ALT-BU-2022-5236-1
Branch sisyphus update bulletin.
Package kernel-image-centos updated to version 5.14.0.114-alt1.el9 for branch sisyphus in task 302236.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-1729
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704
- https://security.netapp.com/advisory/ntap-20230214-0006/
- https://security.netapp.com/advisory/ntap-20230214-0006/
- https://www.openwall.com/lists/oss-security/2022/05/20/2
- https://www.openwall.com/lists/oss-security/2022/05/20/2
Closed vulnerabilities
BDU:2023-02936
Уязвимость анонимного веб-браузера Tor, связанная с некорректной зачисткой или освобождением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-19
CVE-2021-3838
DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution, especially when DOMPdf is used with frameworks with documented POP chains like Laravel or vulnerable developer code.
Modified: 2024-11-21
CVE-2022-33903
Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.
Package kernel-image-un-def updated to version 5.17.15-alt2 for branch sisyphus in task 302308.
Closed vulnerabilities
BDU:2022-03532
Уязвимость общих буферов системы ввода-вывода с отображением памяти (MMIO) процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2022-03600
Уязвимость набора средств разработки Intel Software Guard Extensions SDK, микропрограммного обеспечения Intel SGX DCAP, SGX PSW, PSW связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2022-05155
Уязвимость системы ввода-вывода с отображением памяти (MMIO) процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2025-05-05
CVE-2022-21123
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- FEDORA-2022-391e24517d
- FEDORA-2022-391e24517d
- FEDORA-2022-925fc688c1
- FEDORA-2022-925fc688c1
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-177a008b98
- FEDORA-2022-177a008b98
- GLSA-202208-23
- GLSA-202208-23
- https://security.netapp.com/advisory/ntap-20220624-0008/
- https://security.netapp.com/advisory/ntap-20220624-0008/
- DSA-5173
- DSA-5173
- DSA-5178
- DSA-5178
- DSA-5184
- DSA-5184
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
Modified: 2025-05-05
CVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- http://xenbits.xen.org/xsa/advisory-404.html
- http://xenbits.xen.org/xsa/advisory-404.html
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- FEDORA-2022-391e24517d
- FEDORA-2022-391e24517d
- FEDORA-2022-925fc688c1
- FEDORA-2022-925fc688c1
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-177a008b98
- FEDORA-2022-177a008b98
- GLSA-202208-23
- GLSA-202208-23
- https://security.netapp.com/advisory/ntap-20220624-0008/
- https://security.netapp.com/advisory/ntap-20220624-0008/
- DSA-5173
- DSA-5173
- DSA-5178
- DSA-5178
- DSA-5184
- DSA-5184
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
Modified: 2025-05-05
CVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- [oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- [debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update
- FEDORA-2022-391e24517d
- FEDORA-2022-391e24517d
- FEDORA-2022-925fc688c1
- FEDORA-2022-925fc688c1
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-177a008b98
- FEDORA-2022-177a008b98
- GLSA-202208-23
- GLSA-202208-23
- https://security.netapp.com/advisory/ntap-20220624-0008/
- https://security.netapp.com/advisory/ntap-20220624-0008/
- DSA-5173
- DSA-5173
- DSA-5178
- DSA-5178
- DSA-5184
- DSA-5184
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
Closed bugs
Salt Stack не запускается на текущем Сизифе