain members
    • CVE-2021-23192: samba: Subsequent DCE/RPC fragment injection vulnerability

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section