Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers.

The persistence and spread of a newly identified botnet targeting private Minecraft Java servers has far wider ramifications for enterprises than bumming out a Biome.

Microsoft researchers revealed in a report published Dec. 16 that this new botnet is used to launch distributed denial-of-service (DDoS) attacks on Minecraft servers, which might sound like kid stuff. But enterprises should take note because of the botnet's ability to target both Windows and Linux devices, spread quickly, and avoid detection, the Microsoft team added.

It starts with a user downloading a malicious downloads of "cracked" Windows licenses.

"The botnet spreads by enumerating default credentials on internet-exposed Secure Shell (SSH)-enabled devices," the Defender team reported. "Because IoT devices are commonly enabled for remote configuration with potentially insecure settings, these devices could be at risk to attacks like this botnet."

The threat researchers suggest that organizations harden their device networks against these kinds of threats.

The group's analysis revealed most of the infected devices were in Russia.

**Enterprises Beware**

Factors including the sheer number of potential server targets and the general lack of cybersecurity protections on private Minecraft servers make this botnet something security teams should take seriously, Patrick Tiquet, vice president of security architecture at Keeper Security, tells Dark Reading.

"The concern in this scenario is that there are a large number of servers that can potentially be compromised and then weaponized against other systems, including enterprise assets," Tiquet explains. "Gaming servers such as Minecraft are typically managed by private individuals who may or may not be interested in or capable of patching and following cybersecurity best-practices. As a result, this vulnerability could continue unmitigated on a large scale for an extended period of time and could potentially be leveraged to target enterprises in the future."

Beyond this particular malware, Microsoft's recommendations are a good idea for protecting the enterprise from all sorts of botnets besides just the Minecraft-focused sort, according to Vulcan Cyber's Mike Parkin.

"They're industry best practices — restricting access, changing default passwords to strong ones, enabling multifactor authentication, etc. — and should be implemented regardless," Parkin says. "While some of the techniques can be challenging to implement on some low-power IoT devices, deploying to best practices is the absolute minimum that should be happening."

New Botnet Targeting Minecraft Servers Poses Potential Enterprise Threat

By Waqas
Dubbed "MCCrash" by Microsoft, the DDoS botnet is currently targeting private Minecraft servers globally.
This is a post from HackRead.com Read the original post: Microsoft Alert: DDoS Botnet Hit Private Minecraft Servers

According to Microsoft, this is an unusual DDoS botnet boasting a unique design that lets it infiltrate Linux systems despite the malware being downloaded from Windows devices.

Remember when, **earlier in January this year**, a massive DDoS attack targeted a Minecraft event, which took down the internet service of the entire country of Andora? Well, now, a new threat has surfaced, whose target is, yet again, Minecraft servers.

Microsoft has published a warning about a cross-platform botnet designed to launch **DDoS attacks** (distributed denial of service attacks) against private Minecraft servers.

MCCrash botnet targets users in Russia, Belarus, Czechia, Ukraine, Uzbekistan, Italy, Nigeria, India, Cameroon, Indonesia, Columbia, and Mexico. Microsoft is tracking the botnet’s activities under the moniker DEV-1028.

**MCCrash Capabilities**

According to Microsoft researchers David Atch, Maayan Shaul, Mae Dotan, Yuval Gordon, and Ross Bevington, this is an unusual botnet boasting a unique design that lets it **infiltrate Linux systems** despite the fact that the malware is downloaded from Windows devices.

When the malware is removed from the infected device, the MCCrash mechanism allows it remains persistent on the unmanaged IoT devices connected to the network and keep operating.

**How Does MCCrash Spread?**

MCCrash spread by numbering default credentials on internet-exposed SSH (secure shell) enabled devices. Since **IoT devices** are usually designed for remote configuration with insecure settings, these devices can be at risk of botnet attacks.

Microsoft didn’t disclose the exact scope of this campaign. The company noted that the botnet’s initial infection point is an array of compromised machines, which it infected using **cracking tools** that promise illegal Windows licenses. The software then executes a Python payload containing the core features of the botnet.

This includes scanning for SSH-enabled Linux devices to launch a dictionary attack. When the Linux host is breached through the propagation method, the same Python payload runs DDoS commands, one of which **attacks explicitly Minecraft servers** and crashes them. Microsoft claims it is highly effective and could be offered as a service on hacking forums.

Screenshot 1 shows cracking tools used to spread the DDoS botnet – Screenshot 2: The DDoS botnet attack flow (Credit: Microsoft)

“This type of threat stresses the importance of ensuring that organizations manage, keep up to date, and monitor not just traditional endpoints but also IoT devices that are often less secure,” Microsoft’s **blog post** noted.

