
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.



CVE-2023-34982

Red Hat Security Advisory 2023-7215-01 - Red Hat OpenShift Service Mesh 2.2.12 Containers. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7215.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat OpenShift Service Mesh Containers for 2.2.12Advisory ID:        RHSA-2023:7215-01Product:            Red Hat OpenShift Service MeshAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7215Issue date:         2023-11-15Revision:           01CVE Names:          CVE-2023-39325====================================================================Summary: Red Hat OpenShift Service Mesh 2.2.12 ContainersRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.Security Fix(es):* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-39325References:https://access.redhat.com/security/updates/classification/#importanthttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003https://bugzilla.redhat.com/show_bug.cgi?id=2242803https://bugzilla.redhat.com/show_bug.cgi?id=2243296

Red Hat Security Advisory 2023-7215-01

Red Hat Security Advisory 2023-7213-01 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7213.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Critical: squid:4 security updateAdvisory ID:        RHSA-2023:7213-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7213Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-46846====================================================================Summary: An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.Security Fix(es):* squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847)* squid: Request/Response smuggling in HTTP/1.1 and ICAP (CVE-2023-46846)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-46846References:https://access.redhat.com/security/updates/classification/#criticalhttps://bugzilla.redhat.com/show_bug.cgi?id=2245910https://bugzilla.redhat.com/show_bug.cgi?id=2245916

Red Hat Security Advisory 2023-7213-01

Red Hat Security Advisory 2023-7205-01 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.

The following data is constructed from data provided by Red Hat's json file at:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7205.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: nodejs:20 security update  
Advisory ID:        RHSA-2023:7205-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7205  
Issue date:         2023-11-14  
Revision:           01  
CVE Names:          CVE-2023-38552  
====================================================================

Summary: 

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. 

Security Fix(es):

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

* nodejs: permission model improperly protects against path traversal (CVE-2023-39331)

* nodejs: path traversal through path stored in Uint8Array (CVE-2023-39332)

* nodejs: integrity checks according to policies can be circumvented (CVE-2023-38552)

* nodejs: code injection via WebAssembly export names (CVE-2023-39333)

* node-undici: cookie leakage (CVE-2023-45143)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-38552

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003  
https://bugzilla.redhat.com/show_bug.cgi?id=2242803  
https://bugzilla.redhat.com/show_bug.cgi?id=2244104  
https://bugzilla.redhat.com/show_bug.cgi?id=2244413  
https://bugzilla.redhat.com/show_bug.cgi?id=2244414  
https://bugzilla.redhat.com/show_bug.cgi?id=2244415  
https://bugzilla.redhat.com/show_bug.cgi?id=2244418

Red Hat Security Advisory 2023-7205-01

Red Hat Security Advisory 2023-7177-01 - An update for bind is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7177.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: bind security updateAdvisory ID:        RHSA-2023:7177-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7177Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2022-3094====================================================================Summary: An update for bind is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.Security Fix(es):* bind: flooding with UPDATE requests may lead to DoS (CVE-2022-3094)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-3094References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2164032

Red Hat Security Advisory 2023-7177-01

Red Hat Security Advisory 2023-7165-01 - An update for cups is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, and use-after-free vulnerabilities.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7165.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: cups security and bug fix updateAdvisory ID:        RHSA-2023:7165-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7165Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-32324====================================================================Summary: An update for cups is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.Security Fix(es):* cups: heap buffer overflow may lead to DoS (CVE-2023-32324)* cups: use-after-free in cupsdAcceptClient() in scheduler/client.c (CVE-2023-34241)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-32324References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2209603https://bugzilla.redhat.com/show_bug.cgi?id=2214914https://bugzilla.redhat.com/show_bug.cgi?id=2217955https://issues.redhat.com/browse/RHEL-2612

Red Hat Security Advisory 2023-7165-01

Red Hat Security Advisory 2023-7090-01 - An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7090.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libmicrohttpd security updateAdvisory ID:        RHSA-2023:7090-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7090Issue date:         2023-11-14Revision:           01CVE Names:          CVE-2023-27371====================================================================Summary: An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application.Security Fix(es):* libmicrohttpd: remote DoS (CVE-2023-27371)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-27371References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2174313

Red Hat Security Advisory 2023-7090-01

Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.

