Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-4155 (GCVE-0-2021-4155)
Vulnerability from cvelistv5 – Published: 2022-08-24 15:10 – Updated: 2024-08-03 17:16
VLAI
EPSS
Summary
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
Severity
5.5 (Medium)
CWE
- CWE-131 - - Incorrect Calculation of Buffer Size
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.openwall.com/lists/oss-security/2022/… | x_refsource_MISC |
| https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2021-4155 | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:04.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in Kernel v5.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "CWE-131 - Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-24T15:10:19.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "Fixed in Kernel v5.16"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-131 - Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2022/01/10/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2021-4155",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2021-4155",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-4155",
"datePublished": "2022-08-24T15:10:19.000Z",
"dateReserved": "2021-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:16:04.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-4155",
"date": "2026-06-08",
"epss": "0.0002",
"percentile": "0.05744"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.16\", \"matchCriteriaId\": \"D692A2AE-8E9E-46AE-8670-7E1284317A25\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 un fallo de filtrado de datos en la forma en que XFS_IOC_ALLOCSP IOCTL en el sistema de archivos XFS permit\\u00eda aumentar el tama\\u00f1o de los archivos con un tama\\u00f1o no alineado. Un atacante local podr\\u00eda usar este fallo para filtrar datos en el sistema de archivos XFS que de otro modo no ser\\u00edan accesibles.\"}]",
"id": "CVE-2021-4155",
"lastModified": "2024-11-21T06:37:00.903",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
"published": "2022-08-24T16:15:09.607",
"references": "[{\"url\": \"https://access.redhat.com/security/cve/CVE-2021-4155\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2034813\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2021-4155\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/01/10/1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2021-4155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2034813\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2021-4155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/01/10/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-131\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-131\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-4155\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-08-24T16:15:09.607\",\"lastModified\":\"2024-11-21T06:37:00.903\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo de filtrado de datos en la forma en que XFS_IOC_ALLOCSP IOCTL en el sistema de archivos XFS permit\u00eda aumentar el tama\u00f1o de los archivos con un tama\u00f1o no alineado. Un atacante local podr\u00eda usar este fallo para filtrar datos en el sistema de archivos XFS que de otro modo no ser\u00edan accesibles.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-131\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-131\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.16\",\"matchCriteriaId\":\"D692A2AE-8E9E-46AE-8670-7E1284317A25\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2021-4155\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2034813\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2021-4155\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/01/10/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2021-4155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2034813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2021-4155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/01/10/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2022-AVI-925
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP3-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-2977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2977"
},
{
"name": "CVE-2022-39190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39190"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2639"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2020-36516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36516"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2016-3695",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3695"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2020-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27784"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-42719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42719"
},
{
"name": "CVE-2022-41848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41848"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-20368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20368"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2905",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2905"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2022-36879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36879"
},
{
"name": "CVE-2020-16119",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16119"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2021-39698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2022-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2503"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 18 octobre. 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223648-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 18 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223628-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 17 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223607-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 17 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223599-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 17 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223606-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 17 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223605-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 17 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223601-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 18 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223609-1/"
}
],
"reference": "CERTFR-2022-AVI-925",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3609-1 du 17 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3605-1 du 17 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3648-1 du 18 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3606-1 du 17 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3607-1 du 17 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3599-1 du 17 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3628-1 du 18 octobre 2022",
"url": null
}
]
}
CERTFR-2022-AVI-976
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Availability 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-2977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2977"
},
{
"name": "CVE-2022-39190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39190"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-32296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32296"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3169"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2016-3695",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3695"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2020-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27784"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-42719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42719"