1.  **Minecraft declared the most malware-infected game**
2.  **Malware-infected Minecraft modpacks hit Google Play Store**
3.  **RapperBot malware targets gaming servers with DDoS attacks**
4.  **50,000 Minecraft users infected with hard drive wiping malware**
5.  **Malicious Minecraft apps on Play Store scamming millions of users**

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Microsoft Alert: DDoS Botnet Hit Private Minecraft Servers

Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.

Security updates available for Adobe Campaign Classic | APSB22-58

**Summary**

Adobe has released security updates for Adobe Campaign Classic. This update addresses an important vulnerability that could result in privilege escalation.  
  

**Affected versions**

**Product**

**Affected version**

**Platform**

Adobe Campaign Classic  

ACC v7: 7.3.1 and below

ACC v8: 8.3.9 and below

Windows, Linux

**Solution**

Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:

**Product**

**Updated version**

**Platform**

**Priority rating**

**Availability**

Adobe Campaign Classic  

ACC v7: 7.3.2

ACC v8: 8.4.2

Windows and Linux

3

Release 7 Notes

Release 8 Notes

**Vulnerability Details**

Improper Input Validation (CWE-20)  

**Acknowledgments**

Adobe would like to thank **Felix Martel-Denis - Software Secured** for reporting this issue and for working with Adobe to help protect our customers.

CVE-2022-42343: Adobe Security Bulletin

Red Hat Security Advisory 2022-9073-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: nodejs:16 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:9073-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9073  
Issue date:        2022-12-15  
CVE Names:         CVE-2021-44531 CVE-2021-44532 CVE-2021-44533  
                   CVE-2021-44906 CVE-2022-3517 CVE-2022-21824  
                   CVE-2022-43548  
====================================================================  
1. Summary:

An update for the nodejs:16 module is now available for Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Node.js is a software development platform for building fast and scalable  
network applications in the JavaScript programming language.

The following packages were updated to later upstream versions: nodejs  
(16.18.1), nodejs-nodemon (2.0.20).

Security Fix(es):

* nodejs: Improper handling of URI Subject Alternative Names  
(CVE-2021-44531)

* nodejs: Certificate Verification Bypass via String Injection  
(CVE-2021-44532)

* nodejs: Incorrect handling of certificate subject and issuer fields  
(CVE-2021-44533)

* minimist: prototype pollution (CVE-2021-44906)

* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)

* nodejs: DNS rebinding in inspect via invalid octal IP address  
(CVE-2022-43548)

* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* nodejs:16/nodejs: Packaged version of undici does not fit with declared  
version. [rhel-8] (BZ#2151625)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2040839 - CVE-2021-44531 nodejs: Improper handling of URI Subject Alternative Names  
2040846 - CVE-2021-44532 nodejs: Certificate Verification Bypass via String Injection  
2040856 - CVE-2021-44533 nodejs: Incorrect handling of certificate subject and issuer fields  
2040862 - CVE-2022-21824 nodejs: Prototype pollution via console.table properties  
2066009 - CVE-2021-44906 minimist: prototype pollution  
2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function  
2140911 - CVE-2022-43548 nodejs: DNS rebinding in inspect via invalid octal IP address  
2142806 - nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-8] [rhel-8.7.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74.src.rpm  
nodejs-nodemon-2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src.rpm  
nodejs-packaging-25-1.module+el8.5.0+10992+fac5fe06.src.rpm

aarch64:  
nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64.rpm  
nodejs-debuginfo-16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64.rpm  
nodejs-debugsource-16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64.rpm  
nodejs-devel-16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64.rpm  
nodejs-full-i18n-16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64.rpm  
npm-8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64.rpm

noarch:  
nodejs-docs-16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch.rpm  
nodejs-nodemon-2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch.rpm  
nodejs-packaging-25-1.module+el8.5.0+10992+fac5fe06.noarch.rpm

ppc64le:  
nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm  
nodejs-debuginfo-16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm  
nodejs-debugsource-16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm  
nodejs-devel-16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm  
nodejs-full-i18n-16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm  
npm-8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le.rpm

s390x:  
nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x.rpm  
nodejs-debuginfo-16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x.rpm  
nodejs-debugsource-16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x.rpm  
nodejs-devel-16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x.rpm  
nodejs-full-i18n-16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x.rpm  
npm-8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x.rpm

