ALT-BU-2021-3902-1
Branch p9 update bulletin.
Package kernel-image-std-def updated to version 5.4.115-alt1 for branch p9 in task 270900.
Closed vulnerabilities
BDU:2021-04260
Уязвимость функции xt_compat_target_from_user() (net/netfilter/x_tables.c) подсистемы netfilter операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
BDU:2022-03028
Уязвимость функции llcp_sock_connect() операционной системы Linux, позволяющая нарушителю повысить свои привилегии
BDU:2022-03139
Уязвимость функции llcp_sock_bind() протокола nfc ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-25670
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
- [oss-security] 20201101 [CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket
- [oss-security] 20201101 [CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket
- [oss-security] 20210511 CVE-2021-23134: Linux kernel: UAF in nfc sockets
- [oss-security] 20210511 CVE-2021-23134: Linux kernel: UAF in nfc sockets
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update
- FEDORA-2021-21360476b6
- FEDORA-2021-21360476b6
- FEDORA-2021-1c170a7c7c
- FEDORA-2021-1c170a7c7c
- FEDORA-2021-d56567bdab
- FEDORA-2021-d56567bdab
- https://security.netapp.com/advisory/ntap-20210702-0008/
- https://security.netapp.com/advisory/ntap-20210702-0008/
- https://www.openwall.com/lists/oss-security/2020/11/01/1
- https://www.openwall.com/lists/oss-security/2020/11/01/1
Modified: 2024-11-21
CVE-2020-25671
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
- [oss-security] 20201101 [CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket
- [oss-security] 20201101 [CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update
- [debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update
- FEDORA-2021-21360476b6
- FEDORA-2021-21360476b6
- FEDORA-2021-1c170a7c7c
- FEDORA-2021-1c170a7c7c
- FEDORA-2021-d56567bdab
- FEDORA-2021-d56567bdab
- https://security.netapp.com/advisory/ntap-20210702-0008/
- https://security.netapp.com/advisory/ntap-20210702-0008/
- https://www.openwall.com/lists/oss-security/2020/11/01/1
- https://www.openwall.com/lists/oss-security/2020/11/01/1
Modified: 2024-11-21
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
- https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
- https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
- https://security.netapp.com/advisory/ntap-20210805-0010/
- https://security.netapp.com/advisory/ntap-20210805-0010/
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-31525
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.
Package zoneminder updated to version 1.34.26-alt1 for branch p9 in task 270303.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-25729
ZoneMinder before 1.34.21 has XSS via the connkey parameter to download.php or export.php.
- https://forums.zoneminder.com/viewforum.php?f=1
- https://forums.zoneminder.com/viewforum.php?f=1
- https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413
- https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413
- https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.21
- https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.21