},
{
"name": "CVE-2022-41848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41848"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-20008",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20008"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-20368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20368"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2905",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2905"
},
{
"name": "CVE-2022-3202",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3202"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2022-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3424"
},
{
"name": "CVE-2022-36879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36879"
},
{
"name": "CVE-2020-16119",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16119"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2022-40768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40768"
},
{
"name": "CVE-2022-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2503"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-40307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40307"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2022-1263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1263"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 31 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223810-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 01 novembre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223844-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE du 31 octobre 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223809-1/"
}
],
"reference": "CERTFR-2022-AVI-976",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3810-1 du 31 octobre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3844-1 du 01 novembre 2022",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2022:3809-1 du 31 octobre 2022",
"url": null
}
]
}
CERTFR-2023-AVI-0051
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | NorthStar Controller versions antérieures à 6.2.3 | ||
| Juniper Networks | N/A | Contrail Cloud versions antérieures à 13.7.0 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO | ||
| Juniper Networks | N/A | Juniper Networks Contrail Service Orchestration (CSO) versions antérieures à 6.3.0 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.3R1 | ||
| Juniper Networks | N/A | Cloud Native Contrail Networking versions antérieures à R22.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NorthStar Controller versions ant\u00e9rieures \u00e0 6.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Contrail Cloud versions ant\u00e9rieures \u00e0 13.7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 6.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.3R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Cloud Native Contrail Networking versions ant\u00e9rieures \u00e0 R22.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40085"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-22403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22403"
},
{
"name": "CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2023-22393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22393"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2023-22407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22407"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-22394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22394"
},
{
"name": "CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"name": "CVE-2021-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30465"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-22404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22404"
},
{
"name": "CVE-2020-14562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14562"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2023-22405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22405"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2021-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
},
{
"name": "CVE-2022-38178",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38178"
},
{
"name": "CVE-2023-22409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22409"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2023-22416",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22416"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2007-6755",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6755"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38177"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2022-21166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21166"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2018-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8046"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2023-22402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22402"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2021-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3450"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2023-22400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22400"
},
{
"name": "CVE-2021-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2021-27364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
},
{
"name": "CVE-2020-12364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2023-22397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22397"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2022-21125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21125"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2019-1543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1543"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2021-27365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"name": "CVE-2023-22399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22399"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2022-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2023-22398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22398"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2021-23017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2020-12363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2023-22401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22401"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2023-22396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22396"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"name": "CVE-2023-22417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22417"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2020-14573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14573"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2020-24513",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24513"
},
{
"name": "CVE-2022-21123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21123"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2020-35498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35498"
},
{
"name": "CVE-2023-22406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22406"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2020-27827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27827"
},
{
"name": "CVE-2023-22391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22391"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2021-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-22412",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22412"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-22415",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22415"