x86_64:  
nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64.rpm  
nodejs-debuginfo-16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64.rpm  
nodejs-debugsource-16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64.rpm  
nodejs-devel-16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64.rpm  
nodejs-full-i18n-16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64.rpm  
npm-8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-44531  
https://access.redhat.com/security/cve/CVE-2021-44532  
https://access.redhat.com/security/cve/CVE-2021-44533  
https://access.redhat.com/security/cve/CVE-2021-44906  
https://access.redhat.com/security/cve/CVE-2022-3517  
https://access.redhat.com/security/cve/CVE-2022-21824  
https://access.redhat.com/security/cve/CVE-2022-43548  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5uhBdzjgjWX9erEAQhbZw//eRrw7Ef247fnaUY49eqgPyugkIkRUb6t  
rRh40ufGuAgZyhgnccN/C107dF5flibRgXil+pBGlUZSP2ZqTT/EaSrayWF4HYbr  
Zv28k3bDl1j6SswO2/wMt8AsiT0WXmwlPqsIMETIuiO6V4LK7L7sIQZdFd2RSgUo  
gzvGwkYQ1EXTXjp22n3mXn5/YMRszpcGZRT/XjU89s0OVgtZRr/MvFky+73pPXIT  
GhsNJxaPorlRAfNb5A2mI4g58Pg5Oml/Gs+FBMRZSiseJ3MZPK63PDlkSCoi9VH4  
PYKO//mymwdLnKs31IP54UgH9mxwCXAicTuKkCwtsPx58RBaamRvBZc85VglSnUh  
3Ion7Akq55rrGzvcThpJplcxzIYKB3D+ncrhCMXkkYbF0TmRMRBynTJ2hA0U7f/X  
Ef3MukJrYBgGwheEL5h76q5SOtZtNKxQdYk8a6uZu1GXy0AwyCyEfJe5bTTWnhDs  
2torYPJ9kVvIc+q857EjopwR2DfzrXZP/FdHXBE+gJb19Lef2YDQ4ygOHb+ags5/  
0FCXtruBg0MDH9NG5Io38ObZwwp3DW7mTeFDkXSJ5ns+eAoTLKSwAx8VJU/Afddb  
wjVeaGn6CME9Z6ZtrjG8FV+k+jGqWbQ0ccvh4G+4CroL5dU9MYYLGJZpWG4yDB8t  
qPWYIbnTsDI=cObr  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9073-01

Red Hat Security Advisory 2022-9068-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:9068-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9068  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-46872 CVE-2022-46874 CVE-2022-46878  
                   CVE-2022-46880 CVE-2022-46881 CVE-2022-46882  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 102.6.0 ESR.

Security Fix(es):

* Mozilla: Arbitrary file read from a compromised content process  
(CVE-2022-46872)

* Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird  
102.6 (CVE-2022-46878)

* Mozilla: Use-after-free in WebGL (CVE-2022-46880)

* Mozilla: Memory corruption in WebGL (CVE-2022-46881)

* Mozilla: Drag and Dropped Filenames could have been truncated to  
malicious extensions (CVE-2022-46874)

* Mozilla: Use-after-free in WebGL (CVE-2022-46882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2153441 - CVE-2022-46872 Mozilla: Arbitrary file read from a compromised content process  
2153449 - CVE-2022-46874 Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions  
2153454 - CVE-2022-46878 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6  
2153463 - CVE-2022-46880 Mozilla: Use-after-free in WebGL  
2153466 - CVE-2022-46881 Mozilla: Memory corruption in WebGL  
2153467 - CVE-2022-46882 Mozilla: Use-after-free in WebGL

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
firefox-102.6.0-1.el8_6.src.rpm

aarch64:  
firefox-102.6.0-1.el8_6.aarch64.rpm  
firefox-debuginfo-102.6.0-1.el8_6.aarch64.rpm  
firefox-debugsource-102.6.0-1.el8_6.aarch64.rpm

ppc64le:  
firefox-102.6.0-1.el8_6.ppc64le.rpm  
firefox-debuginfo-102.6.0-1.el8_6.ppc64le.rpm  
firefox-debugsource-102.6.0-1.el8_6.ppc64le.rpm

s390x:  
firefox-102.6.0-1.el8_6.s390x.rpm  
firefox-debuginfo-102.6.0-1.el8_6.s390x.rpm  
firefox-debugsource-102.6.0-1.el8_6.s390x.rpm

