Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:4828-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4828  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-3090   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.9.0) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.9.0):

Source:  
kpatch-patch-5_14_0-70_43_1-1-6.el9_0.src.rpm  
kpatch-patch-5_14_0-70_49_1-1-5.el9_0.src.rpm  
kpatch-patch-5_14_0-70_50_2-1-4.el9_0.src.rpm  
kpatch-patch-5_14_0-70_53_1-1-3.el9_0.src.rpm  
kpatch-patch-5_14_0-70_58_1-1-2.el9_0.src.rpm  
kpatch-patch-5_14_0-70_64_1-1-1.el9_0.src.rpm

ppc64le:  
kpatch-patch-5_14_0-70_43_1-1-6.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_43_1-debuginfo-1-6.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_43_1-debugsource-1-6.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_49_1-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_49_1-debuginfo-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_49_1-debugsource-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_50_2-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_50_2-debuginfo-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_50_2-debugsource-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_53_1-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_53_1-debuginfo-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_53_1-debugsource-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_58_1-1-2.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_58_1-debuginfo-1-2.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_58_1-debugsource-1-2.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_64_1-1-1.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_64_1-debuginfo-1-1.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_64_1-debugsource-1-1.el9_0.ppc64le.rpm

x86_64:  
kpatch-patch-5_14_0-70_43_1-1-6.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_43_1-debuginfo-1-6.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_43_1-debugsource-1-6.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_49_1-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_49_1-debuginfo-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_49_1-debugsource-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_50_2-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_50_2-debuginfo-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_50_2-debugsource-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_53_1-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_53_1-debuginfo-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_53_1-debugsource-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_58_1-1-2.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_58_1-debuginfo-1-2.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_58_1-debugsource-1-2.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_64_1-1-1.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_64_1-debuginfo-1-1.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_64_1-debugsource-1-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gYvAAoJENzjgjWX9erEWRgP/iOfwgaMEdhep5vr24NXVcUA  
CrLraSdXneGphtI/77WJ6zQPrmS1vQVCVkODKZPcsRur+KztL/bCp439Pyb8dbS1  
GfnYiQQHWx9eA2uWu1MClmsBCyLZsm0yTxLEa3QvHVzYNqtCucpwvtTuswvG7S3M  
tpmnkBAIGRS2BpS0IjoHJykchR3e8PB05fxv0L26i1DWipQXolEtT/rLWYgaMDCx  
u9BVrGs/7B21tmCL23Sz2tgPZarz9EMmy4VOFqn8k5QXO/vVb1xXB8RD4vsGxJe8  
NERSP1iO7xkVFcKktctwqjLjrMISpMmWHDQkS0B+FcUuheG8hyNqFIJauaJ1jpiM  
N8mWaGqSFax+DEHrtdM5frtx1y0QFWEA9vCF9SQYZYojRumn1iTg+pFbo3C5Whzg  
Doejl7q6Tx26Cx3QNXcL4TUGyooDv1mUMz573SmMyCqL8/H4Br6BUv9NpRB8kmyA  
zCgHUzHEsg7jt/8blsTgHtffstDJ2YGRa8KXPFDr3XmhZmQUsfkXUupT/OHmUx9W  
pMXwMSLccjKTDN+sxbsAEh2GDEuVl2kTOKP2sMv1YDeQWSWHK/j9yM6gKypafhDZ  
XOpVqfi+GSnN2GYmMPUZA9oe7EvQQRlCrLpEepwl1lt+0SFGHh8Dqy5qu/JYuxR6  
tAdSv59VMAiU7T58L0k8  
=V/ST  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4828-01

Ubuntu Security Notice 6311-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.