},
{
"name": "CVE-2022-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2007-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2285"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-37576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37576"
},
{
"name": "CVE-2020-26137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2023-22410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22410"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2023-22408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22408"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-21549",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21549"
},
{
"name": "CVE-2020-14871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14871"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-1729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2021-3504",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3504"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2023-22414",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22414"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-22411",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22411"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2022-21277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21277"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2019-11287",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11287"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2021-4028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4028"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-24903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2023-22413",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22413"
},
{
"name": "CVE-2023-22395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22395"
},
{
"name": "CVE-2021-35940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35940"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70195 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10K-Series-PFE-crash-upon-receipt-of-specific-genuine-packets-when-sFlow-is-enabled-CVE-2023-22399?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70183 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Cloud-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Cloud-release-13-7-0?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70203 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-RPD-crash-can-happen-due-to-an-MPLS-TE-tunnel-configuration-change-on-a-directly-connected-router-CVE-2023-22407?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70192 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Receipt-of-crafted-TCP-packets-on-Ethernet-console-port-results-in-MBUF-leak-leading-to-Denial-of-Service-DoS-CVE-2023-22396?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70213 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-A-memory-leak-might-be-observed-in-IPsec-VPN-scenario-leading-to-an-FPC-crash-CVE-2023-22417?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70193 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-PTX10003-An-attacker-sending-specific-genuine-packets-will-cause-a-memory-leak-in-the-PFE-leading-to-a-Denial-of-Service-CVE-2023-22397?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70181 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-might-crash-when-MPLS-ping-is-performed-on-BGP-LSPs-CVE-2023-22398?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70186 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70179 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Northstar-Controller-Pivotal-RabbitMQ-contains-a-web-management-plugin-that-is-vulnerable-to-a-Denial-of-Service-DoS-attack-CVE-2019-11287?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70208 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flowd-daemon-will-crash-if-the-SIP-ALG-is-enabled-and-specific-SIP-messages-are-processed-CVE-2023-22412?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70201 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX5k-Series-EX46xx-Series-MAC-limiting-feature-stops-working-after-PFE-restart-device-reboot--CVE-2023-22405?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70209 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-FPC-crash-when-an-IPsec6-tunnel-processes-specific-IPv4-packets-CVE-2023-22413?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70187 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-ACX2K-Series-Receipt-of-a-high-rate-of-specific-traffic-will-lead-to-a-Denial-of-Service-DoS-CVE-2023-22391?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70199 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10k-Series-ICCP-flap-will-be-observed-due-to-excessive-specific-traffic-CVE-2023-22403?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70180 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-OpenSSL-Infinite-loop-in-BN-mod-sqrt-reachable-when-parsing-certificates-CVE-2022-0778?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70198 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-The-kernel-might-restart-in-a-BGP-scenario-where-bgp-auto-discovery-is-enabled-and-such-a-neighbor-flaps-CVE-2023-22402?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70196 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-A-specific-SNMP-GET-operation-and-a-specific-CLI-commands-cause-resources-to-leak-and-eventually-the-evo-pfemand-process-will-crash-CVE-2023-22400?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70197 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-PTX10008-PTX10016-When-a-specific-SNMP-MIB-is-queried-the-FPC-will-crash-CVE-2023-22401?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70202 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-memory-leak-which-will-ultimately-lead-to-an-rpd-crash-will-be-observed-when-a-peer-interface-flaps-continuously-in-a-Segment-Routing-scenario-CVE-2023-22406?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70190 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Memory-leak-due-to-receipt-of-specially-crafted-SIP-calls-CVE-2023-22394?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70191 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-In-an-MPLS-scenario-the-processing-of-specific-packets-to-the-device-causes-a-buffer-leak-and-ultimately-a-loss-of-connectivity-CVE-2023-22395?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69903 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-R22-3?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70204 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Upon-processing-of-a-specific-SIP-packet-an-FPC-can-crash-CVE-2023-22408?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70200 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-When-IPsec-VPN-is-configured-iked-will-core-when-a-specifically-formatted-payload-is-received-CVE-2023-22404?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70212 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-if-SIP-ALG-is-enabled-and-a-malicious-SIP-packet-is-received-CVE-2023-22416?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70185 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-3R1-release?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70211 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flow-processing-daemon-flowd-will-crash-when-a-specific-H-323-packet-is-received-CVE-2023-22415?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70210 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-An-FPC-memory-leak-is-observed-when-specific-multicast-packets-are-processed-CVE-2023-22414?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70206 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-with-MPC10-MPC11-When-Suspicious-Control-Flow-Detection-scfd-is-enabled-and-an-attacker-is-sending-specific-traffic-this-causes-a-memory-leak-CVE-2023-22410?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70205 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-SPC3-When-an-inconsistent-NAT-configuration-exists-and-a-specific-CLI-command-is-issued-the-SPC-will-reboot-CVE-2023-22409?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70182 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70189 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-upon-receipt-of-BGP-route-with-invalid-next-hop-CVE-2023-22393?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70207 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-when-Unified-Policies-are-used-with-IPv6-and-certain-dynamic-applications-are-rejected-by-the-device-CVE-2023-22411?language=en_US"