x86_64:  
firefox-102.6.0-1.el8_6.x86_64.rpm  
firefox-debuginfo-102.6.0-1.el8_6.x86_64.rpm  
firefox-debugsource-102.6.0-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-46872  
https://access.redhat.com/security/cve/CVE-2022-46874  
https://access.redhat.com/security/cve/CVE-2022-46878  
https://access.redhat.com/security/cve/CVE-2022-46880  
https://access.redhat.com/security/cve/CVE-2022-46881  
https://access.redhat.com/security/cve/CVE-2022-46882  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5uhDNzjgjWX9erEAQhCGhAAh9wrK1g4NxDEWTLQCDfBdEB13B24d9wk  
qBp3q/1HGrAGs6XxN+GhUmfXlimGGtpca4Fcp6+qkRAQSQwGpGkd8fpJbK7Zxgqi  
68pfB7069vlUI7+ed4OAZSaMi10uhPXlvHL94W2cxaRPjlfOY1xibOXXEuwH7ht1  
mrXbml9zDiU6JjzrqEaCtJ4P7VpMRB9JVD23WNN4HHGkB/dQ14lKhreQuhZtDlLe  
csEMm+XCtlTT/xsUxWtEK8mtsW6NQI33OXsSn1WngOIekeqrZ4nB1xq6xiYeEmh0  
JnEKacDLZYyeGviXnAVQ3cw3zkvnO2O56MCFNU1mrsf0hy4m4mW9pvEGrYhT3Xyy  
NWVDpqeoLTCzMggwIZ6XfwnRDSEjSCnqZd2d0dEUTmiSweiWrHUxYHt+tGdKt8Sh  
wKlD39NQL0zDBoTbS4w0RxBMN86bbgb+T+qXrdDnzDyRWv8vLXt2XsShWYrlEEzQ  
v7+2KuXWfqz1XRgxu8BWCwtS/FwLZwARBB2RpZ/yOCJUjYw/t6ynued1mGSI1cY1  
Zxb61b2TtI7hYyjJAX5Fqukp/NAXFH6lo760kBK8hUhq4OKe2/Au6sCurGCRHT6W  
fjKUhG+Tz+z+JaSEOsG/JwbATo+AWwYGxYYblxNva7hkZpGMrSdpI/4C6zYxxDda  
RIPXx9yvmhQ=hid3  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9068-01

Red Hat Security Advisory 2022-9082-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and privilege escalation vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2022:9082-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9082  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-1158 CVE-2022-2639 CVE-2022-2959  
                   CVE-2022-43945  
====================================================================  
1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v.9.0) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM  
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region  
(CVE-2022-1158)

* kernel: openvswitch: integer underflow leads to out-of-bounds write in  
reserve_sfa_size() (CVE-2022-2639)

* kernel: watch queue race condition can lead to privilege escalation  
(CVE-2022-2959)

* kernel: nfsd buffer overflow by RPC message over TCP with garbage data  
(CVE-2022-43945)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2069793 - CVE-2022-1158 kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region  
2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()  
2103681 - CVE-2022-2959 kernel: watch queue race condition can lead to privilege escalation  
2141752 - CVE-2022-43945 kernel: nfsd buffer overflow by RPC message over TCP with garbage data

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.9.0):

Source:  
kpatch-patch-5_14_0-70_13_1-1-5.el9_0.src.rpm  
kpatch-patch-5_14_0-70_17_1-1-4.el9_0.src.rpm  
kpatch-patch-5_14_0-70_22_1-1-4.el9_0.src.rpm  
kpatch-patch-5_14_0-70_26_1-1-3.el9_0.src.rpm  
kpatch-patch-5_14_0-70_30_1-1-1.el9_0.src.rpm

ppc64le:  
kpatch-patch-5_14_0-70_13_1-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_13_1-debuginfo-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_13_1-debugsource-1-5.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_17_1-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_17_1-debuginfo-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_17_1-debugsource-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_22_1-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_22_1-debuginfo-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_22_1-debugsource-1-4.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_26_1-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_26_1-debuginfo-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_26_1-debugsource-1-3.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_30_1-1-1.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_30_1-debuginfo-1-1.el9_0.ppc64le.rpm  
kpatch-patch-5_14_0-70_30_1-debugsource-1-1.el9_0.ppc64le.rpm

x86_64:  
kpatch-patch-5_14_0-70_13_1-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_13_1-debuginfo-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_13_1-debugsource-1-5.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_17_1-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_17_1-debuginfo-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_17_1-debugsource-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_22_1-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_22_1-debuginfo-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_22_1-debugsource-1-4.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_26_1-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_26_1-debuginfo-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_26_1-debugsource-1-3.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_30_1-1-1.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_30_1-debuginfo-1-1.el9_0.x86_64.rpm  
kpatch-patch-5_14_0-70_30_1-debugsource-1-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1158  
https://access.redhat.com/security/cve/CVE-2022-2639  
https://access.redhat.com/security/cve/CVE-2022-2959  
https://access.redhat.com/security/cve/CVE-2022-43945  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5ug7NzjgjWX9erEAQjqwA//QXemNcN+JiDPGuKUjrrbsdAd0LHyMg3z  
55HbU3XKWXuj4dxke5ZKfn38dvd84g7fepQpG52W2frPRjkQHhO4Uokta43EcCXc  
RZLKI9jNq3bMvsFPmTZlSFElamz6OTn2ECSgYh8NyrNl3VzHr5hy/eJET3QM1kig  
tsIjjdcP/VNlm41Zs9kdHBqPdV/Nr/aVrjeFgBx/ig3JrP0ePfloWUezVIJD/QQV  
PkWUgGdXNUK2jvlB3AH7iwhRWMGxKbRceEvJZS9yc2S9Hy1M7lj5DZQgt9CU02xU  
aWMxNTcGlVBNsCPgFz2GOXMr5VQebtMkVIMMjOlB8vH0PrlunSy4NWlkZdh/cBc/  
FAHuS8L1Fsl2K8neacBbMpWLTaKteorC0ZbL9ZW5hMmVKLfiecm1Z2L2CYtAb0GG  
u3RwsycRCX0GVzWamlbKn6MLcKgxLtzl1XMd9kHEGRWSb05O9P0ECj0SV7zwDy4o  
3/GoLeAglIzP+sxdAeeK6ocA5zAdHTZM26KI2MYe0yyLR5n/EiO4Lxcs6YCdPP7n  
XGB+vCpV/xS77tzMDafyS/9Gq7cguwn3v5DQQHCQ4Db3n5z3uhAc0QVfSKzaYnkY  
5bTK99gofD8HbC8kHMExNEbVWu6x3yLhtXiOhrQKGLX1dU2UiQyGJmmfwvTzb0+G  
HVA5TRLZ0Ak=Heu4  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9082-01