==========================================================================  
Ubuntu Security Notice USN-6311-1  
August 28, 2023

linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-gkeop-5.15  
vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-gke: Linux kernel for Google Container Engine (GKE) systems  
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems  
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems  
- linux-gke-5.15: Linux kernel for Google Container Engine (GKE) systems  
- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems

Details:

William Zhao discovered that the Traffic Control (TC) subsystem in the  
Linux kernel did not properly handle network packet retransmission in  
certain situations. A local attacker could use this to cause a denial of  
service (kernel deadlock). (CVE-2022-4269)

It was discovered that the NTFS file system implementation in the Linux  
kernel did not properly check buffer indexes in certain situations, leading  
to an out-of-bounds read vulnerability. A local attacker could possibly use  
this to expose sensitive information (kernel memory). (CVE-2022-48502)

Seth Jenkins discovered that the Linux kernel did not properly perform  
address randomization for a per-cpu memory management structure. A local  
attacker could use this to expose sensitive information (kernel memory) or  
in conjunction with another kernel vulnerability. (CVE-2023-0597)

It was discovered that a race condition existed in the btrfs file system  
implementation in the Linux kernel, leading to a use-after-free  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly expose sensitive information. (CVE-2023-1611)

It was discovered that the APM X-Gene SoC hardware monitoring driver in the  
Linux kernel contained a race condition, leading to a use-after-free  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or expose sensitive information (kernel memory).  
(CVE-2023-1855)

It was discovered that the ST NCI NFC driver did not properly handle device  
removal events. A physically proximate attacker could use this to cause a  
denial of service (system crash). (CVE-2023-1990)

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did  
not properly perform permissions checks when handling HCI sockets. A  
physically proximate attacker could use this to cause a denial of service  
(bluetooth communication). (CVE-2023-2002)

It was discovered that the XFS file system implementation in the Linux  
kernel did not properly perform metadata validation when mounting certain  
images. An attacker could use this to specially craft a file system image  
that, when mounted, could cause a denial of service (system crash).  
(CVE-2023-2124)

Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski  
discovered that the BPF verifier in the Linux kernel did not properly mark  
registers for precision tracking in certain situations, leading to an out-  
of-bounds access vulnerability. A local attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-2163)

It was discovered that the SLIMpro I2C device driver in the Linux kernel  
did not properly validate user-supplied data in some situations, leading to  
an out-of-bounds write vulnerability. A privileged attacker could use this  
to cause a denial of service (system crash) or possibly execute arbitrary  
code. (CVE-2023-2194)

It was discovered that the perf subsystem in the Linux kernel contained a  
use-after-free vulnerability. A privileged local attacker could possibly  
use this to cause a denial of service (system crash) or possibly execute  
arbitrary code. (CVE-2023-2235)

Zheng Zhang discovered that the device-mapper implementation in the Linux  
kernel did not properly handle locking during table_clear() operations. A  
local attacker could use this to cause a denial of service (kernel  
deadlock). (CVE-2023-2269)

It was discovered that the ARM Mali Display Processor driver implementation  
in the Linux kernel did not properly handle certain error conditions. A  
local attacker could possibly use this to cause a denial of service (system  
crash). (CVE-2023-23004)

It was discovered that a race condition existed in the TLS subsystem in the  
Linux kernel, leading to a use-after-free or a null pointer dereference  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2023-28466)

It was discovered that the DA9150 charger driver in the Linux kernel did  
not properly handle device removal, leading to a user-after free  
vulnerability. A physically proximate attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-30772)

It was discovered that the Ricoh R5C592 MemoryStick card reader driver in  
the Linux kernel contained a race condition during module unload, leading  
to a use-after-free vulnerability. A local attacker could use this to cause  
a denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-3141)

Quentin Minster discovered that the KSMBD implementation in the Linux  
kernel did not properly validate pointers in some situations, leading to a  
null pointer dereference vulnerability. A remote attacker could use this to  
cause a denial of service (system crash). (CVE-2023-32248)

It was discovered that the kernel->user space relay implementation in the  
Linux kernel did not properly perform certain buffer calculations, leading  
to an out-of-bounds read vulnerability. A local attacker could use this to  
cause a denial of service (system crash) or expose sensitive information  
(kernel memory). (CVE-2023-3268)

It was discovered that the Qualcomm EMAC ethernet driver in the Linux  
kernel did not properly handle device removal, leading to a user-after free  
vulnerability. A physically proximate attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-33203)