}
]
}
CERTFR-2023-AVI-0167
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2022-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39842"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3649"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-41850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41850"
},
{
"name": "CVE-2022-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3646"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2022-20566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20566"
},
{
"name": "CVE-2022-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3521"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0167",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-02-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5884-1 du 23 f\u00e9vrier 2023",
"url": "https://ubuntu.com/security/notices/USN-5884-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5883-1 du 22 f\u00e9vrier 2023",
"url": "https://ubuntu.com/security/notices/USN-5883-1"
}
]
}
CERTFR-2023-AVI-0210
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données, une atteinte à l'intégrité des données, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 22.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-47521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47521"
},
{
"name": "CVE-2022-47520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47520"
},
{
"name": "CVE-2022-45934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45934"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-4379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-47518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47518"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2023-20928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20928"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2022-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3643"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3169"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2022-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39842"
},
{
"name": "CVE-2022-41849",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41849"
},
{
"name": "CVE-2022-3344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3344"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-3649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3649"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2023-23559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
},
{
"name": "CVE-2022-41850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41850"
},
{
"name": "CVE-2022-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3646"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2023-20938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20938"
},
{
"name": "CVE-2022-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3424"
},
{
"name": "CVE-2022-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47519"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-20369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20369"
},
{
"name": "CVE-2022-20566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20566"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2022-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3521"
},
{
"name": "CVE-2023-0468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0468"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0210",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, une\nex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5938-1 du 08 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5938-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu LSN-0092-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/LSN-0092-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5924-1 du 06 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5924-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5919-1 du 03 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5919-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5940-1 du 09 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5940-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5939-1 du 08 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5939-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5926-1 du 06 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5926-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5934-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5934-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5941-1 du 09 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5941-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5929-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5929-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5925-1 du 06 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5925-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5918-1 du 03 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5918-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5928-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5928-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5927-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5927-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5920-1 du 03 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5920-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5917-1 du 03 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5917-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5935-1 du 07 mars 2023",
"url": "https://ubuntu.com/security/notices/USN-5935-1"
}
]
}
CERTFR-2024-AVI-0027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | CTPView versions versions antérieures à 9.1R5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved version antérieures à 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO | ||
| Juniper Networks | N/A | Paragon Active Assurance versions antérieures à 3.1.2, 3.2.3, 3.3.2 et 3.4.1 | ||
| Juniper Networks | Junos OS | Junos OS version antérieures à 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à SSR-6.2.3-r2 | ||
| Juniper Networks | N/A | Security Director Insights versions antérieures à 23.1R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView versions versions ant\u00e9rieures \u00e0 9.1R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved version ant\u00e9rieures \u00e0 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance versions ant\u00e9rieures \u00e0 3.1.2, 3.2.3, 3.3.2 et 3.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS version ant\u00e9rieures \u00e0 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-6.2.3-r2",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Insights versions ant\u00e9rieures \u00e0 23.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2024-21602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21602"