Red Hat Security Advisory 2022-9075-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:9075-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9075  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-45414 CVE-2022-46872 CVE-2022-46874  
                   CVE-2022-46878 CVE-2022-46880 CVE-2022-46881  
                   CVE-2022-46882  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.6.0.

Security Fix(es):

* Mozilla: Arbitrary file read from a compromised content process  
(CVE-2022-46872)

* Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird  
102.6 (CVE-2022-46878)

* Mozilla: Use-after-free in WebGL (CVE-2022-46880)

* Mozilla: Memory corruption in WebGL (CVE-2022-46881)

* Mozilla: Quoting from an HTML email with certain tags will trigger  
network requests and load remote content, regardless of a configuration to  
block remote content (CVE-2022-45414)

* Mozilla: Drag and Dropped Filenames could have been truncated to  
malicious extensions (CVE-2022-46874)

* Mozilla: Use-after-free in WebGL (CVE-2022-46882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2149868 - CVE-2022-45414 Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content  
2153441 - CVE-2022-46872 Mozilla: Arbitrary file read from a compromised content process  
2153449 - CVE-2022-46874 Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions  
2153454 - CVE-2022-46878 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6  
2153463 - CVE-2022-46880 Mozilla: Use-after-free in WebGL  
2153466 - CVE-2022-46881 Mozilla: Memory corruption in WebGL  
2153467 - CVE-2022-46882 Mozilla: Use-after-free in WebGL

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
thunderbird-102.6.0-2.el8_4.src.rpm

aarch64:  
thunderbird-102.6.0-2.el8_4.aarch64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_4.aarch64.rpm  
thunderbird-debugsource-102.6.0-2.el8_4.aarch64.rpm

ppc64le:  
thunderbird-102.6.0-2.el8_4.ppc64le.rpm  
thunderbird-debuginfo-102.6.0-2.el8_4.ppc64le.rpm  
thunderbird-debugsource-102.6.0-2.el8_4.ppc64le.rpm

s390x:  
thunderbird-102.6.0-2.el8_4.s390x.rpm  
thunderbird-debuginfo-102.6.0-2.el8_4.s390x.rpm  
thunderbird-debugsource-102.6.0-2.el8_4.s390x.rpm

x86_64:  
thunderbird-102.6.0-2.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_4.x86_64.rpm  
thunderbird-debugsource-102.6.0-2.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45414  
https://access.redhat.com/security/cve/CVE-2022-46872  
https://access.redhat.com/security/cve/CVE-2022-46874  
https://access.redhat.com/security/cve/CVE-2022-46878  
https://access.redhat.com/security/cve/CVE-2022-46880  
https://access.redhat.com/security/cve/CVE-2022-46881  
https://access.redhat.com/security/cve/CVE-2022-46882  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5uhFdzjgjWX9erEAQgJoA//dXoxYRc6QpIZumqvdNX8mYhEcYpd18Xv  
hefH1VzXM5q0/uNtGCQMEQ3Jty+RJ8LCgRqSQWBh3M43Oubi2d6qL0S0cq9G1DC4  
LlMMLM359VOTqIQD615Q24GVrwYlZCmOmDlzVqt7ZWBOYmnCXTboosKkGio7AY29  
+jjZEtCYcUDlhkwHmP46eMjpQnsGyD30iRFGDXo2Bh2KhmMUzWWTz6+dMdZ2TKIY  
GBTS+Pxzn7wMDabZc9iYMPbxkU1TEwzBC9P0ZCLK5FlaQSkplfvmTu3/ToecQAkc  
EJUevbeivFsPs4tusrAw7lLRR6gE3ayFXodZ9MmzVDnbG6TI5L/AhcUv7kGJ7hn8  
j+uUHpm/mPU3W4Ux3jQKR5Bl/eEmnHTaw/UMkQP6Z3WFlUJkhIhkFoIX/Xz4BePE  
2yH/nqRxHGwobnPu0wwVmFzqz5x2AXzrFGlxGPus3VbkuI/M8ExdKIweU8Xj7EwF  
w8c72PDJMCK1atFlsXmsmNHhI8aqUhwJJQiCCfWKb+eTSKJNNjsXowSBdGdK8C8L  
Chnr4cHoN9hFc/81lo67D1sO4/R5sOYR/ZoBiHM3ibwteBYJSF5tUsnQ0BEDKvJH  
c4eb66Eowc1tdrpbzELxoChIcYvjD3PeLhU66QJQbGsNXRwJc8e/aLOa2dvm2vrz  
+MxZfcAttgU=3XRU  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9075-01