It was discovered that the BQ24190 charger driver in the Linux kernel did  
not properly handle device removal, leading to a user-after free  
vulnerability. A physically proximate attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-33288)

It was discovered that the video4linux driver for Philips based TV cards in  
the Linux kernel contained a race condition during device removal, leading  
to a use-after-free vulnerability. A physically proximate attacker could  
use this to cause a denial of service (system crash) or possibly execute  
arbitrary code. (CVE-2023-35823)

It was discovered that the SDMC DM1105 PCI device driver in the Linux  
kernel contained a race condition during device removal, leading to a use-  
after-free vulnerability. A physically proximate attacker could use this to  
cause a denial of service (system crash) or possibly execute arbitrary  
code. (CVE-2023-35824)

It was discovered that the Renesas USB controller driver in the Linux  
kernel contained a race condition during device removal, leading to a use-  
after-free vulnerability. A privileged attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-35828)

It was discovered that the Rockchip Video Decoder IP driver in the Linux  
kernel contained a race condition during device removal, leading to a use-  
after-free vulnerability. A privileged attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-35829)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
   linux-image-5.15.0-1025-gkeop   5.15.0-1025.30  
   linux-image-5.15.0-1039-gke     5.15.0-1039.44  
   linux-image-gke                 5.15.0.1039.38  
   linux-image-gke-5.15            5.15.0.1039.38  
   linux-image-gkeop               5.15.0.1025.24  
   linux-image-gkeop-5.15          5.15.0.1025.24

Ubuntu 20.04 LTS:  
   linux-image-5.15.0-1025-gkeop   5.15.0-1025.30~20.04.1  
   linux-image-5.15.0-1039-gcp     5.15.0-1039.47~20.04.1  
   linux-image-5.15.0-1039-gke     5.15.0-1039.44~20.04.1  
   linux-image-gcp                 5.15.0.1039.47~20.04.1  
   linux-image-gke-5.15            5.15.0.1039.44~20.04.1  
   linux-image-gkeop-5.15          5.15.0.1025.30~20.04.21

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-6311-1  
   CVE-2022-4269, CVE-2022-48502, CVE-2023-0597, CVE-2023-1611,  
   CVE-2023-1855, CVE-2023-1990, CVE-2023-2002, CVE-2023-2124,  
   CVE-2023-2163, CVE-2023-2194, CVE-2023-2235, CVE-2023-2269,  
   CVE-2023-23004, CVE-2023-28466, CVE-2023-30772, CVE-2023-3141,  
   CVE-2023-32248, CVE-2023-3268, CVE-2023-33203, CVE-2023-33288,  
   CVE-2023-35823, CVE-2023-35824, CVE-2023-35828, CVE-2023-35829

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1039.44  
   https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1025.30  
   https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1039.47~20.04.1  
   https://launchpad.net/ubuntu/+source/linux-gke-5.15/5.15.0-1039.44~20.04.1  
   https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1025.30~20.04.1

Ubuntu Security Notice USN-6311-1

Mozilla Firefox only stores up to 1024 HSTS entries. When the limit is reached, Firefox discards entries based on their age and recent visits to the domain in question.

    # VULNERABILITYMozilla Firefox only stores up to 1024 HSTS entries.When the limit is reached, Firefox discards entries based on their age and recent visits to the domain in question.# IMPACTThe HSTS header ensures that once a page has been visited, the browser will attempt to connect to it using HTTPS.The limit means that Firefox effectively does not store any further HSTS headers, as new ones permanently override each other.Sites without HSTS protection are vulnerable to machine-in-the-middle attacks, especially downgrade attacks such as SSL Stripping.# MORETo find out if you are affected, check the number of HSTS entries:* Linux: `wc -l ~/.mozilla/firefox/{profile}/SiteSecurityServiceState.txt`* Windows: `find /c /v " " ".\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}\SiteSecurityServiceState.txt"`This behavior was first reported by Sheila Ayelen Berta and Sergio De Los Santos at Black Hat Europe 2017.I filed a bug report in February 2023 that is currently being worked on.# REFERENCES* Bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1818984* Mastodon thread: https://infosec.exchange/@kpwn/110010433703922665* Blog post: https://kpwn.de/2023/03/http-strict-transport-security/#1-the-limited-number-of-hsts-entries* Black Hat Europe 2017: Breaking Out HSTS (and HPKP) On Firefox, IE/Edge and (Possibly) Chrome   * Slides: https://www.blackhat.com/docs/eu-17/materials/eu-17-Berta-Breaking-Out-HSTS-And-HPKP-On-Firefox-IE-Edge-And-Possibly-Chrome.pdf   * Talk: https://www.youtube.com/watch?v=dPnU9_pXJ5k