},
{
"name": "CVE-2022-41974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41974"
},
{
"name": "CVE-2023-38802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38802"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"name": "CVE-2022-41973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41973"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2024-21616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21616"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-1281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
},
{
"name": "CVE-2024-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21599"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2024-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21614"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2024-21607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21607"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2024-21596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21596"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2024-21604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21604"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-21600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21600"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21606"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-21591",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21591"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21587"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2024-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21617"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2024-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21589"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21595"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-22164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22164"
},
{
"name": "CVE-2024-21597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21597"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-2873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2873"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2024-21611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21611"
},
{
"name": "CVE-2024-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21613"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-21612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21612"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2024-21603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21603"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21585"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2023-36842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36842"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2024-21594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21594"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2024-21601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21601"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75723 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-rpd-process-crash-due-to-BGP-flap-on-NSR-enabled-devices-CVE-2024-21585"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75741 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-PTX-Series-In-an-FTI-scenario-MPLS-packets-hitting-reject-next-hop-will-cause-a-host-path-wedge-condition-CVE-2024-21600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75752 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21611"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75757 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Processing-of-a-specific-SIP-packet-causes-NAT-IP-allocation-to-fail-CVE-2024-21616"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75730 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-jdhcpd-will-hang-on-receiving-a-specific-DHCP-packet-CVE-2023-36842"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75734 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-EX4100-EX4400-EX4600-and-QFX5000-Series-A-high-rate-of-specific-ICMP-traffic-will-cause-the-PFE-to-hang-CVE-2024-21595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75737 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Security-Director-Insights-Multiple-vulnerabilities-in-SDI"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75721 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-IPython-privilege-escalation-vulnerability-CVE-2022-21699"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75736 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-CTPView-Multiple-vulnerabilities-in-CTPView-CVE-yyyy-nnnn"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75747 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-flowd-will-crash-when-tcp-encap-is-enabled-and-specific-packets-are-received-CVE-2024-21606"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75758 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-BGP-flap-on-NSR-enabled-devices-causes-memory-leak-CVE-2024-21617"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11272 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-Evolved-Telnet-service-may-be-enabled-when-it-is-expected-to-be-disabled-CVE-2022-22164"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75727 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Paragon-Active-Assurance-Control-Center-Information-disclosure-vulnerability-CVE-2024-21589"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75233 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75754 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-link-flap-causes-patroot-memory-leak-which-leads-to-rpd-crash-CVE-2024-21613"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75753 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-traffic-causes-OFP-core-and-restart-of-RE-CVE-2024-21612"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75742 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-Due-to-an-error-in-processing-TCP-events-flowd-will-crash-CVE-2024-21601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75740 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-MPC3E-memory-leak-with-PTP-configuration-CVE-2024-21599"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75748 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-Series-If-the-tcp-reset-option-used-in-an-IPv6-filter-matched-packets-are-accepted-instead-of-rejected-CVE-2024-21607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75744 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-Gathering-statistics-in-a-scaled-SCU-DCU-configuration-will-lead-to-a-device-crash-CVE-2024-21603"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75743 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7100-32C-and-ACX7100-48L-Traffic-stops-when-a-specific-IPv4-UDP-packet-is-received-by-the-RE-CVE-2024-21602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75738 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-In-an-AF-scenario-traffic-can-bypass-configured-lo0-firewall-filters-CVE-2024-21597"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75733 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Repeated-execution-of-a-specific-CLI-command-causes-a-flowd-crash-CVE-2024-21594"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75725 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Memory-leak-in-bbe-smgd-process-if-BFD-liveness-detection-for-DHCP-subscribers-is-enabled-CVE-2024-21587"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75755 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-query-via-DREND-causes-rpd-crash-CVE-2024-21614"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75735 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-BGP-UPDATE-message-will-cause-a-crash-in-the-backup-Routing-Engine-CVE-2024-21596"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75745 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-traffic-will-cause-a-complete-system-outage-CVE-2024-21604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75729 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Security-Vulnerability-in-J-web-allows-a-preAuth-Remote-Code-Execution-CVE-2024-21591"