The following data is constructed from data provided by Red Hat's json file at:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7077.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kernel security, bug fix, and enhancement update  
Advisory ID:        RHSA-2023:7077-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7077  
Issue date:         2023-11-14  
Revision:           01  
CVE Names:          CVE-2021-43975  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)

* kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)

* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)

* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)

* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)

* kernel: use after free flaw in l2cap_conn_del (CVE-2022-3640)

* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)

* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)

* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)

* kernel: Information leak in l2cap_parse_conf_req (CVE-2022-42895)

* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)

* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)

* kernel: speculative pointer dereference in do_prlimit (CVE-2023-0458)

* kernel: use-after-free due to race condition in qdisc_graft (CVE-2023-0590)

* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)

* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)

* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)

* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)

* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)

* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)

* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)

* kernel: denial of service in tipc_conn_close (CVE-2023-1382)

* kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)

* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)

* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)

* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)

* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)

* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)

* kernel: Race between task migrating pages and another task calling exit_mmap (CVE-2023-4732)

* Kernel: denial of service in atm_tc_enqueue due to type confusion (CVE-2023-23455)

* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)

* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)

* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)

* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)

* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)

* kernel: saa7134: race condition leading to use-after-free in saa7134_finidev (CVE-2023-35823)

* kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c (CVE-2023-35824)

* kernel: r592: race condition leading to use-after-free in r592_remove (CVE-2023-35825)

* kernel: net/tls: tls_is_tx_ready() checked list_entry (CVE-2023-1075)

* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)

* kernel: Use after free bug in r592_remove (CVE-2023-3141)

* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-43975

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index  
https://access.redhat.com/solutions/7027704  
https://bugzilla.redhat.com/show_bug.cgi?id=1975026  
https://bugzilla.redhat.com/show_bug.cgi?id=2024989  
https://bugzilla.redhat.com/show_bug.cgi?id=2037005  
https://bugzilla.redhat.com/show_bug.cgi?id=2073091  
https://bugzilla.redhat.com/show_bug.cgi?id=2112147  
https://bugzilla.redhat.com/show_bug.cgi?id=2133453  
https://bugzilla.redhat.com/show_bug.cgi?id=2133455  
https://bugzilla.redhat.com/show_bug.cgi?id=2139610  
https://bugzilla.redhat.com/show_bug.cgi?id=2147356  
https://bugzilla.redhat.com/show_bug.cgi?id=2148520  
https://bugzilla.redhat.com/show_bug.cgi?id=2149024  
https://bugzilla.redhat.com/show_bug.cgi?id=2151112  
https://bugzilla.redhat.com/show_bug.cgi?id=2151317  
https://bugzilla.redhat.com/show_bug.cgi?id=2156322  
https://bugzilla.redhat.com/show_bug.cgi?id=2165741  
https://bugzilla.redhat.com/show_bug.cgi?id=2165926  
https://bugzilla.redhat.com/show_bug.cgi?id=2166567  
https://bugzilla.redhat.com/show_bug.cgi?id=2168332  
https://bugzilla.redhat.com/show_bug.cgi?id=2173403  
https://bugzilla.redhat.com/show_bug.cgi?id=2173430  
https://bugzilla.redhat.com/show_bug.cgi?id=2173434  
https://bugzilla.redhat.com/show_bug.cgi?id=2173444  
https://bugzilla.redhat.com/show_bug.cgi?id=2174220  
https://bugzilla.redhat.com/show_bug.cgi?id=2174400  
https://bugzilla.redhat.com/show_bug.cgi?id=2175160  
https://bugzilla.redhat.com/show_bug.cgi?id=2175322  
https://bugzilla.redhat.com/show_bug.cgi?id=2175903  
https://bugzilla.redhat.com/show_bug.cgi?id=2176140  
https://bugzilla.redhat.com/show_bug.cgi?id=2177371  
https://bugzilla.redhat.com/show_bug.cgi?id=2177389  
https://bugzilla.redhat.com/show_bug.cgi?id=2178301  
https://bugzilla.redhat.com/show_bug.cgi?id=2181273  
https://bugzilla.redhat.com/show_bug.cgi?id=2181330  
https://bugzilla.redhat.com/show_bug.cgi?id=2182443  
https://bugzilla.redhat.com/show_bug.cgi?id=2183559  
https://bugzilla.redhat.com/show_bug.cgi?id=2184578  
https://bugzilla.redhat.com/show_bug.cgi?id=2185945  
https://bugzilla.redhat.com/show_bug.cgi?id=2186948  
https://bugzilla.redhat.com/show_bug.cgi?id=2187257  
https://bugzilla.redhat.com/show_bug.cgi?id=2188468  
https://bugzilla.redhat.com/show_bug.cgi?id=2189324  
https://bugzilla.redhat.com/show_bug.cgi?id=2192667  
https://bugzilla.redhat.com/show_bug.cgi?id=2192671  
https://bugzilla.redhat.com/show_bug.cgi?id=2193097  
https://bugzilla.redhat.com/show_bug.cgi?id=2193219  
https://bugzilla.redhat.com/show_bug.cgi?id=2209710  
https://bugzilla.redhat.com/show_bug.cgi?id=2213139  
https://bugzilla.redhat.com/show_bug.cgi?id=2213199  
https://bugzilla.redhat.com/show_bug.cgi?id=2213485  
https://bugzilla.redhat.com/show_bug.cgi?id=2213802  
https://bugzilla.redhat.com/show_bug.cgi?id=2214348  
https://bugzilla.redhat.com/show_bug.cgi?id=2215502  
https://bugzilla.redhat.com/show_bug.cgi?id=2215835  
https://bugzilla.redhat.com/show_bug.cgi?id=2215836  
https://bugzilla.redhat.com/show_bug.cgi?id=2215837  
https://bugzilla.redhat.com/show_bug.cgi?id=2217658  
https://bugzilla.redhat.com/show_bug.cgi?id=2218195  
https://bugzilla.redhat.com/show_bug.cgi?id=2218212  
https://bugzilla.redhat.com/show_bug.cgi?id=2218943  
https://bugzilla.redhat.com/show_bug.cgi?id=2221707  
https://bugzilla.redhat.com/show_bug.cgi?id=2223949  
https://bugzilla.redhat.com/show_bug.cgi?id=2225191  
https://bugzilla.redhat.com/show_bug.cgi?id=2225201  
https://bugzilla.redhat.com/show_bug.cgi?id=2225511  
https://bugzilla.redhat.com/show_bug.cgi?id=2230213  
https://bugzilla.redhat.com/show_bug.cgi?id=2236982  
https://issues.redhat.com/browse/RHEL-340

