ALT Linux Team

Branch sisyphus_riscv64 update on 2023-05-09

2023-05-09

ALT-BU-2023-3475-1

Branch sisyphus_riscv64 update bulletin.

ALT-PU-2023-3467-1

Package plymouth updated to version 22.02.122-alt1.20221016 for branch sisyphus_riscv64.

Closed bugs

Bug #39326

Не показывается splash, если включен вывод на serial console

Bug #44297

Не работает plymouth на UEFI с ядром un-def

ALT-PU-2023-3468-1

Package kernel-image-un-def updated to version 6.2.14-alt1.0.rv64 for branch sisyphus_riscv64.

Closed vulnerabilities

Published: 2023-04-14

BDU:2023-02605

Уязвимость функции qfq_change_class() ядра операционных систем Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-04-28
Modified: 2024-11-21

CVE-2023-31436

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2023-3469-1

Package alterator-setup updated to version 0.3.16-alt1 for branch sisyphus_riscv64.

Closed bugs

Bug #46028

После установки на плату без видеокарты не запускается X

ALT-PU-2023-3470-1

Package make-initrd-bootchain updated to version 0.1.5-alt14 for branch sisyphus_riscv64.

Closed bugs

Bug #41521

Не загружаются iso с plymouth, если в cmdline указать console=ttyS0 или console=tty0

ALT-PU-2023-3471-1

Package golang updated to version 1.20.4-alt1 for branch sisyphus_riscv64.

Closed vulnerabilities

Published: 2023-05-11

BDU:2023-03470

Уязвимость языка программирования Go, связанная с ошибками при обработке специальных символов "<>" в контексте CSS, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2023-05-11

BDU:2023-03471

Уязвимость языка программирования Go, связанная с ошибками при обработке пробельных символов в контексте JavaScript, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-05-11

BDU:2023-03472

Уязвимость языка программирования Go, существующая из-за непринятия мер по нейтрализации специальных элементов, позволяющая нарушителю внедрить произвольные атрибуты в теги HTML

Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2023-05-11
Modified: 2025-01-24

CVE-2023-24539

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

Severity: HIGH (7.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2023-05-11
Modified: 2025-01-24

CVE-2023-24540

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-05-11
Modified: 2025-01-24

CVE-2023-29400

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

Severity: HIGH (7.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:

ALT-PU-2023-3472-1

Package libyang updated to version 2.1.55-alt1 for branch sisyphus_riscv64.

Closed vulnerabilities

Published: 2023-04-04
Modified: 2025-02-18

CVE-2023-26916

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.

Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2023-04-11
Modified: 2025-02-11

CVE-2023-26917

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2023-3473-1

Package frr updated to version 8.5.1-alt1 for branch sisyphus_riscv64.

Closed vulnerabilities

Published: 2023-05-09
Modified: 2024-11-21

CVE-2023-31489

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2023-05-09
Modified: 2024-11-21

CVE-2023-31490

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2023-3474-1

Package openvswitch updated to version 2.17.6-alt1 for branch sisyphus_riscv64.

Closed vulnerabilities

Published: 2023-01-10

BDU:2023-00290

Уязвимость программного многоуровневого коммутатора Open vSwitch, связанная с потерей значимости целого числа, позволяющая нарушителю выполнить произвольный код в целевой системе

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-01-10

BDU:2023-00291

Уязвимость программного многоуровневого коммутатора Open vSwitch, связанная с потерей значимости целого числа, позволяющая нарушителю выполнить произвольный код в целевой системе

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-09-09
Modified: 2024-11-21

CVE-2019-25076

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.

Severity: MEDIUM (5.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
References:
Published: 2022-08-23
Modified: 2024-11-21

CVE-2021-3905

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-01-11
Modified: 2024-11-21

CVE-2022-4337

An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-01-11
Modified: 2024-11-21

CVE-2022-4338

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-04-11
Modified: 2024-11-21

CVE-2023-1668

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

Severity: HIGH (8.2) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top