}
]
}
FKIE_CVE-2021-4155
Vulnerability from fkie_nvd - Published: 2022-08-24 16:15 - Updated: 2024-11-21 06:37
Severity
Summary
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2021-4155 | Mitigation, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79 | Mailing List, Patch, Vendor Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2021-4155 | Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2022/01/10/1 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2021-4155 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79 | Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2021-4155 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2022/01/10/1 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D692A2AE-8E9E-46AE-8670-7E1284317A25",
"versionEndExcluding": "5.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo de filtrado de datos en la forma en que XFS_IOC_ALLOCSP IOCTL en el sistema de archivos XFS permit\u00eda aumentar el tama\u00f1o de los archivos con un tama\u00f1o no alineado. Un atacante local podr\u00eda usar este fallo para filtrar datos en el sistema de archivos XFS que de otro modo no ser\u00edan accesibles."
}
],
"id": "CVE-2021-4155",
"lastModified": "2024-11-21T06:37:00.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-24T16:15:09.607",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2021-4155
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-4155",
"description": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
"id": "GSD-2021-4155",
"references": [
"https://www.suse.com/security/cve/CVE-2021-4155.html",
"https://www.debian.org/security/2022/dsa-5050",
"https://www.debian.org/security/2022/dsa-5096",
"https://access.redhat.com/errata/RHSA-2022:0718",
"https://access.redhat.com/errata/RHSA-2022:0712",
"https://access.redhat.com/errata/RHSA-2022:0636",
"https://access.redhat.com/errata/RHSA-2022:0629",
"https://access.redhat.com/errata/RHSA-2022:0622",
"https://access.redhat.com/errata/RHSA-2022:0620",
"https://access.redhat.com/errata/RHSA-2022:0592",
"https://access.redhat.com/errata/RHSA-2022:0590",
"https://access.redhat.com/errata/RHSA-2022:0540",
"https://access.redhat.com/errata/RHSA-2022:0533",
"https://access.redhat.com/errata/RHSA-2022:0531",
"https://access.redhat.com/errata/RHSA-2022:0530",
"https://access.redhat.com/errata/RHSA-2022:0529",
"https://access.redhat.com/errata/RHSA-2022:0344",
"https://access.redhat.com/errata/RHSA-2022:0335",
"https://access.redhat.com/errata/RHSA-2022:0232",
"https://access.redhat.com/errata/RHSA-2022:0231",
"https://access.redhat.com/errata/RHSA-2022:0188",
"https://access.redhat.com/errata/RHSA-2022:0187",
"https://access.redhat.com/errata/RHSA-2022:0186",
"https://access.redhat.com/errata/RHSA-2022:0176",
"https://ubuntu.com/security/CVE-2021-4155",
"https://advisories.mageia.org/CVE-2021-4155.html",
"https://access.redhat.com/errata/RHSA-2022:0958",
"https://access.redhat.com/errata/RHSA-2022:1263",
"https://access.redhat.com/errata/RHSA-2022:1417",
"https://alas.aws.amazon.com/cve/html/CVE-2021-4155.html",
"https://linux.oracle.com/cve/CVE-2021-4155.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-4155"
],
"details": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
"id": "GSD-2021-4155",
"modified": "2023-12-13T01:23:11.704753Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "Fixed in Kernel v5.16"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-131 - Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2022/01/10/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2021-4155",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2021-4155",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.16",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4155"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2021-4155",
"refsource": "MISC",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"name": "https://www.openwall.com/lists/oss-security/2022/01/10/1",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/1"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2021-4155",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-4155"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-29T13:39Z",
"publishedDate": "2022-08-24T16:15Z"
}
}
}
MSRC_CVE-2021-4155
Vulnerability from csaf_microsoft - Published: 2022-08-02 00:00 - Updated: 2022-08-31 00:00Summary
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
5.5 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 18638-16820 | — | ||
| Unresolved product id: 18617-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-4155 A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2021-4155.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
"tracking": {
"current_release_date": "2022-08-31T00:00:00.000Z",
"generator": {
"date": "2025-10-19T23:51:07.195Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-4155",
"initial_release_date": "2022-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-08-30T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2022-08-31T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added kernel to CBL-Mariner 1.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 kernel 5.10.134.1-2",
"product": {
"name": "\u003ccm1 kernel 5.10.134.1-2",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 kernel 5.10.134.1-2",
"product": {
"name": "cm1 kernel 5.10.134.1-2",
"product_id": "18638"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.67.1-4",
"product": {
"name": "\u003ccbl2 kernel 5.15.67.1-4",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.67.1-4",
"product": {
"name": "cbl2 kernel 5.15.67.1-4",
"product_id": "18617"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 kernel 5.10.134.1-2 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 kernel 5.10.134.1-2 as a component of CBL Mariner 1.0",
"product_id": "18638-16820"
},
"product_reference": "18638",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.67.1-4 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.67.1-4 as a component of CBL Mariner 2.0",
"product_id": "18617-17086"
},
"product_reference": "18617",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4155",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18638-16820",
"18617-17086"
],
"known_affected": [
"16820-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-4155 A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2021-4155.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-08-30T00:00:00.000Z",
"details": "5.10.134.1-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2022-08-30T00:00:00.000Z",
"details": "5.15.67.1-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"16820-1",
"17086-2"
]
}
],
"title": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them."
}
]
}
RHSA-2022:0176
Vulnerability from csaf_redhat - Published: 2022-01-19 10:03 - Updated: 2026-03-02 16:18Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
* kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000050e86018>] handle_userfault+0x530/0x1820 (BZ#2029422)
* kernel-rt: update RT source tree to the RHEL-8.5.z source tree (BZ#2032059)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
19 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2022:0176 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2040358 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2021-4155 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-4155 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-4155 | external |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | external |
| https://access.redhat.com/security/cve/CVE-2022-0185 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2040358 | external |
| https://www.cve.org/CVERecord?id=CVE-2022-0185 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2022-0185 | external |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | external |
| https://github.com/Crusaders-of-Rust/CVE-2022-0185 | external |
| https://www.openwall.com/lists/oss-security/2022/… | external |
| https://www.willsroot.io/2022/01/cve-2022-0185.html | external |
| https://www.cisa.gov/known-exploited-vulnerabilit… | external |
Acknowledgments
Virtuozzo Kernel team
Kirill Tkhai
willsroot@protonmail.com
William Liu
jamie@hill-daniel.co.uk
Jamie Hill-Daniel
isaac.badipe@gmail.com
Isaac Badipe
alecthechop@gmail.com
Alec Petridis
misetichrvoje@gmail.com
Hrvoje Mišetić
g@gnk.io
Philip Papurt
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)\n\n* kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [\u003c0000000050e86018\u003e] handle_userfault+0x530/0x1820 (BZ#2029422)\n\n* kernel-rt: update RT source tree to the RHEL-8.5.z source tree (BZ#2032059)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0176",
"url": "https://access.redhat.com/errata/RHSA-2022:0176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2034813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"category": "external",
"summary": "2040358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0176.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2026-03-02T16:18:46+00:00",
"generator": {
"date": "2026-03-02T16:18:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.2"
}
},
"id": "RHSA-2022:0176",
"initial_release_date": "2022-01-19T10:03:15+00:00",
"revision_history": [
{
"date": "2022-01-19T10:03:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-19T10:03:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-02T16:18:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"product": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"product_id": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-348.12.2.rt7.143.el8_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-348.12.2.rt7.143.el8_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src"
},
"product_reference": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "NFV-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src"
},
"product_reference": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 8)",
"product_id": "RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"relates_to_product_reference": "RT-8.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kirill Tkhai"
],
"organization": "Virtuozzo Kernel team"
}
],
"cve": "CVE-2021-4155",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2021-12-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034813"
}
],
"notes": [
{
"category": "description",
"text": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"category": "external",
"summary": "RHBZ#2034813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4155"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
],
"release_date": "2022-01-10T06:36:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-19T10:03:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0176"
},
{
"category": "workaround",
"details": "This issue can be mitigated by ensuring xfs_alloc_file_space is not called with \"0\" as an argument.\n\nThis can be done with a SystemTap script (which resets \"0\" with XFS_BMAPI_PREALLOC), below are the steps:\n\n1) Save the following script in a \u0027CVE-2021-4155.stp\u0027 file\n\n--- On Red Hat Enterprise Linux 6 ---\nprobe module(\"xfs\").function(\"xfs_alloc_file_space\") {\n\tif ($alloc_type == 0)\n\t\t$alloc_type = 0x40;\t# XFS_BMAPI_PREALLOC\n}\n--- On Red Hat Enterprise Linux 6 ---\n\n--- On Red Hat Enterprise Linux 7 onwards ---\nprobe module(\"xfs\").function(\"xfs_alloc_file_space\") {\n\tif ($alloc_type == 0)\n\t\t$alloc_type = 0x8;\t# XFS_BMAPI_PREALLOC\n}\n--- On Red Hat Enterprise Linux 7 onwards ---\n\n2) Install systemtap package and its dependencies\n\n # yum install -y systemtap systemtap-runtime\n # yum install -y kernel-devel kernel-debuginfo\n\n3) Build the mitigation kernel module as root.\n\n # stap -r `uname -r` -m cve_2021_4155.ko -g CVE-2021-4155.stp -p4\n\n4) Load the mitigation module as root\n\n # staprun -L cve_2021_4155.ko\n\n\n\nWhat is SystemTap and how to use it?\nhttps://access.redhat.com/solutions/5441",
"product_ids": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL"
},
{
"acknowledgments": [
{
"names": [
"William Liu"
],
"organization": "willsroot@protonmail.com"
},
{
"names": [
"Jamie Hill-Daniel"
],
"organization": "jamie@hill-daniel.co.uk"
},
{
"names": [
"Isaac Badipe"
],
"organization": "isaac.badipe@gmail.com"
},
{
"names": [
"Alec Petridis"
],
"organization": "alecthechop@gmail.com"
},
{
"names": [
"Hrvoje Mi\u0161eti\u0107"
],
"organization": "misetichrvoje@gmail.com"
},
{
"names": [
"Philip Papurt"
],
"organization": "g@gnk.io"
}
],
"cve": "CVE-2022-0185",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2022-01-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040358"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs_context: heap overflow in legacy parameter handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 8.4 GA onwards. Previous Red Hat Enterprise Linux versions are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0185"
},
{
"category": "external",
"summary": "RHBZ#2040358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0185"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2"
},
{
"category": "external",
"summary": "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/7"
},
{
"category": "external",
"summary": "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"url": "https://www.willsroot.io/2022/01/cve-2022-0185.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-18T18:41:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-19T10:03:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0176"
},
{
"category": "workaround",
"details": "On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"product_ids": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"NFV-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"NFV-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.src",
"RT-8.5.0.Z.MAIN:kernel-rt-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-core-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debug-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-devel-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-kvm-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64",
"RT-8.5.0.Z.MAIN:kernel-rt-modules-extra-0:4.18.0-348.12.2.rt7.143.el8_5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-21T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fs_context: heap overflow in legacy parameter handling"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…