Mozilla Firefox HSTS Enty Limit

Red Hat Security Advisory 2023-4829-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:4829-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4829  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-3090 CVE-2023-35788   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.2):

Source:  
kpatch-patch-4_18_0-193_100_1-1-3.el8_2.src.rpm  
kpatch-patch-4_18_0-193_105_1-1-2.el8_2.src.rpm  
kpatch-patch-4_18_0-193_109_1-1-1.el8_2.src.rpm  
kpatch-patch-4_18_0-193_98_1-1-4.el8_2.src.rpm

ppc64le:  
kpatch-patch-4_18_0-193_100_1-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_100_1-debuginfo-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_100_1-debugsource-1-3.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_105_1-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_105_1-debuginfo-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_105_1-debugsource-1-2.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_109_1-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_109_1-debuginfo-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_109_1-debugsource-1-1.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_98_1-1-4.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_98_1-debuginfo-1-4.el8_2.ppc64le.rpm  
kpatch-patch-4_18_0-193_98_1-debugsource-1-4.el8_2.ppc64le.rpm

x86_64:  
kpatch-patch-4_18_0-193_100_1-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_100_1-debuginfo-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_100_1-debugsource-1-3.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_105_1-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_105_1-debuginfo-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_105_1-debugsource-1-2.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_109_1-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_109_1-debuginfo-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_109_1-debugsource-1-1.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_98_1-1-4.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_98_1-debuginfo-1-4.el8_2.x86_64.rpm  
kpatch-patch-4_18_0-193_98_1-debugsource-1-4.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gYVAAoJENzjgjWX9erEj64QAJPfJ5aRgX5gceh3xbczSAkW  
MYAsn7R+1qq7AZfJnypf2gOAIZkSwDDgs27+IU7w3Dspq5GAVnHUamASSzZeB+ID  
R9/Ri5Fhpeld7qDF2Whpt6eAykOnnmzg6HeFjy7E2n0iVjBS5YRdBGZizJ+BkugL  
w6RQOX/3IKN98OTmXUgwMYmFxPAZiWfAMMHApc0WbDQGkADQqPcnaoY/vm0i71Q1  
18JWXXmxw9azEAJopcXbaLMtWqnmUgeKZqqtujyNQ8FyzJHaFwnB4eHydbFGDXDm  
FM0nmHH5hqrE67HHiaOr7kZK40PKPuKIXBeuvQrK8UTKXaLE1TqmUeo8yDY0zHPs  
zO9qkQs2dKUoXtvNjLC0++IEowqRGoV2q4Ukyu0CnesiVMBkr7Cs8Jbb4CWFGRlY  
2WgQQIl/GV/HSJLd+1A/d/46BfBURGuZyob6DlTxcHJDJX8uxKNoCRl0DhIu4aiL  
akYrJIsneRU/OlTq2SUQXFIu7cjrOD0dPF2I6LlSDpfLafty+AosT2aDxUJb/c/t  
qeytDk8B3DJKAZ7AelYy1nrBXxyrI3JJX+m8epbwVv0fHOj5Noz5xyiEBMdH05yN  
A1aX9wGjWZOeXZkkWUISrYKM13s2nV70lusGpDiT6z6f9GVrAvSyE9Ttx9iVGvnc  
vhDuB0pZtfjkdqrv3Umu  
=1Hwz  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4829-01

Ubuntu Security Notice 6309-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.