Red Hat Security Advisory 2022-9076-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2022:9076-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9076  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-45414 CVE-2022-46872 CVE-2022-46874  
                   CVE-2022-46878 CVE-2022-46880 CVE-2022-46881  
                   CVE-2022-46882  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.6.0.

Security Fix(es):

* Mozilla: Arbitrary file read from a compromised content process  
(CVE-2022-46872)

* Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird  
102.6 (CVE-2022-46878)

* Mozilla: Use-after-free in WebGL (CVE-2022-46880)

* Mozilla: Memory corruption in WebGL (CVE-2022-46881)

* Mozilla: Quoting from an HTML email with certain tags will trigger  
network requests and load remote content, regardless of a configuration to  
block remote content (CVE-2022-45414)

* Mozilla: Drag and Dropped Filenames could have been truncated to  
malicious extensions (CVE-2022-46874)

* Mozilla: Use-after-free in WebGL (CVE-2022-46882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2149868 - CVE-2022-45414 Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content  
2153441 - CVE-2022-46872 Mozilla: Arbitrary file read from a compromised content process  
2153449 - CVE-2022-46874 Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions  
2153454 - CVE-2022-46878 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6  
2153463 - CVE-2022-46880 Mozilla: Use-after-free in WebGL  
2153466 - CVE-2022-46881 Mozilla: Memory corruption in WebGL  
2153467 - CVE-2022-46882 Mozilla: Use-after-free in WebGL

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
thunderbird-102.6.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
thunderbird-102.6.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
thunderbird-102.6.0-2.el8_2.src.rpm

aarch64:  
thunderbird-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.aarch64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.aarch64.rpm

ppc64le:  
thunderbird-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.6.0-2.el8_2.x86_64.rpm  
thunderbird-debugsource-102.6.0-2.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-45414  
https://access.redhat.com/security/cve/CVE-2022-46872  
https://access.redhat.com/security/cve/CVE-2022-46874  
https://access.redhat.com/security/cve/CVE-2022-46878  
https://access.redhat.com/security/cve/CVE-2022-46880  
https://access.redhat.com/security/cve/CVE-2022-46881  
https://access.redhat.com/security/cve/CVE-2022-46882  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5ug/tzjgjWX9erEAQh0kA/9FYWQo7DPaJ42rNiE78pcFYEc6CA8ZGBP  
LHbv060pE98N3G61Kly7offDi2QrN7x0VVauoxugg9zcF8fnSTMpahR0sMZ4aAqM  
o+CaoYKvq+IvqYi+a0n+wuJFsrcNT4DsjcW3k6+52WEIPmpN4M0conmqXn0LP/yA  
Kx36GH0KJHWTnIokS1mfbUid4rtKAd3cF4KlSlbEVJu5RSPTBngAWPNld0upJLcy  
WD0B8bhSUn7H9tpMw3isqEfSDae9+YGXHkyb9MB3ICALMLlvkQibkbF9wo/1Up0M  
895bgOjQ/CoxJaHRk5pEK+fqwufiWtdABDYM12PRfk3aSdd54jDpT9HG9nV3cZHR  
boVdaeuOJFyZAzziiDZo2q9Je8Nm5ox8kgQ8UO5UY7Dr7AFNgbvIPYi3ISZ1RbZZ  
+9IuxSnW3YUrW/8QUqmyDruhS7deMYJogirvWdWwt5tSpAA5Tr7Aj1Cix3u8nHZZ  
Tej4JtE9Ch8gq7s7ppwj2hif+1JV7liUWtEp4YtKvqA+R/5svqBBwS6EI+4Woj72  
jY9YrporG0NoOPcWKt3bf5Zhr1fimiwnubJy5a6vDT9LheouWEEU+F51pz/u/ldB  
Jets+wx2yhT0fh7V/4rufKw6G3XhTo5dZwZnDzkLBDFSx57t7g5VMZta++olFUpe  
jcpjOgm6OJw=nZth  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9076-01

Red Hat Security Advisory 2022-9070-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:9070-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9070  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-46872 CVE-2022-46874 CVE-2022-46878  
                   CVE-2022-46880 CVE-2022-46881 CVE-2022-46882  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 102.6.0 ESR.

