There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data.

The reason these issues were not detected before is the escapes were working as designed. However, their design didn't take into account just how recklessly permissive browser are when it comes to executing unsafe JavaScript via HTML attributes.

### Impact

If you render an `<a>` tag with an `href` attribute set to a user-provided link, that link could potentially execute JavaScript when clicked by another user.

```ruby
a(href: user_profile) { "Profile" }
```

If you splat user-provided attributes when rendering any HTML or SVG tag, malicious event attributes could be included in the output, executing JavaScript when the events are triggered by another user.

```ruby
h1(**JSON.parse(user_attributes))
```

### Patches
Patches are [available on RubyGems](https://rubygems.org/gems/phlex) for all minor versions released in the last year.

- [1.10.2](https://rubygems.org/gems/phlex/versions/1.10.2)
- [1.9.3](https://rubygems.org/gems/phlex/versions/1.9.3)

If you are on `main`, it has been patched since [`da8f943`](https://github.com/phlex-ruby/phlex/commit/da8f94342a84cff9d78c98bcc3b3604ee2e577d2)

### Workarounds
Configuring a [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) that does not allow [`unsafe-inline`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#unsafe-inline) would effectively prevent this vulnerability from being exploited.

### References

In addition to upgrading to a patched version of Phlex, we strongly recommend configuring a Content Security Policy header that does not allow `unsafe-inline`. Here’s how you can configure a Content Security Policy header in Rails. https://guides.rubyonrails.org/security.html#content-security-policy-header

Skip to content

**Navigation Menu**

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2024-32970

**Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values**

High severity GitHub Reviewed Published Apr 29, 2024 in phlex-ruby/phlex • Updated May 1, 2024

**Package**

**Affected versions**

< 1.9.3

\>= 1.10.0, < 1.10.2

**Patched versions**

1.9.3

1.10.2

**Description**

Published to the GitHub Advisory Database

May 1, 2024

GHSA-9p57-h987-4vgx: Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values

Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

==========================================================================  
Ubuntu Security Notice USN-6760-1  
April 30, 2024

gerbv vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- - Ubuntu 23.10  
- - Ubuntu 22.04 LTS  
- - Ubuntu 20.04 LTS  
- - Ubuntu 18.04 LTS  
- - Ubuntu 16.04 LTS  
- - Ubuntu 14.04 LTS

Summary:

Gerbv could be made to crash if it opened a specially crafted input file.

Software Description:  
- - gerbv: Gerber file viewer for PCB design

Details:

George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did  
not properly initialize a data structure when parsing certain nested  
RS-274X format files. If a user were tricked into opening a specially  
crafted file, an attacker could possibly use this issue to cause a denial  
of service (application crash).

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.10  
  gerbv                           2.9.8-1ubuntu0.1

Ubuntu 22.04 LTS  
  gerbv                           2.8.2-1ubuntu0.1~esm2  
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS  
  gerbv                           2.7.0-1ubuntu0.2

Ubuntu 18.04 LTS  
  gerbv                           2.6.1-3ubuntu0.1~esm2  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  gerbv                           2.6.0-1ubuntu0.16.04.1~esm2  
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS  
  gerbv                           2.6.0-1ubuntu0.14.04.1~esm2  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6760-1  
  CVE-2023-4508

Package Information:  
  https://launchpad.net/ubuntu/+source/gerbv/2.9.8-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/gerbv/2.7.0-1ubuntu0.2

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETB/nIDy9nvCSgAUj3gXQmO/Tr3wFAmYxdyoACgkQ3gXQmO/T  
r3yNiQ/+KvuxjndpQCm6GeS+17sRUl3W93JhcMAbai01bJN+5OttDZyqm0pP8d7t  
i9ZYyPBV4buYjfKcx2X4yHXRjaer1vctmyy9zxA7hcJd5yTaXU2xH8ks0Ei4rFbg  
DM1rl3470ifaGH4/NTnM2iberSrgG8fbeGGDb3IUpWIQpMZp13PlIQp5dG++4hI1  
CY9d5jdbp/FEH4sVdCozJmDBoZ/tdd7vn3HGXH1Y3i7Pw3RcOUNeNvBALIx81TnS  
JkuFl6ttT194rptxm2151ZFWPNS609kusUd0lUTDWdgQm9Macw7F4RtRLqVGdnHJ  
SZMWbrjKRq/VS0oItBPnEcUGkQ88kEH7tMPfnYB8f9L17B6jMiEI6NM4IgMt8fgM  
Al3Un5x6V/nrTo7jUum/zAS1Ru5iq1EoGK7d794iIH96d8VD9yDejQIZgL0mSsaP  
UxPNelvedu/pGjwd2AUo8Dm5G76J/Ah0zXZrkWkP8Ex6mLkOGLSR5zsj8Joj0ZRt  
5neI8EtWTzeSMTKA4qW9YyUgM4nqz0T2jPE9VsCzIThxZLp5WM3WtKPAwzi1ITNL  
oRwPcfulKUQfLdszRAJyVX5/zP821wlapS4O6ZsDBk6y3g30j8J95OmS+qpwWS3G  
jSssybjnxb7nt9qV3gK2jboEo0Mv/YEhI4tEsF1UaDjLSDtvKfA=  
=8lge  
-----END PGP SIGNATURE-----

Ubuntu Security Notice USN-6760-1

Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2639.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Migration Toolkit for Containers (MTC) 1.7.15 security and bug fix updateAdvisory ID:        RHSA-2024:2639-03Product:            Red Hat Migration ToolkitAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:2639Issue date:         2024-05-01Revision:           03CVE Names:          CVE-2024-24786====================================================================Summary: The Migration Toolkit for Containers (MTC) 1.7.15 is now available.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.Description:The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.Security Fix(es) from Bugzilla:* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)* jose-go: improper handling of highly compressed data (CVE-2024-28180)For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-24786References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2268046https://bugzilla.redhat.com/show_bug.cgi?id=2268854

Red Hat Security Advisory 2024-2639-03

Red Hat Security Advisory 2024-2633-03 - Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2633.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: updated rhceph-6.1 container image  
Advisory ID:        RHSA-2024:2633-03  
Product:            Red Hat Ceph Storage  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:2633  
Issue date:         2024-05-01  
Revision:           03  
CVE Names:          CVE-2023-44487  
====================================================================

Summary: 

Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.