==========================================================================  
Ubuntu Security Notice USN-6309-1  
August 28, 2023

linux, linux-aws, linux-lts-xenial vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux: Linux kernel  
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems  
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

Zheng Zhang discovered that the device-mapper implementation in the Linux  
kernel did not properly handle locking during table_clear() operations. A  
local attacker could use this to cause a denial of service (kernel  
deadlock). (CVE-2023-2269)

It was discovered that a use-after-free vulnerability existed in the HFS+  
file system implementation in the Linux kernel. A local attacker could  
possibly use this to cause a denial of service (system crash).  
(CVE-2023-2985)

It was discovered that the DVB Core driver in the Linux kernel did not  
properly handle locking events in certain situations. A local attacker  
could use this to cause a denial of service (kernel deadlock).  
(CVE-2023-31084)

It was discovered that the virtual terminal driver in the Linux kernel  
contained a use-after-free vulnerability. A local attacker could use this  
to cause a denial of service (system crash) or possibly expose sensitive  
information (kernel memory). (CVE-2023-3567)

It was discovered that the Quick Fair Queueing network scheduler  
implementation in the Linux kernel contained an out-of-bounds write  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2023-3611)

It was discovered that the network packet classifier with  
netfilter/firewall marks implementation in the Linux kernel did not  
properly handle reference counting, leading to a use-after-free  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2023-3776)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   linux-image-4.4.0-1160-aws      4.4.0-1160.175  
   linux-image-4.4.0-244-generic   4.4.0-244.278  
   linux-image-4.4.0-244-lowlatency  4.4.0-244.278  
   linux-image-aws                 4.4.0.1160.164  
   linux-image-generic             4.4.0.244.250  
   linux-image-generic-lts-xenial  4.4.0.244.250  
   linux-image-lowlatency          4.4.0.244.250  
   linux-image-lowlatency-lts-xenial  4.4.0.244.250  
   linux-image-virtual             4.4.0.244.250  
   linux-image-virtual-lts-xenial  4.4.0.244.250

Ubuntu 14.04 LTS (Available with Ubuntu Pro):  
   linux-image-4.4.0-1122-aws      4.4.0-1122.128  
   linux-image-4.4.0-244-generic   4.4.0-244.278~14.04.1  
   linux-image-4.4.0-244-lowlatency  4.4.0-244.278~14.04.1  
   linux-image-aws                 4.4.0.1122.119  
   linux-image-generic-lts-xenial  4.4.0.244.212  
   linux-image-lowlatency-lts-xenial  4.4.0.244.212  
   linux-image-virtual-lts-xenial  4.4.0.244.212

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-6309-1  
   CVE-2023-2269, CVE-2023-2985, CVE-2023-31084, CVE-2023-3567,  
   CVE-2023-3611, CVE-2023-3776

Ubuntu Security Notice USN-6309-1

Red Hat Security Advisory 2023-4834-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:4834-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4834  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-35788   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

6. Package List:

Red Hat Enterprise Linux Server (v. 7):

Source:  
kpatch-patch-3_10_0-1160_83_1-1-3.el7.src.rpm  
kpatch-patch-3_10_0-1160_88_1-1-2.el7.src.rpm  
kpatch-patch-3_10_0-1160_90_1-1-2.el7.src.rpm  
kpatch-patch-3_10_0-1160_92_1-1-2.el7.src.rpm  
kpatch-patch-3_10_0-1160_95_1-1-1.el7.src.rpm

ppc64le:  
kpatch-patch-3_10_0-1160_83_1-1-3.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_83_1-debuginfo-1-3.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_88_1-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_88_1-debuginfo-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_90_1-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_90_1-debuginfo-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_92_1-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_92_1-debuginfo-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_95_1-1-1.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1160_95_1-debuginfo-1-1.el7.ppc64le.rpm

