HYCU 4.5.1-1884 security updates

This release contains fixes for the following vulnerabilities:

  • RHSA-2022:1491:
    • CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
    • CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
    • CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
    • CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
    • CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
  • RHSA-2022:1537:
    • CVE-2022-1271: gzip: arbitrary-file-write vulnerability
  • RHSA-2022:1546:
    • CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash
  • RHSA-2022:1552:
    • CVE-2022-1154: vim: use after free in utf_ptr2char
  • RHSA-2022:1642:
    • CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
  • RHSA-2022:1759:
    • CVE-2021-3622: hivex: stack overflow due to recursive call of _get_children()
    • CVE-2021-3716: nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS
    • CVE-2021-3748: QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu
    • CVE-2021-3975: libvirt: segmentation fault during VM shutdown can lead to vdsm hang
    • CVE-2021-4145: QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c
    • CVE-2021-4158: QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c
    • CVE-2021-20196: QEMU: block: fdc: null pointer dereference may lead to guest crash
    • CVE-2021-33285: ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records
    • CVE-2021-33286: ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string
    • CVE-2021-33287: ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes
    • CVE-2021-33289: ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section
    • CVE-2021-35266: ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname
    • CVE-2021-35267: ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections
    • CVE-2021-35268: ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode
    • CVE-2021-35269: ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT
    • CVE-2021-39251: ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open()
    • CVE-2021-39252: ntfs-3g: Out-of-bounds read in ntfs_ie_lookup()
    • CVE-2021-39253: ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i()
    • CVE-2021-39254: ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()
    • CVE-2021-39255: ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute
    • CVE-2021-39256: ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name()
    • CVE-2021-39257: ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap
    • CVE-2021-39258: ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find()
    • CVE-2021-39259: ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length
    • CVE-2021-39260: ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information()
    • CVE-2021-39261: ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite()
    • CVE-2021-39262: ntfs-3g: Out-of-bounds access in ntfs_decompress()
    • CVE-2021-39263: ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute
    • CVE-2022-0485: libnbd: nbdcopy: missing error handling may create corrupted destination image
  • RHSA-2022:1810:
    • CVE-2020-19131: libtiff: a buffer overflow via the "invertImage()" may lead to DoS
  • RHSA-2022:1915:
    • CVE-2020-35452: httpd: Single zero byte stack overflow in mod_auth_digest
    • CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy
    • CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path
    • CVE-2021-44224: httpd: possible NULL dereference or SSRF in forward proxy configurations
  • RHSA-2022:1961:
    • CVE-2020-35492: cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes
  • RHSA-2022:1968:
    • CVE-2021-4156: libsndfile: heap out-of-bounds read in src/flac.c in flac_buffer_copy
  • RHSA-2022:1986:
    • CVE-2021-3737: python: urllib: HTTP client possible infinite loop on a 100 Continue response
    • CVE-2021-4189: python: ftplib should not use the host from the PASV response
  • RHSA-2022:1991:
    • CVE-2021-38185: cpio: integer overflow in ds_fgetstr() in dstring.c can lead to an out-of-bounds write via a crafted pattern file
  • RHSA-2022:2013:
    • CVE-2021-41617: openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured
  • RHSA-2022:2031:
    • CVE-2021-3634: libssh: possible heap-based buffer overflow when rekeying
  • RHSA-2022:2043:
    • CVE-2021-3672: c-ares: Missing input validation of host names may lead to domain hijacking
  • RHSA-2022:2074:
    • CVE-2021-20316: samba: Symlink race error can allow metadata read and modify outside of the exported share
    • CVE-2021-44141: samba: Information leak via symlinks of existance of files or directories outside of the exported share
  • RHSA-2022:2092:
    • CVE-2021-25219: bind: Lame cache can be abused to severely degrade resolver performance
  • RHSA-2022:2110:
    • CVE-2021-3981: grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content
  • RHSA-2022:2201:
    • CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
  • RHSA-2022:4799:
    • CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
  • RHSA-2022:4991:
    • CVE-2022-1271: gzip: arbitrary-file-write vulnerability
  • RHSA-2022:5056:
    • CVE-2022-26691: cups: authorization bypass when using "local" authorization
  • RHSA-2022:5163:
    • CVE-2020-13950: httpd: mod_proxy NULL pointer dereference

 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section