Red Hat Security Advisory 2023-7077-01

Ubuntu Security Notice 6449-2 - USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

==========================================================================  
Ubuntu Security Notice USN-6449-2  
November 15, 2023

ffmpeg regression  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 20.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)

Summary:

USN-6449-1 introduced a regression in FFmpeg

Software Description:  
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update  
could introduce a regression in tools using an FFmpeg library, like VLC.

This updated fixes the problem. We apologize for the inconvenience.

Original advisory details:

It was discovered that FFmpeg incorrectly managed memory resulting  
in a memory leak. An attacker could possibly use this issue to cause  
a denial of service via application crash. This issue only  
affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038)

It was discovered that FFmpeg incorrectly handled certain input files,  
leading to an integer overflow. An attacker could possibly use this issue  
to cause a denial of service via application crash. This issue only  
affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090,  
CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094)

It was discovered that FFmpeg incorrectly managed memory, resulting in  
a memory leak.  If a user or automated system were tricked into  
processing a specially crafted input file, a remote attacker could  
possibly use this issue to cause a denial of service, or execute  
arbitrary code. (CVE-2022-48434)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS (Available with Ubuntu Pro):  
   ffmpeg                          7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavcodec-extra                7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavcodec-extra58              7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavcodec58                    7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavdevice58                   7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavfilter-extra               7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavfilter-extra7              7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavfilter7                    7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavformat-extra               7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavformat-extra58             7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavformat58                   7:4.4.2-0ubuntu0.22.04.1+esm3  
   libavutil56                     7:4.4.2-0ubuntu0.22.04.1+esm3  
   libpostproc55                   7:4.4.2-0ubuntu0.22.04.1+esm3  
   libswresample3                  7:4.4.2-0ubuntu0.22.04.1+esm3  
   libswscale5                     7:4.4.2-0ubuntu0.22.04.1+esm3

Ubuntu 20.04 LTS (Available with Ubuntu Pro):  
   ffmpeg                          7:4.2.7-0ubuntu0.1+esm4  
   libavcodec-extra                7:4.2.7-0ubuntu0.1+esm4  
   libavcodec-extra58              7:4.2.7-0ubuntu0.1+esm4  
   libavcodec58                    7:4.2.7-0ubuntu0.1+esm4  
   libavdevice58                   7:4.2.7-0ubuntu0.1+esm4  
   libavfilter-extra               7:4.2.7-0ubuntu0.1+esm4  
   libavfilter-extra7              7:4.2.7-0ubuntu0.1+esm4  
   libavfilter7                    7:4.2.7-0ubuntu0.1+esm4  
   libavformat58                   7:4.2.7-0ubuntu0.1+esm4  
   libavresample4                  7:4.2.7-0ubuntu0.1+esm4  
   libavutil-dev                   7:4.2.7-0ubuntu0.1+esm4  
   libavutil56                     7:4.2.7-0ubuntu0.1+esm4  
   libpostproc55                   7:4.2.7-0ubuntu0.1+esm4  
   libswresample3                  7:4.2.7-0ubuntu0.1+esm4  
   libswscale5                     7:4.2.7-0ubuntu0.1+esm4

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
   ffmpeg                          7:3.4.11-0ubuntu0.1+esm4  
   libavcodec-extra                7:3.4.11-0ubuntu0.1+esm4  
   libavcodec-extra57              7:3.4.11-0ubuntu0.1+esm4  
   libavcodec57                    7:3.4.11-0ubuntu0.1+esm4  
   libavdevice-dev                 7:3.4.11-0ubuntu0.1+esm4  
   libavdevice57                   7:3.4.11-0ubuntu0.1+esm4  
   libavfilter-dev                 7:3.4.11-0ubuntu0.1+esm4  
   libavfilter-extra               7:3.4.11-0ubuntu0.1+esm4  
   libavfilter-extra6              7:3.4.11-0ubuntu0.1+esm4  
   libavfilter6                    7:3.4.11-0ubuntu0.1+esm4  
   libavformat57                   7:3.4.11-0ubuntu0.1+esm4  
   libavresample3                  7:3.4.11-0ubuntu0.1+esm4  
   libavutil-dev                   7:3.4.11-0ubuntu0.1+esm4  
   libavutil55                     7:3.4.11-0ubuntu0.1+esm4  
   libpostproc54                   7:3.4.11-0ubuntu0.1+esm4  
   libswresample2                  7:3.4.11-0ubuntu0.1+esm4  
   libswscale4                     7:3.4.11-0ubuntu0.1+esm4

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6449-2  
   https://ubuntu.com/security/notices/USN-6449-1  
   https://launchpad.net/bugs/2042743

Ubuntu Security Notice USN-6449-2

Ubuntu Security Notice 6479-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of- bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-6479-1November 14, 2023linux-oem-6.5 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-oem-6.5: Linux kernel for OEM systemsDetails:Kyle Zeng discovered that the netfilter subsystem in the Linux kernelcontained a race condition in IP set operations in certain situations. Alocal attacker could use this to cause a denial of service (system crash).(CVE-2023-42756)Alex Birnberg discovered that the netfilter subsystem in the Linux kerneldid not properly validate register length, leading to an out-of- boundswrite vulnerability. A local attacker could possibly use this to cause adenial of service (system crash). (CVE-2023-4881)It was discovered that the Quick Fair Queueing scheduler implementation inthe Linux kernel did not properly handle network packets in certainconditions, leading to a use after free vulnerability. A local attackercould use this to cause a denial of service (system crash) or possiblyexecute arbitrary code. (CVE-2023-4921)Kevin Rich discovered that the netfilter subsystem in the Linux kernel didnot properly handle removal of rules from chain bindings in certaincircumstances, leading to a use-after-free vulnerability. A local attackercould possibly use this to cause a denial of service (system crash) orexecute arbitrary code. (CVE-2023-5197)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-6.5.0-1007-oem      6.5.0-1007.7   linux-image-oem-22.04d          6.5.0.1007.9After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6479-1   CVE-2023-42756, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197Package Information:   https://launchpad.net/ubuntu/+source/linux-oem-6.5/6.5.0-1007.7

Tag

#dos