Security Fix(es):

* Mozilla: Arbitrary file read from a compromised content process  
(CVE-2022-46872)

* Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird  
102.6 (CVE-2022-46878)

* Mozilla: Use-after-free in WebGL (CVE-2022-46880)

* Mozilla: Memory corruption in WebGL (CVE-2022-46881)

* Mozilla: Drag and Dropped Filenames could have been truncated to  
malicious extensions (CVE-2022-46874)

* Mozilla: Use-after-free in WebGL (CVE-2022-46882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2153441 - CVE-2022-46872 Mozilla: Arbitrary file read from a compromised content process  
2153449 - CVE-2022-46874 Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions  
2153454 - CVE-2022-46878 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6  
2153463 - CVE-2022-46880 Mozilla: Use-after-free in WebGL  
2153466 - CVE-2022-46881 Mozilla: Memory corruption in WebGL  
2153467 - CVE-2022-46882 Mozilla: Use-after-free in WebGL

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
firefox-102.6.0-1.el8_2.src.rpm

aarch64:  
firefox-102.6.0-1.el8_2.aarch64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.aarch64.rpm  
firefox-debugsource-102.6.0-1.el8_2.aarch64.rpm

ppc64le:  
firefox-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debuginfo-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debugsource-102.6.0-1.el8_2.ppc64le.rpm

s390x:  
firefox-102.6.0-1.el8_2.s390x.rpm  
firefox-debuginfo-102.6.0-1.el8_2.s390x.rpm  
firefox-debugsource-102.6.0-1.el8_2.s390x.rpm

x86_64:  
firefox-102.6.0-1.el8_2.x86_64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.x86_64.rpm  
firefox-debugsource-102.6.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
firefox-102.6.0-1.el8_2.src.rpm

aarch64:  
firefox-102.6.0-1.el8_2.aarch64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.aarch64.rpm  
firefox-debugsource-102.6.0-1.el8_2.aarch64.rpm

ppc64le:  
firefox-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debuginfo-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debugsource-102.6.0-1.el8_2.ppc64le.rpm

s390x:  
firefox-102.6.0-1.el8_2.s390x.rpm  
firefox-debuginfo-102.6.0-1.el8_2.s390x.rpm  
firefox-debugsource-102.6.0-1.el8_2.s390x.rpm

x86_64:  
firefox-102.6.0-1.el8_2.x86_64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.x86_64.rpm  
firefox-debugsource-102.6.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
firefox-102.6.0-1.el8_2.src.rpm

aarch64:  
firefox-102.6.0-1.el8_2.aarch64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.aarch64.rpm  
firefox-debugsource-102.6.0-1.el8_2.aarch64.rpm

ppc64le:  
firefox-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debuginfo-102.6.0-1.el8_2.ppc64le.rpm  
firefox-debugsource-102.6.0-1.el8_2.ppc64le.rpm

s390x:  
firefox-102.6.0-1.el8_2.s390x.rpm  
firefox-debuginfo-102.6.0-1.el8_2.s390x.rpm  
firefox-debugsource-102.6.0-1.el8_2.s390x.rpm

x86_64:  
firefox-102.6.0-1.el8_2.x86_64.rpm  
firefox-debuginfo-102.6.0-1.el8_2.x86_64.rpm  
firefox-debugsource-102.6.0-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-46872  
https://access.redhat.com/security/cve/CVE-2022-46874  
https://access.redhat.com/security/cve/CVE-2022-46878  
https://access.redhat.com/security/cve/CVE-2022-46880  
https://access.redhat.com/security/cve/CVE-2022-46881  
https://access.redhat.com/security/cve/CVE-2022-46882  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5uhCNzjgjWX9erEAQherg/+LMLB/21bl4GmwLLL8/2eIGHY9tbmaSfl  
t0159LZ6kfabpE0j+buZ155ljY6aHzCuWcJBofBCIHAATgVjeZ1rzKdSEEJ2hqGt  
zrtXbpSq3e63YM9cgeeKGasOZk8GAq6IrRshqX0sE7YqkHjlxJiqZAU6GOal+RtC  
3SjBG2nCbEfgdRBPYr6GgBDN4KqvCDUdBFxK+TSv+5v2OL80m2kMpf6E7zsjPL3D  
VX6oEJ3P6gGatZZlq4BodglHPvPSL1yqwvucHQJ0V10G6WudFNBO8K6bQCLaRowl  
4BmqL82T/537ytSeClvjJQRaYH2pTuMC2PuF6Ryrrki+C/EVJYPA9Pj/NPWmsxhC  
YVKleKQ8NQpFsOJTy8NZ+STKJ0OE5Epm01AlDuiHRcr2WqqWIbd/yyYXYM9W3uYh  
L6vUU05JB16V3Au2IVeFR5lUpX16wkYgcIuijhXJfyJoPuVSYX9PxOcEydtKdyIw  
tZcCkn4aBaXP0af2heB6XbtHNVaPdzkVqZyvwUo1lMp2cheQpinalwD6002pUMB+  
i1eq4qP90rssf0EQqJ/e+W0yUlThzD4RCpK2RI1DsxM8/F7J7YLi40iH9smN3Sm8  
TLsYNfMldiuK1OTWKE8Chr/hJL6dlUvgGMH5/X+HqnFpHWztcDSoo4yZgRF3tJt+  
nua339DDTn8=kb0x  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-9070-01