Description:

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

This updated container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux.

Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/  
release_notes/index

All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog.

Solution:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6

https://access.redhat.com/articles/1548993

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-44487

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003  
https://bugzilla.redhat.com/show_bug.cgi?id=2242803  
https://bugzilla.redhat.com/show_bug.cgi?id=2268486  
https://bugzilla.redhat.com/show_bug.cgi?id=2272988

Red Hat Security Advisory 2024-2633-03

Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2631.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Critical: Red Hat Ceph Storage 6.1 security and bug fix update  
Advisory ID:        RHSA-2024:2631-03  
Product:            Red Hat Ceph Storage  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:2631  
Issue date:         2024-05-01  
Revision:           03  
CVE Names:          CVE-2023-49569  
====================================================================

Summary: 

An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.

Description:

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

These new packages include numerous enhancements, and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/release_notes

Solution:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6

https://access.redhat.com/articles/1548993

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-49569

References:

https://access.redhat.com/security/updates/classification/#critical  
https://bugzilla.redhat.com/show_bug.cgi?id=2258143  
https://bugzilla.redhat.com/show_bug.cgi?id=2273724

Red Hat Security Advisory 2024-2631-03

Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2628.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: kernel-rt security and bug fix updateAdvisory ID:        RHSA-2024:2628-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:2628Issue date:         2024-05-01Revision:           03CVE Names:          CVE-2024-25742====================================================================Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es):* CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743)Bug Fix(es):* kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-32985)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-25742References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2270836

Red Hat Security Advisory 2024-2628-03

Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2627.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security and bug fix update  
Advisory ID:        RHSA-2024:2627-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:2627  
Issue date:         2024-05-01  
Revision:           03  
CVE Names:          CVE-2024-25742  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743)

Bug Fix(es):

* CVE-2024-25743 kernel: hw: amd: Instruction raise #VC exception at exit (JIRA:RHEL-30028)

* Seeing high latency execution of kernel functions associated with cgroup_rstat_updated() (JIRA:RHEL-30186)

* RHEL9 NFS file corruption handling congestion (JIRA:RHEL-31223)

* Add tracepoints for sources of IPIs (JIRA:RHEL-27097)

* In RHEL9/cgroupv2, vhost task is not pinned to pCPU defined by emulatorpin (JIRA:RHEL-32635)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-25742

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270836

Red Hat Security Advisory 2024-2627-03

Red Hat Security Advisory 2024-2625-03 - An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2625.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: rhc-worker-script security and enhancement updateAdvisory ID:        RHSA-2024:2625-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:2625Issue date:         2024-05-01Revision:           03CVE Names:          CVE-2023-45288====================================================================Summary: An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The rhc-worker-script packages provide Remote Host Configuration (rhc) worker for executing an interpreted programming language script on hosts managed by Red Hat Insights.Security Fix(es):* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Enhancement(s):* Include deps information in rhc-worker-script binary (JIRA:HMS-3983)* Set more granular log level for the scripts (JIRA:HMS-3837)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45288References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2268273https://issues.redhat.com/browse/HMS-3837https://issues.redhat.com/browse/HMS-3983

Red Hat Security Advisory 2024-2625-03

Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2624.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql-jdbc : Security UpdateAdvisory ID:        RHSA-2024:2624-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:2624Issue date:         2024-04-30Revision:           03CVE Names:          CVE-2024-1597====================================================================Summary: Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system. Thepostgresql-jdbc package includes the .jar files needed for Java programs toaccess a PostgreSQL database.Security Fix(es):* pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if usingPreferQueryMode=SIMPLE (CVE-2024-1597)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-1597References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2266523

Red Hat Security Advisory 2024-2624-03

Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2621.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kernel security, bug fix, and enhancement update  
Advisory ID:        RHSA-2024:2621-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:2621  
Issue date:         2024-04-30  
Revision:           03  
CVE Names:          CVE-2021-33631  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)

* kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (CVE-2022-42895)

* kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)

* kernel: ext4: kernel bug in ext4_write_inline_data_end() (CVE-2021-33631)

* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)

Bug Fix(es):

* kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (JIRA:RHEL-18806)

* tx-checksumming required for accessing port in OpenShift for RHEL 8.6 (JIRA:RHEL-20821)

* ceph: several cap and snap fixes (JIRA:RHEL-20908)

* unable to access smsc95xx based interface unless you start outgoing traffic.  (JIRA:RHEL-25718)

* [RHEL8] ] BUG bio-696 (Not tainted): Poison overwritten  (JIRA:RHEL-26100)

* kernel: ext4: kernel bug in ext4_write_inline_data_end() (JIRA:RHEL-26330)

* kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (JIRA:RHEL-18808)

* kernel: GSM multiplexing race condition leads to privilege escalation (JIRA:RHEL-19953)

Enhancement(s):

* [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25810)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-33631

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2139610  
https://bugzilla.redhat.com/show_bug.cgi?id=2147356  
https://bugzilla.redhat.com/show_bug.cgi?id=2255498  
https://bugzilla.redhat.com/show_bug.cgi?id=2261976

Tag

#js