x86_64:  
kpatch-patch-3_10_0-1160_83_1-1-3.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_83_1-debuginfo-1-3.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_88_1-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_88_1-debuginfo-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_90_1-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_90_1-debuginfo-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_92_1-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_92_1-debuginfo-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_95_1-1-1.el7.x86_64.rpm  
kpatch-patch-3_10_0-1160_95_1-debuginfo-1-1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gYFAAoJENzjgjWX9erEAOwP/R4VqUFSzhXvTuGPnh1UY2gz  
YUNcx4dqr5dS4LyCVy8nfJNoQjtEmfT4cW+mTAVzU4IT9BayE7EfDWPe1elBIWFD  
n2dXiOMgUlmsPYto+MG+/9E9aHzgntfgS7OLFFcV8j5sM6hEt2yis9r6nbsnwvrg  
NCiiaqqt9J/LOkoEZv78bWdFUFsDtKqrokDLMqQpdADbmiJhdte8QscxvGLGnoDF  
FWoytwFNtG9dnfTg5c2JVHaV0L3cIlJQHKqeWXa92o69QyBa/qI5QMTSZdr8axGC  
vDTLNY/+ar0INQibFjFc6ndSBdkwn5LyFjHqN8RaBxqvaNnRsg4cO0GceOHgne3D  
SrhdVTv0Q0Eycp7vAIZ7f6VSP1z7sncyQCx3z0PJHe+VSRoK6VuuDR+pA4JSQOIh  
R8lFNd1ynGnPWMWCRD9BWN5bpLdoLu0u+aqBi3lrvzzIBI1w1rieYghLfYTWtjhl  
W/p8eLbrH6lGK3T7rBkLAStVcEBQKoyedOA6msvZaB4uEebWv5wbOxKE0/wJER/z  
2DHOaYnrJrFuaeLV7ZXa5zzUMPQipEfsekt83XFsCEJ2GCDhMMj2BGPdnh5VXl2q  
srg01YT3qfhYcoZg8RFvvr37yoY2y94qG5AIKCWszqif7BIzSSeIw1/h0jmEOBfM  
we/jM1uzN+eti7Ae5eLt  
=JD0P  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4834-01

Red Hat Security Advisory 2023-4838-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: cups security update  
Advisory ID:       RHSA-2023:4838-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4838  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-32360   
=====================================================================

1. Summary:

An update for cups is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Common UNIX Printing System (CUPS) provides a portable printing layer  
for Linux, UNIX, and similar operating systems.

Security Fix(es):

* cups: Information leak through Cups-Get-Document operation  
(CVE-2023-32360)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the cupsd service will be restarted  
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2230495 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

aarch64:  
cups-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-client-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-devel-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm

noarch:  
cups-filesystem-2.3.3op2-16.el9_2.1.noarch.rpm

ppc64le:  
cups-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-client-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-devel-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm

s390x:  
cups-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-client-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-devel-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm

x86_64:  
cups-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-client-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-devel-2.3.3op2-16.el9_2.1.i686.rpm  
cups-devel-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
cups-2.3.3op2-16.el9_2.1.src.rpm

aarch64:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.aarch64.rpm

ppc64le:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.ppc64le.rpm

s390x:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.s390x.rpm

x86_64:  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-client-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.i686.rpm  
cups-debugsource-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-ipptool-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-libs-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-lpd-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.i686.rpm  
cups-printerapp-debuginfo-2.3.3op2-16.el9_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-32360  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gXxAAoJENzjgjWX9erEwvAP/3JfxHX3I/fgKmbWmJlnDrP/  
m5pFGTBAGR4CDbdnKNcz+hBfM3qk0ddeS2ghmmDlkFQcuZXUklLrmI6pTSJLjjhd  
4XiQ991QquAz7fqHPTcLgshTOH/uexSRI0Me7TnGjdoxt/Oz+XGTq5ZR9B5vmK/l  
NCWloH4u6fDqre1WYWjD/ymuYrMBJyCelYvbYPGSRyPI/V31cSsnkyMfC5f6JeYE  
x4oFSdGnFQmABzrjDsKLAd5AjQWp57I95zIbKX1m5XQqgCN6zYDTM6p1aDzkwXVw  
JXKvDhBUGFIyzSyR8odCxfI79GPW2zXoEesqFcL7qns87cII9wWRNWNdw7RSbhCC  
oELNJs7ChEtD+bByCkgDH5sxs3s/gAfz/ToTL+FTJDOgHG5yBzrPDSpPnyPMXg5v  
fAFP3rLhO9ec3prL4jg1Ob3lErkhPycaLWff+rDLQJq3Z1p/krEpNuLPgafBKFO0  
Hl7mJG8SRmmcZrwTN0nBtwJLkTo0BNpw39Y32gJYPqWJhW/q2SJWPrVtTYjZl/zz  
YnZ5KjMoaSy4gDysLZkus9kwU9N/0qnvhZ3PYASrE2QPv9s1SAMcQ4u/TwL4mziY  
YhbwJ/HFz4ohYntvKJu2/Lhgwfk2SxwiFnIHDJGJgioko9W2bwzKUKt8hpfL9VAu  
nn0JFxMl182anO4YZQig  
=QX7X  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4838-01