Red Hat Security Advisory 2022-9066-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Issues addressed include a use-after-free vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:9066-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:9066  
Issue date:        2022-12-15  
CVE Names:         CVE-2022-46872 CVE-2022-46874 CVE-2022-46878  
                   CVE-2022-46880 CVE-2022-46881 CVE-2022-46882  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 9.0  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 102.6.0 ESR.

Security Fix(es):

* Mozilla: Arbitrary file read from a compromised content process  
(CVE-2022-46872)

* Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird  
102.6 (CVE-2022-46878)

* Mozilla: Use-after-free in WebGL (CVE-2022-46880)

* Mozilla: Memory corruption in WebGL (CVE-2022-46881)

* Mozilla: Drag and Dropped Filenames could have been truncated to  
malicious extensions (CVE-2022-46874)

* Mozilla: Use-after-free in WebGL (CVE-2022-46882)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2153441 - CVE-2022-46872 Mozilla: Arbitrary file read from a compromised content process  
2153449 - CVE-2022-46874 Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions  
2153454 - CVE-2022-46878 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6  
2153463 - CVE-2022-46880 Mozilla: Use-after-free in WebGL  
2153466 - CVE-2022-46881 Mozilla: Memory corruption in WebGL  
2153467 - CVE-2022-46882 Mozilla: Use-after-free in WebGL

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.9.0):

Source:  
firefox-102.6.0-1.el9_0.src.rpm

aarch64:  
firefox-102.6.0-1.el9_0.aarch64.rpm  
firefox-debuginfo-102.6.0-1.el9_0.aarch64.rpm  
firefox-debugsource-102.6.0-1.el9_0.aarch64.rpm

ppc64le:  
firefox-102.6.0-1.el9_0.ppc64le.rpm  
firefox-debuginfo-102.6.0-1.el9_0.ppc64le.rpm  
firefox-debugsource-102.6.0-1.el9_0.ppc64le.rpm

s390x:  
firefox-102.6.0-1.el9_0.s390x.rpm  
firefox-debuginfo-102.6.0-1.el9_0.s390x.rpm  
firefox-debugsource-102.6.0-1.el9_0.s390x.rpm

x86_64:  
firefox-102.6.0-1.el9_0.x86_64.rpm  
firefox-debuginfo-102.6.0-1.el9_0.x86_64.rpm  
firefox-debugsource-102.6.0-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-46872  
https://access.redhat.com/security/cve/CVE-2022-46874  
https://access.redhat.com/security/cve/CVE-2022-46878  
https://access.redhat.com/security/cve/CVE-2022-46880  
https://access.redhat.com/security/cve/CVE-2022-46881  
https://access.redhat.com/security/cve/CVE-2022-46882  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5ug99zjgjWX9erEAQgEEhAAhJIHK1wjYGsYxmu5ZFkC0bBjQilJLpxJ  
t2udAbzqkPlRaycOzb0oL9mTRtDXICYBelKNA1vIr3WBbN5lrqC5oBSgUV7HQFG2  
HsXna0DkfkDyYGoCfrHYhnAzIqhVALBp5jfLYnGwpCNbSzoCvAs1AIa9x6GD8QE7  
fqSIg9s0ymOFZUsmHofAZz/P16QHg501kVKSNJB87E42gE5zwBO3umaZiRqjcc/f  
nIU2P/F/9kPxlTog54L1+secHf+I806KDYZc1GFpdJgqEgq9zexxU7bLbFqnXQ3c  
kFCGkyd4fCygW0PS320pzzYOW52T9TOPSLZ8xp9aXyrvWJcIuADPEd7zJcgChBEb  
kDBeaVtGB913ON/5boRt3maalvHLA95SlPq7eSih3VkbH8vUFrHE0Ayx2dQnbviM  
f6oO7Al+NFtKGzzHR05L4upOFG0j+CfNUxfBrBOCaw+aN2U01ziBZl0xpB8bh/j2  
uDfrkrwSENkGPmHyUcBwO7FdLXA6n4tJzJMa875Nl6MWLpM4I/zARCbMjUNnQtGo  
0xXw5FyR/6LNgK1yL4YSspD13BlAt9SQCjFhdqwp+5SwVqW2P19hUUGrq4RSkPB/  
YkH8WJHsT12gPVYhdtNd/yYDpnLtn+B35ct7EtIXkULDh6SUaSklGz+DhJkI8SgZ  
jl/TlPdWPKE=OzET  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux