var-202206-1186
Vulnerability from variot
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. plural Intel(R) Processor contains an incomplete cleanup vulnerability.Information may be obtained. Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统. Microsoft Windows存在安全漏洞。该漏洞源于Intel处理器存在安全问题。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation). Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
update RT source tree to the RHEL-8.4.z12 source tree (BZ#2119160)
-
using __this_cpu_add() in preemptible [00000000] - caller is __mod_memcg_lruvec_state+0x69/0x1c0 [None8.4.0.z] (BZ#2124454)
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
RHEL8.6[64TB/240c Denali]:" vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107491)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2022:5937-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5937 Issue date: 2022-08-09 CVE Names: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
-
Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
-
Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
SolarFlare sfc spurious TX completion (BZ#1793280)
-
Page allocation failure on cryptsetup open (BZ#2072970)
-
The kernel-rt crashes where one task is indefinitely looping in __start_cfs_bandwidth() with the cfs_b->lock spinlock being held (BZ#2077346)
-
While using PTimekeeper the qede driver produces excessive log messages (BZ#2080646)
-
The kernel crashes due to a GPF happens in mutex_spin_on_owner(). The known RDMA/cma bug that was introduced with a patch from upstream commit 722c7b2bfead is the possible cause. (BZ#2085425)
-
Running LTP testcase creat09 fails showing related to 'cve-2018-13405' (BZ#2089360)
-
Crash when releasing inode which was on unmouted superblock (BZ#2096884)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1160.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm kernel-doc-3.10.0-1160.76.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.76.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm perf-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-1160.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm kernel-doc-3.10.0-1160.76.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.76.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm perf-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-1160.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm kernel-doc-3.10.0-1160.76.1.el7.noarch.rpm
ppc64: bpftool-3.10.0-1160.76.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-3.10.0-1160.76.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debug-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.76.1.el7.ppc64.rpm kernel-devel-3.10.0-1160.76.1.el7.ppc64.rpm kernel-headers-3.10.0-1160.76.1.el7.ppc64.rpm kernel-tools-3.10.0-1160.76.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.ppc64.rpm perf-3.10.0-1160.76.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm python-perf-3.10.0-1160.76.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm
ppc64le: bpftool-3.10.0-1160.76.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debug-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-devel-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-headers-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-tools-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.ppc64le.rpm perf-3.10.0-1160.76.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm python-perf-3.10.0-1160.76.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm
s390x: bpftool-3.10.0-1160.76.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm kernel-3.10.0-1160.76.1.el7.s390x.rpm kernel-debug-3.10.0-1160.76.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.76.1.el7.s390x.rpm kernel-devel-3.10.0-1160.76.1.el7.s390x.rpm kernel-headers-3.10.0-1160.76.1.el7.s390x.rpm kernel-kdump-3.10.0-1160.76.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.76.1.el7.s390x.rpm perf-3.10.0-1160.76.1.el7.s390x.rpm perf-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm python-perf-3.10.0-1160.76.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm
x86_64: bpftool-3.10.0-1160.76.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm perf-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.76.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm
ppc64le: bpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm
x86_64: bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-1160.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm kernel-doc-3.10.0-1160.76.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.76.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm perf-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-21123 https://access.redhat.com/security/cve/CVE-2022-21125 https://access.redhat.com/security/cve/CVE-2022-21166 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYvKiCNzjgjWX9erEAQgz2A/+O9gKIbQCWne03iCkr+RZwdgghaS4zC6Z 8/iPJhQf3ZKdVQ1/otcA4SK+AwazrjOJx5Dnn5kTY+5Vc/xJQ0/lX5wmWggzZxgz tX+f/BDwU47c7Ie1oXHgIalaVZ3jzIXS9fWuKcry9uLP9QoXPuWSj+eP1Cm3wiLW +xY5AKIIhFHE7UYc2U3hNfBVy15dcGiTeVHr/Mmk9/fTFu88RgSuZPWiUi+MJAo+ U2UfnpCkom7isYR86HP44uGc2BZf2pRqi4b/iICVHA/dV93FZ1ldlS6fZIIXTYxV 8RtRakX9yrB4OLtpIFYpWQth04H+h5gMAiam7MZws8VtjYgWYcwU8kPhS+hf0W4I uEd1fRU0F7QYrgjrxioPMW7ImPuklDtUELq3laXHyy+wDs3deZQ9csGWCqaPyTkK /jnnWMAQzB6ZYX4bmXwFtkAEmA7Dx3S4DP6SMW0yt7y+xmg2WGP8SHp3nxBlqbbv nOpY35/HWQpKsYU91Z0i/DN/BmDnmsMOqEU6bAYnGZezbwUnl+OlKF2DoAaQLvBQ aVfHcXhKLL1nRI8HNt98YxJHaf4dtTJCSCWnO/xdaZcDkCWMCReB2PGxzL5MEbTc 7pOvB7yANf+aztsAee3dOCZTMnDDh10mgb+NelQgR5nQRxYpw7YY3JCwy/bSO3Na btaLByp4p3I=VyEw -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-5535-1 July 28, 2022
Intel Microcode vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Intel Microcode.
Software Description: - intel-microcode: Processor microcode for Intel CPUs
Details:
Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. (CVE-2021-0145)
Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges. (CVE-2021-0146)
It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-0127)
It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123, CVE-2022-21127)
It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125)
Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that some Intel processors improperly optimised security-critical code. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21151)
It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166)
It was discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information. (CVE-2021-33117)
Brandon Miller discovered that some Intel processors did not properly restrict access in some situations. A local attacker could use this to obtain sensitive information or a remote attacker could use this to cause a denial of service (system crash). (CVE-2021-33120)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: intel-microcode 3.20220510.0ubuntu0.16.04.1+esm1
In general, a standard system update will make all the necessary changes.
Bug Fix(es):
-
Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)
-
slub corruption during LPM of hnv interface (BZ#2081250)
-
Affinity broken due to vector space exhaustion (BZ#2084646)
-
'rmmod pmt_telemetry' panics on ADL-P IOTG (BZ#2091079)
-
Unable to boot RHEL-8.6 on Brazos max. config (Install is success) (BZ#2092241)
-
kernel crash after reboot of T14/G2 AMD laptop (mt7921e module) (BZ#2095654)
-
mt7921: free resources on pci_probe error path (BZ#2101684)
-
NLM should be more defensive if underlying FS changes fl_owner (BZ#2102099)
-
RHEL8/async-pf Guest call trace when reboot after postcopy migration with high stress workload (BZ#2105340)
-
execve exit tracepoint not called (BZ#2106662)
-
QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)
-
KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)
-
KVM selftests fail to compile (BZ#2107655)
-
Some monitor have no display with AMD W6400 when boot into OS. (BZ#2109826)
-
Percpu counter usage is gradually getting increasing during podman container recreation. (BZ#2110039)
-
multipath failed to recover after EEH hit on flavafish adapter on Denali(qla2xxx/flavafish/RHEL8.6/Denali) (BZ#2110768)
-
soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)
-
trouble re-assigning MACs to VFs, ice stricter than other drivers (BZ#2111936)
-
Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)
-
Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117026)
-
Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)
-
kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)
-
ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)
-
bridge over bond over ice ports has no connection (BZ#2118580)
-
Fix max VLANs available for VF (BZ#2118581)
-
offline selftest failed (BZ#2118582)
-
INTEL NVMUpdate utility ver 3.20 is failing to update firmware on E810-XXVDA4T (WPC) (BZ#2118583)
-
VM configured with failover interface will coredump after been migrating from source host to target host(only iavf driver) (BZ#2118705)
-
Fix max VLANs available for untrusted VF (BZ#2118707)
-
Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset (BZ#2120776)
Enhancement(s):
-
KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)
-
KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)
-
ice: Driver Update (BZ#2102359)
-
iavf: Driver Update (BZ#2102360)
-
iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)
-
Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.9.7 images. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2094982 - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key 2130218 - 4.9.7 containers
5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202206-1186", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sgx psw", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "2.16.100.3" }, { "model": "sgx sdk", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "2.16.100.3" }, { "model": "sgx sdk", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "2.17.100.3" }, { "model": "xen", "scope": "eq", "trust": 1.0, "vendor": "xen", "version": "*" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "10.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "11.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "9.0" }, { "model": "sgx dcap", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "1.14.100.3" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "36" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "35" }, { "model": "esxi", "scope": "eq", "trust": 1.0, "vendor": "vmware", "version": "7.0" }, { "model": "sgx psw", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "2.17.100.3" }, { "model": "intel sgx dcap", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "xen", "scope": null, "trust": 0.8, "vendor": "xen \u30d7\u30ed\u30b8\u30a7\u30af\u30c8", "version": null }, { "model": "intel sgx psw", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "esxi", "scope": null, "trust": 0.8, "vendor": "vmware", "version": null }, { "model": "intel sgx sdk", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "gnu/linux", "scope": null, "trust": 0.8, "vendor": "debian", "version": null }, { "model": "fedora", "scope": null, "trust": 0.8, "vendor": "fedora", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*", "cpe_name": [], "versionEndExcluding": "1.14.100.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionEndExcluding": "1.14.100.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*", "cpe_name": [], "versionEndExcluding": "2.17.100.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionEndExcluding": "2.16.100.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*", "cpe_name": [], "versionEndExcluding": "2.17.100.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*", "cpe_name": [], "versionEndExcluding": "2.16.100.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-21125" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "169411" }, { "db": "PACKETSTORM", "id": "169688" }, { "db": "PACKETSTORM", "id": "168021" }, { "db": "PACKETSTORM", "id": "168355" }, { "db": "PACKETSTORM", "id": "169997" }, { "db": "PACKETSTORM", "id": "170222" } ], "trust": 0.6 }, "cve": "CVE-2022-21125", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 2.1, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2022-21125", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-406836", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-21125", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-21125", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202206-1339", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-406836", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-406836" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. plural Intel(R) Processor contains an incomplete cleanup vulnerability.Information may be obtained. Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e2a\u4eba\u8bbe\u5907\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf. \nMicrosoft Windows\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eIntel\u5904\u7406\u5668\u5b58\u5728\u5b89\u5168\u95ee\u9898\u3002\u4ee5\u4e0b\u4ea7\u54c1\u548c\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aWindows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows 10 Version 21H1 for x64-based Systems,Windows 10 Version 21H1 for ARM64-based Systems,Windows 10 Version 21H1 for 32-bit Systems,Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 20H2 for x64-based Systems,Windows 10 Version 20H2 for 32-bit Systems,Windows 10 Version 20H2 for ARM64-based Systems,Windows Server, version 20H2 (Server Core Installation),Windows 11 for x64-based Systems,Windows 11 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows 7 for 32-bit Systems Service Pack 1,Windows 7 for x64-based Systems Service Pack 1,Windows 8.1 for 32-bit systems,Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation). Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* update RT source tree to the RHEL-8.4.z12 source tree (BZ#2119160)\n\n* using __this_cpu_add() in preemptible [00000000] - caller is\n__mod_memcg_lruvec_state+0x69/0x1c0 [None8.4.0.z] (BZ#2124454)\n\n4. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* RHEL8.6[64TB/240c Denali]:\" vmcore failed, _exitcode:139\" error observed\nwhile capturing vmcore during fadump after memory remove. incomplete vmcore\nis captured. (BZ#2107491)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: kernel security and bug fix update\nAdvisory ID: RHSA-2022:5937-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:5937\nIssue date: 2022-08-09\nCVE Names: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Incomplete cleanup of multi-core shared buffers (aka SBDR)\n(CVE-2022-21123)\n\n* Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n(CVE-2022-21125)\n\n* Incomplete cleanup in specific special register write operations (aka\nDRPW) (CVE-2022-21166)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* SolarFlare sfc spurious TX completion (BZ#1793280)\n\n* Page allocation failure on cryptsetup open (BZ#2072970)\n\n* The kernel-rt crashes where one task is indefinitely looping in\n__start_cfs_bandwidth() with the cfs_b-\u003elock spinlock being held\n(BZ#2077346)\n\n* While using PTimekeeper the qede driver produces excessive log messages\n(BZ#2080646)\n\n* The kernel crashes due to a GPF happens in mutex_spin_on_owner(). The\nknown RDMA/cma bug that was introduced with a patch from upstream commit\n722c7b2bfead is the possible cause. (BZ#2085425)\n\n* Running LTP testcase creat09 fails showing related to \u0027cve-2018-13405\u0027\n(BZ#2089360)\n\n* Crash when releasing inode which was on unmouted superblock (BZ#2096884)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)\n2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)\n2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1160.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-1160.76.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.76.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1160.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-1160.76.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.76.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1160.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-1160.76.1.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1160.76.1.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debug-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-devel-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-headers-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-tools-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.ppc64.rpm\nperf-3.10.0-1160.76.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\npython-perf-3.10.0-1160.76.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1160.76.1.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.ppc64le.rpm\nperf-3.10.0-1160.76.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\npython-perf-3.10.0-1160.76.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1160.76.1.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-debug-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-devel-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-headers-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-kdump-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1160.76.1.el7.s390x.rpm\nperf-3.10.0-1160.76.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\npython-perf-3.10.0-1160.76.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1160.76.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1160.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-1160.76.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.76.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.76.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-21123\nhttps://access.redhat.com/security/cve/CVE-2022-21125\nhttps://access.redhat.com/security/cve/CVE-2022-21166\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYvKiCNzjgjWX9erEAQgz2A/+O9gKIbQCWne03iCkr+RZwdgghaS4zC6Z\n8/iPJhQf3ZKdVQ1/otcA4SK+AwazrjOJx5Dnn5kTY+5Vc/xJQ0/lX5wmWggzZxgz\ntX+f/BDwU47c7Ie1oXHgIalaVZ3jzIXS9fWuKcry9uLP9QoXPuWSj+eP1Cm3wiLW\n+xY5AKIIhFHE7UYc2U3hNfBVy15dcGiTeVHr/Mmk9/fTFu88RgSuZPWiUi+MJAo+\nU2UfnpCkom7isYR86HP44uGc2BZf2pRqi4b/iICVHA/dV93FZ1ldlS6fZIIXTYxV\n8RtRakX9yrB4OLtpIFYpWQth04H+h5gMAiam7MZws8VtjYgWYcwU8kPhS+hf0W4I\nuEd1fRU0F7QYrgjrxioPMW7ImPuklDtUELq3laXHyy+wDs3deZQ9csGWCqaPyTkK\n/jnnWMAQzB6ZYX4bmXwFtkAEmA7Dx3S4DP6SMW0yt7y+xmg2WGP8SHp3nxBlqbbv\nnOpY35/HWQpKsYU91Z0i/DN/BmDnmsMOqEU6bAYnGZezbwUnl+OlKF2DoAaQLvBQ\naVfHcXhKLL1nRI8HNt98YxJHaf4dtTJCSCWnO/xdaZcDkCWMCReB2PGxzL5MEbTc\n7pOvB7yANf+aztsAee3dOCZTMnDDh10mgb+NelQgR5nQRxYpw7YY3JCwy/bSO3Na\nbtaLByp4p3I=VyEw\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-5535-1\nJuly 28, 2022\n\nIntel Microcode vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Intel Microcode. \n\nSoftware Description:\n- intel-microcode: Processor microcode for Intel CPUs\n\nDetails:\n\nJoseph Nuzman discovered that some Intel processors did not properly\ninitialise shared resources. A local attacker could use this to obtain\nsensitive information. (CVE-2021-0145)\n\nMark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel\nprocessors did not prevent test and debug logic from being activated at\nruntime. A local attacker could use this to escalate\nprivileges. (CVE-2021-0146)\n\nIt was discovered that some Intel processors did not implement sufficient\ncontrol flow management. A local attacker could use this to cause a denial\nof service (system crash). (CVE-2021-0127)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on multi-core shared buffers. A local attacker could\npossibly use this to expose sensitive information. (CVE-2022-21123,\nCVE-2022-21127)\n\nIt was discovered that some Intel processors did not completely perform\ncleanup actions on microarchitectural fill buffers. A local attacker could\npossibly use this to expose sensitive information. (CVE-2022-21125)\n\nAlysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that\nsome Intel processors improperly optimised security-critical code. A local\nattacker could possibly use this to expose sensitive\ninformation. (CVE-2022-21151)\n\nIt was discovered that some Intel processors did not properly perform\ncleanup during specific special register write operations. A local attacker\ncould possibly use this to expose sensitive information. (CVE-2022-21166)\n\nIt was discovered that some Intel processors did not properly restrict\naccess in some situations. A local attacker could use this to obtain\nsensitive information. (CVE-2021-33117)\n\nBrandon Miller discovered that some Intel processors did not properly\nrestrict access in some situations. A local attacker could use this to\nobtain sensitive information or a remote attacker could use this to\ncause a denial of service (system crash). (CVE-2021-33120)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\nintel-microcode 3.20220510.0ubuntu0.16.04.1+esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nBug Fix(es):\n\n* Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)\n\n* slub corruption during LPM of hnv interface (BZ#2081250)\n\n* Affinity broken due to vector space exhaustion (BZ#2084646)\n\n* \u0027rmmod pmt_telemetry\u0027 panics on ADL-P IOTG (BZ#2091079)\n\n* Unable to boot RHEL-8.6 on Brazos max. config (Install is success)\n(BZ#2092241)\n\n* kernel crash after reboot of T14/G2 AMD laptop (mt7921e module)\n(BZ#2095654)\n\n* mt7921: free resources on pci_probe error path (BZ#2101684)\n\n* NLM should be more defensive if underlying FS changes fl_owner\n(BZ#2102099)\n\n* RHEL8/async-pf Guest call trace when reboot after postcopy migration with\nhigh stress workload (BZ#2105340)\n\n* execve exit tracepoint not called (BZ#2106662)\n\n* QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)\n\n* KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)\n\n* KVM selftests fail to compile (BZ#2107655)\n\n* Some monitor have no display with AMD W6400 when boot into OS. \n(BZ#2109826)\n\n* Percpu counter usage is gradually getting increasing during podman\ncontainer recreation. (BZ#2110039)\n\n* multipath failed to recover after EEH hit on flavafish adapter on\nDenali(qla2xxx/flavafish/RHEL8.6/Denali) (BZ#2110768)\n\n* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)\n\n* trouble re-assigning MACs to VFs, ice stricter than other drivers\n(BZ#2111936)\n\n* Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)\n\n* Multicast packets are not received by all VFs on the same port even\nthough they have the same VLAN (BZ#2117026)\n\n* Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)\n\n* kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)\n\n* ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)\n\n* bridge over bond over ice ports has no connection (BZ#2118580)\n\n* Fix max VLANs available for VF (BZ#2118581)\n\n* offline selftest failed (BZ#2118582)\n\n* INTEL NVMUpdate utility ver 3.20 is failing to update firmware on\nE810-XXVDA4T (WPC) (BZ#2118583)\n\n* VM configured with failover interface will coredump after been migrating\nfrom source host to target host(only iavf driver) (BZ#2118705)\n\n* Fix max VLANs available for untrusted VF (BZ#2118707)\n\n* Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset\n(BZ#2120776)\n\nEnhancement(s):\n\n* KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)\n\n* KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)\n\n* ice: Driver Update (BZ#2102359)\n\n* iavf: Driver Update (BZ#2102360)\n\n* iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)\n\n4. Description:\n\nOpenShift Virtualization is Red Hat\u0027s virtualization solution designed for\nRed Hat OpenShift Container Platform. \n\nThis advisory contains OpenShift Virtualization 4.9.7 images. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n2094982 - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key\n2130218 - 4.9.7 containers\n\n5", "sources": [ { "db": "NVD", "id": "CVE-2022-21125" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "db": "VULHUB", "id": "VHN-406836" }, { "db": "PACKETSTORM", "id": "169411" }, { "db": "PACKETSTORM", "id": "167692" }, { "db": "PACKETSTORM", "id": "169688" }, { "db": "PACKETSTORM", "id": "168021" }, { "db": "PACKETSTORM", "id": "167862" }, { "db": "PACKETSTORM", "id": "168355" }, { "db": "PACKETSTORM", "id": "169997" }, { "db": "PACKETSTORM", "id": "170222" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-21125", "trust": 4.1 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2022/06/16/1", "trust": 2.5 }, { "db": "PACKETSTORM", "id": "168021", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "169997", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "167862", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "167692", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94721039", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU99464755", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-166-11", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-011636", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "167785", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169719", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168294", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168503", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169695", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168076", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169941", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168461", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168694", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "167549", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "168364", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "170226", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169411", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2022.3435", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5876", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3737", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.4672", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3104", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3755", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3312", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.4312", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3517", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3018", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3247", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.2926", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3238", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5057", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3086", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5536", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.6062", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.2972", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.6111", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5590", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.4436", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.4757", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3695", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3829", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3601", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "168724", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "168426", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072123", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072010", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022070220", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022071617", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022070744", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022070743", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072738", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022071354", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022062024", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202206-1339", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "169688", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "168355", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "169690", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "168018", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "167545", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-406836", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "170222", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-406836" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "PACKETSTORM", "id": "169411" }, { "db": "PACKETSTORM", "id": "167692" }, { "db": "PACKETSTORM", "id": "169688" }, { "db": "PACKETSTORM", "id": "168021" }, { "db": "PACKETSTORM", "id": "167862" }, { "db": "PACKETSTORM", "id": "168355" }, { "db": "PACKETSTORM", "id": "169997" }, { "db": "PACKETSTORM", "id": "170222" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "id": "VAR-202206-1186", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-406836" } ], "trust": 0.01 }, "last_update_date": "2024-07-23T21:51:00.840000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "INTEL-SA-00615", "trust": 0.8, "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html" }, { "title": "Microsoft Windows Repair measures for information disclosure vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=196895" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-459", "trust": 1.1 }, { "problemtype": "incomplete cleanup (CWE-459) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-406836" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1" }, { "trust": 1.7, "url": "http://xenbits.xen.org/xsa/advisory-404.html" }, { "trust": 1.7, "url": "https://security.netapp.com/advisory/ntap-20220624-0008/" }, { "trust": 1.7, "url": "https://www.debian.org/security/2022/dsa-5173" }, { "trust": 1.7, "url": "https://www.debian.org/security/2022/dsa-5178" }, { "trust": 1.7, "url": "https://www.debian.org/security/2022/dsa-5184" }, { "trust": 1.7, "url": "https://security.gentoo.org/glsa/202208-23" }, { "trust": 1.7, "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html" }, { "trust": 1.7, "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html" }, { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21125" }, { "trust": 1.2, "url": "https://access.redhat.com/security/cve/cve-2022-21125" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94721039/index.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99464755/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21166" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21123" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t4p2kjyl74kglhe4jzetvw7pzh6ziaba/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rkrxz4lhgcgmog24zcejny6r2bts4s2q/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fhtew3rxu2gw6s3rcpqg4vnczgi3tosv/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mcvomhbqrh4kp7in6u24cw7f2d2l5kbs/" }, { "trust": 0.6, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.6, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2022-21166" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2022-21123" }, { "trust": 0.6, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.6, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167862/ubuntu-security-notice-usn-5535-1.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169411/red-hat-security-advisory-2022-6991-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169719/red-hat-security-advisory-2022-7216-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3517" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167785/ubuntu-security-notice-usn-5529-1.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168694/red-hat-security-advisory-2022-6872-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169997/red-hat-security-advisory-2022-8609-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6111" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3086" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022071617" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168294/red-hat-security-advisory-2022-6252-02.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168426/red-hat-security-advisory-2022-6537-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168503/red-hat-security-advisory-2022-6560-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3247" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3601" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022071354" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-21125/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/intel-processor-information-disclosure-via-processor-mmio-stale-data-38590" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072123" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022070220" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168076/gentoo-linux-security-advisory-202208-23.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168461/red-hat-security-advisory-2022-6536-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5590" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3695" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5876" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3018" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3737" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2926" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169695/red-hat-security-advisory-2022-7211-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168021/red-hat-security-advisory-2022-5937-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167549/ubuntu-security-notice-usn-5485-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.4672" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.4312" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2972" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3104" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022070743" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022070744" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.4436" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.4757" }, { "trust": 0.6, "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-21125" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb20220720108" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168364/red-hat-security-advisory-2022-6437-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3829" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/168724/red-hat-security-advisory-2022-6954-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/170226/red-hat-security-advisory-2022-8973-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167692/ubuntu-security-notice-usn-5485-2.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169941/red-hat-security-advisory-2022-7874-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.6062" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022062024" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072738" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5057" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3312" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3435" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3238" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3755" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5536" }, { "trust": 0.5, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.4, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2022-2588" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2588" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-45486" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45486" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-45485" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45485" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:6991" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5485-1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5485-2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/linux-oem-5.14/5.14.0-1044.49" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:7279" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:5937" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33120" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5535-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33117" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21151" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0145" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0127" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21127" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:6460" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-38177" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-40674" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-1996" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1996" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-41974" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:8609" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-41974" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-3515" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3515" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-38177" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-38178" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-38178" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1158" }, { "trust": 0.1, "url": "https://access.redhat.com/solutions/6971358" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43945" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-29900" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-23825" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-1158" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23825" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-26373" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29900" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-29901" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2639" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29901" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2639" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-43945" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-23816" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26373" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2959" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-2959" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23816" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:8974" } ], "sources": [ { "db": "VULHUB", "id": "VHN-406836" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "PACKETSTORM", "id": "169411" }, { "db": "PACKETSTORM", "id": "167692" }, { "db": "PACKETSTORM", "id": "169688" }, { "db": "PACKETSTORM", "id": "168021" }, { "db": "PACKETSTORM", "id": "167862" }, { "db": "PACKETSTORM", "id": "168355" }, { "db": "PACKETSTORM", "id": "169997" }, { "db": "PACKETSTORM", "id": "170222" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-406836" }, { "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "db": "PACKETSTORM", "id": "169411" }, { "db": "PACKETSTORM", "id": "167692" }, { "db": "PACKETSTORM", "id": "169688" }, { "db": "PACKETSTORM", "id": "168021" }, { "db": "PACKETSTORM", "id": "167862" }, { "db": "PACKETSTORM", "id": "168355" }, { "db": "PACKETSTORM", "id": "169997" }, { "db": "PACKETSTORM", "id": "170222" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "db": "NVD", "id": "CVE-2022-21125" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-06-15T00:00:00", "db": "VULHUB", "id": "VHN-406836" }, { "date": "2023-08-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "date": "2022-10-18T22:30:59", "db": "PACKETSTORM", "id": "169411" }, { "date": "2022-07-04T14:32:00", "db": "PACKETSTORM", "id": "167692" }, { "date": "2022-11-02T14:59:50", "db": "PACKETSTORM", "id": "169688" }, { "date": "2022-08-10T15:50:33", "db": "PACKETSTORM", "id": "168021" }, { "date": "2022-07-28T14:56:22", "db": "PACKETSTORM", "id": "167862" }, { "date": "2022-09-13T15:42:59", "db": "PACKETSTORM", "id": "168355" }, { "date": "2022-11-23T15:18:44", "db": "PACKETSTORM", "id": "169997" }, { "date": "2022-12-14T15:46:04", "db": "PACKETSTORM", "id": "170222" }, { "date": "2022-06-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "date": "2022-06-15T20:15:17.547000", "db": "NVD", "id": "CVE-2022-21125" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-08-19T00:00:00", "db": "VULHUB", "id": "VHN-406836" }, { "date": "2023-08-23T06:27:00", "db": "JVNDB", "id": "JVNDB-2022-011636" }, { "date": "2022-12-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202206-1339" }, { "date": "2023-11-07T03:43:25.357000", "db": "NVD", "id": "CVE-2022-21125" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "PACKETSTORM", "id": "167692" }, { "db": "PACKETSTORM", "id": "167862" }, { "db": "CNNVD", "id": "CNNVD-202206-1339" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Intel(R)\u00a0Processor\u00a0 Incomplete Cleanup Vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-011636" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-202206-1339" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.