Red Hat Security Advisory 2023-4809-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: librsvg2 security update  
Advisory ID:       RHSA-2023:4809-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4809  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-38633   
=====================================================================

1. Summary:

An update for librsvg2 is now available for Red Hat Enterprise Linux 9.0  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

The librsvg2 packages provide a Scalable Vector Graphics (SVG) library  
based on the libart library.

Security Fix(es):

* librsvg: Arbitrary file read when xinclude href has special characters  
(CVE-2023-38633)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2224945 - CVE-2023-38633 librsvg: Arbitrary file read when xinclude href has special characters

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.9.0):

Source:  
librsvg2-2.50.7-1.el9_0.1.src.rpm

aarch64:  
librsvg2-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.aarch64.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.aarch64.rpm

ppc64le:  
librsvg2-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.ppc64le.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.ppc64le.rpm

s390x:  
librsvg2-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.s390x.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.s390x.rpm

x86_64:  
librsvg2-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-debuginfo-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-debugsource-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-devel-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-tools-2.50.7-1.el9_0.1.x86_64.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.i686.rpm  
librsvg2-tools-debuginfo-2.50.7-1.el9_0.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-38633  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gXmAAoJENzjgjWX9erEsuAP/3JsqjZLcYlnCCj8LFj12VF1  
szOqxtD0x+s6/0OoSh1ry7x+ReJ4Hl3bE3XMDiNV+KQOZIbi7rgXPk/V44LA1+Su  
g+1h3xasJluKb2TdjGJL6E3bTj1M8jRV2HERzZbQ5xAROZ1Opiv9LeCyljxYUBf2  
jTH+WIpkw8n3kk0YEluQCvXl64PJNZbJKBFdWrvtaQ1r78NDF1nSe8D/b28FPx9c  
C+QHAiFmHNpiY/9Wq3fRocJwuClbKPKzFDs0V40+R54YosRSZfVGf/4N4Ndi7do2  
BnohX13NMZmX6GuyQE2dZVpCkUaHipj83m2WNOsWH4siT5OjcC02CibQ+lAcrJm2  
rps6AWTtLoO5509dHM8EHGGU1LCndJD5DZUkg6mu3hyuClcRK5nWXLrSYAQVez4y  
YGbraHyc/1TzSN6XsWXCbr0q+8u5nhu908WSLpvxyzehZkcypAu4+mEFIcfd1nIy  
k0WrQ7uZOEpcVNZUw9vh8Dc8fzm4KHlpOqE6s3C0Zzr53kX7bQ3LcCCqs9ourwbL  
oiiHXf6L7O/rqqJ4HaTwkVJtZQjCJRfBQ9g66fSYR9YbXOZiIXovR65MZKVl2kqK  
JQR51S7JIkwcSjLtVkU89PNrHmvPIGIpJInFO7E3NoO/tYxsE3vsFtUwiqQVnzb+  
JGYUfd0wZA8/0AQ4BwYc  
=CYlx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4809-01

ImgHosting version 1.2 suffers from a cross site scripting vulnerability.

**ImgHosting 1.2 Cross Site Scripting**

Posted Aug 29, 2023

Authored by indoushka

ImgHosting version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 3e0de4ff80dc516a1abe50185e5807a1e503d782b2cd24457e01031368191dc0

Download | Favorite | View

**ImgHosting 1.2 Cross Site Scripting**

    ====================================================================================================================================| # Title     : ImgHosting v1.2 XSS Vulnerability                                                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | | # Vendor    : https://codecanyon.net/user/FoxSash/?ref=FoxSash                                                                   |  | # Dork      : "ImgHosting  Programming by FoxSash"                                                                               |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : ?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+] http://127.0.0.1/pikhostinom/?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (82,046)
*   Arbitrary (16,219)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,283)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,348)
*   DoS (23,460)
*   Encryption (2,370)
*   Exploit (52,001)
*   File Inclusion (4,225)
*   File Upload (976)
*   Firewall (821)
*   Info Disclosure (2,788)
*   Intrusion Detection (892)
*   Java (3,045)
*   JavaScript (859)
*   Kernel (6,694)
*   Local (14,460)
*   Magazine (586)
*   Overflow (12,693)
*   Perl (1,423)
*   PHP (5,149)
*   Proof of Concept (2,339)
*   Protocol (3,603)
*   Python (1,535)
*   Remote (30,816)
*   Root (3,587)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,640)
*   Security Tool (7,891)
*   Shell (3,187)
*   Shellcode (1,215)
*   Sniffer (895)
*   Spoof (2,207)
*   SQL Injection (16,394)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (666)
*   Vulnerability (31,796)
*   Web (9,671)
*   Whitepaper (3,750)
*   x86 (962)
*   XSS (17,973)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,925)
*   Debian (6,822)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,543)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,777)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,844)
*   UNIX (9,301)
*   UnixWare (186)
*   Windows (6,579)
*   Other

ImgHosting 1.2 Cross Site Scripting

Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2023:4817-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4817  
Issue date:        2023-08-29  
CVE Names:         CVE-2023-2124 CVE-2023-3090 CVE-2023-35788   
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2  
Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time TUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb  
(CVE-2023-3090)

* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
(CVE-2023-35788)

* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update RT source tree to the RHEL-8.2.z28 source tree  
(BZ#2228917)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2187439 - CVE-2023-2124 kernel: OOB access in the Linux kernel's XFS subsystem  
2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()  
2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

6. Package List:

Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm

Red Hat Enterprise Linux Real Time TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2124  
https://access.redhat.com/security/cve/CVE-2023-3090  
https://access.redhat.com/security/cve/CVE-2023-35788  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk7gWXAAoJENzjgjWX9erEuIAQAJLSO6VWBhkvMH9tC7wvr0k0  
UzL+aiaRvz1gxoNAG6SU9nFmT5VUCJl2GzCB+DbHocY/rYLsuiySLC5u3C2DvD0A  
Iy6GM0wHqqwzXOFIFV+vJGVZLWRQTwwiyzB4ajz/s80MDiEosqEBGaKH8bfJvttI  
hU2ZKcp+nN89e4XzILhU4okeePl01qUk4kMXjP4Zpe0NApRG0G6AagkVfkl1wrYR  
7rcHY4jcmEDjoTjPPPtrBIX2H+j4t/Y65se3NV3zf3P6gdhV6KWK5ubz8qGupa/d  
5u7mIYZLoDzdFVYoubvNwy8haqjKYEE/n7sfPxoQoA74JngJecSHIbp/Whq7WeT0  
zgGnIxGOUomJkSup+bIXv7xqWETvB4fCBl7lyvlFDP8zntG+nCZDgvZITy4EzRqg  
MU/oYJW2uHQKBG3rW3GYRUeO4QqYw0nfRffKFo7bk/ctsDGnuRHev8tdwAypqsk5  
KTu5gItO9SZfrdGYto/uMi03zPd3A05DuqwGbrQtY6yl3jsXdOd2659i2r8Ywx9f  
vzMU460ByrzUJeW3dR1S/+dbsYdCVsFxxWC2ANNBB9INmwyKyFjBd0JqeNwIs3c6  
nBQ8X6I12B4vGq8QA07YqVW1oi4P0KLfbDQB81o2Oa5MWp1ljtBGVwFCdTX2KX7K  
7cevgMNGsL8GsWzgIDNy  
=wJQe  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux