ALT Linux Team

Branch sisyphus update on 2022-11-13

2022-11-13

ALT-BU-2022-7041-1

Branch sisyphus update bulletin.

ALT-PU-2022-3062-1

Package xterm updated to version 375-alt1 for branch sisyphus in task 309918.

ALT-PU-2022-3063-1

Package glibc updated to version 2.35.0.6.491f2e-alt2 for branch sisyphus in task 309864.

Closed bugs

Bug #44277

make: cannot open output sync mutex

ALT-PU-2022-3064-1

Package zoneminder updated to version 1.36.31-alt2 for branch sisyphus in task 309924.

Closed bugs

Bug #44190

Неверно указан путь для сокета в файле zm-fcgi.inc из пакета zoneminder-nginx

ALT-PU-2022-3065-1

Package open-iscsi updated to version 2.1.8-alt1 for branch sisyphus in task 309941.

Closed vulnerabilities

Published: 2020-12-11

BDU:2021-01270

Уязвимость функции uip_process операционной системы Contiki OS, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (8.2) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
References:
Published: 2020-12-12
Modified: 2024-11-21

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.

Severity: HIGH (8.2) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
References:

ALT-PU-2022-3066-1

Package kernel-image-centos updated to version 5.14.0.192-alt1.el9 for branch sisyphus in task 309868.

Closed vulnerabilities

Published: 2022-08-05

BDU:2022-07365

Уязвимость подсистемы XFRM ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или оказать другое воздействие на систему

Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-09-01

BDU:2023-00454

Уязвимость межсетевого экрана ядра операционной системы Linux, позволяющая нарушителю обойти межсетевой экран.

Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
Published: 2022-08-31

BDU:2023-01301

Уязвимость подсистемы управления памятью ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или, возможно, выполнить произвольный код

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-09-02
Modified: 2024-11-21

CVE-2022-2663

An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.

Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
Published: 2022-08-31
Modified: 2024-11-21

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.

Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-10-10
Modified: 2024-11-21

CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top