ALT-BU-2021-4082-2
Branch sisyphus update bulletin.
Package kernel-image-rt updated to version 5.10.52-alt1.rt47 for branch sisyphus in task 281299.
Closed vulnerabilities
BDU:2021-03848
Уязвимость компонента fs/seq_file.c ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии
BDU:2022-05676
Уязвимость функции cgroup1_parse_param компонента kernel/cgroup/cgroup-v1.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2023-01796
Уязвимость функции seq_buf_putmem_hex() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании.
Modified: 2024-11-21
CVE-2021-33909
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
- http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
- http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
- http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html
- http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- [oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
- [oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
- [oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
- [oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
- [oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list
- [oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
- https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b
- https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update
- [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update
- FEDORA-2021-07dc0b3eb1
- FEDORA-2021-07dc0b3eb1
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015
- https://security.netapp.com/advisory/ntap-20210819-0004/
- https://security.netapp.com/advisory/ntap-20210819-0004/
- DSA-4941
- DSA-4941
- https://www.openwall.com/lists/oss-security/2021/07/20/1
- https://www.openwall.com/lists/oss-security/2021/07/20/1
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
Modified: 2024-11-21
CVE-2021-4154
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
- https://bugzilla.redhat.com/show_bug.cgi?id=2034514
- https://bugzilla.redhat.com/show_bug.cgi?id=2034514
- https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002
- https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b
- https://security.netapp.com/advisory/ntap-20220225-0004/
- https://security.netapp.com/advisory/ntap-20220225-0004/
Modified: 2024-11-21
CVE-2023-28772
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
- https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7
- https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com
- https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/
- https://security.netapp.com/advisory/ntap-20230427-0005/
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
- https://security.netapp.com/advisory/ntap-20230427-0005/
- https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/
- https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com
- https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7
Closed bugs
Segmentation fault при отсутствии билета Kerberos
Package libreoffice-online updated to version 6.2.3.2-alt7 for branch sisyphus in task 281508.
Closed bugs
Ошибка в конфигурации /etc/httpd2/conf/sites-enabled/libreoffice-online.conf
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-37601
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
- [oss-security] 20210728 Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE-2021-37601)
- [oss-security] 20210728 Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE-2021-37601)
- FEDORA-2021-fe9513e089
- FEDORA-2021-fe9513e089
- FEDORA-2021-1d574ae400
- FEDORA-2021-1d574ae400
- https://prosody.im/
- https://prosody.im/
- https://prosody.im/security/advisory_20210722/
- https://prosody.im/security/advisory_20210722/
Closed vulnerabilities
Modified: 2024-12-08
CVE-2020-35357
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution.
- https://git.savannah.gnu.org/cgit/gsl.git/commit/?id=989a193268b963aa1047814f7f1402084fb7d859
- https://git.savannah.gnu.org/cgit/gsl.git/commit/?id=989a193268b963aa1047814f7f1402084fb7d859
- [debian-lts-announce] 20230921 [SECURITY] [DLA 3576-1] gsl security update
- [debian-lts-announce] 20230921 [SECURITY] [DLA 3576-1] gsl security update
- https://lists.debian.org/debian-lts-announce/2024/12/msg00006.html
- https://savannah.gnu.org/bugs/?59624
- https://savannah.gnu.org/bugs/?59624