The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6590 advisory.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21452, CVE-2022-21462, CVE-2022-21607, CVE-2023-21866)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21413)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21415)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21417)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.
(CVE-2022-21418)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server.
(CVE-2022-21423)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2022-21425)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21427)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2022-21440, CVE-2022-21459, CVE-2022-21478)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21444)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21451)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin).
Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21454)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. (CVE-2022-21455)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. (CVE-2022-21457)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. (CVE-2022-21460)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data.
(CVE-2022-21479)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2022-21509, CVE-2022-21527, CVE-2022-21528, CVE-2023-21872)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21515)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21517, CVE-2022-21537)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21522)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21525, CVE-2022-21526, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21638, CVE-2022-21641)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21534)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. (CVE-2022-21538)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. (CVE-2022-21539)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21547)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21556)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21569)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. (CVE-2022-21592)
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21605)
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21635)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2022:6590.
##
include('compat.inc');
if (description)
{
script_id(184878);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");
script_cve_id(
"CVE-2022-21412",
"CVE-2022-21413",
"CVE-2022-21414",
"CVE-2022-21415",
"CVE-2022-21417",
"CVE-2022-21418",
"CVE-2022-21423",
"CVE-2022-21425",
"CVE-2022-21427",
"CVE-2022-21435",
"CVE-2022-21436",
"CVE-2022-21437",
"CVE-2022-21438",
"CVE-2022-21440",
"CVE-2022-21444",
"CVE-2022-21451",
"CVE-2022-21452",
"CVE-2022-21454",
"CVE-2022-21455",
"CVE-2022-21457",
"CVE-2022-21459",
"CVE-2022-21460",
"CVE-2022-21462",
"CVE-2022-21478",
"CVE-2022-21479",
"CVE-2022-21509",
"CVE-2022-21515",
"CVE-2022-21517",
"CVE-2022-21522",
"CVE-2022-21525",
"CVE-2022-21526",
"CVE-2022-21527",
"CVE-2022-21528",
"CVE-2022-21529",
"CVE-2022-21530",
"CVE-2022-21531",
"CVE-2022-21534",
"CVE-2022-21537",
"CVE-2022-21538",
"CVE-2022-21539",
"CVE-2022-21547",
"CVE-2022-21553",
"CVE-2022-21556",
"CVE-2022-21569",
"CVE-2022-21592",
"CVE-2022-21605",
"CVE-2022-21607",
"CVE-2022-21635",
"CVE-2022-21638",
"CVE-2022-21641",
"CVE-2023-21866",
"CVE-2023-21872"
);
script_xref(name:"IAVA", value:"2022-A-0168-S");
script_xref(name:"IAVA", value:"2022-A-0291-S");
script_xref(name:"IAVA", value:"2022-A-0432-S");
script_xref(name:"IAVA", value:"2023-A-0043-S");
script_xref(name:"RLSA", value:"2022:6590");
script_name(english:"Rocky Linux 9 : mysql (RLSA-2022:6590)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2022:6590 advisory.
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437,
CVE-2022-21438, CVE-2022-21452, CVE-2022-21462, CVE-2022-21607, CVE-2023-21866)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions
that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21413)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21415)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2022-21417)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.
(CVE-2022-21418)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server.
(CVE-2022-21423)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions
that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2022-21425)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions
that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2022-21427)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2022-21440, CVE-2022-21459, CVE-2022-21478)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions
that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows
high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2022-21444)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2022-21451)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin).
Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2022-21454)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized creation, deletion or modification access to critical data or all
MySQL Server accessible data. (CVE-2022-21455)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported
versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server
accessible data. (CVE-2022-21457)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions
that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows
high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized access to critical data or complete access to all
MySQL Server accessible data. (CVE-2022-21460)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data.
(CVE-2022-21479)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server
accessible data. (CVE-2022-21509, CVE-2022-21527, CVE-2022-21528, CVE-2023-21872)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions
that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. (CVE-2022-21515)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. (CVE-2022-21517, CVE-2022-21537)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported
versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21522)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21525, CVE-2022-21526, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531,
CVE-2022-21553, CVE-2022-21638, CVE-2022-21641)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported
versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21534)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low
privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service
(partial DOS) of MySQL Server. (CVE-2022-21538)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well
as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause
a partial denial of service (partial DOS) of MySQL Server. (CVE-2022-21539)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported
versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21547)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized creation, deletion or modification access to critical data or all
MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (CVE-2022-21556)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported
versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21569)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset
of MySQL Server accessible data. (CVE-2022-21592)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported
versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged
attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete
DOS) of MySQL Server. (CVE-2022-21605)
- Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are
affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability
can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server
accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of
MySQL Server. (CVE-2022-21635)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2022:6590");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082636");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082637");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082638");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082639");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082641");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082643");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082646");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082649");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082650");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082651");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082652");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082654");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082655");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082656");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082657");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082658");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2082659");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115282");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115283");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115284");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115285");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115286");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115287");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115288");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115289");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115290");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115292");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115293");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115294");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115295");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115296");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115297");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115298");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115299");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115300");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2115301");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2122589");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2122592");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-21479");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-21635");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/04/12");
script_set_attribute(attribute:"patch_publication_date", value:"2022/09/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-errmsg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-test-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:9");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 9.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
var pkgs = [
{'reference':'mysql-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debuginfo-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debuginfo-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debuginfo-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debugsource-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debugsource-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debugsource-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-debuginfo-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-debuginfo-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-debuginfo-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-debuginfo-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-debuginfo-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-debuginfo-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-debuginfo-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-debuginfo-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-debuginfo-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-debuginfo-8.0.30-3.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-debuginfo-8.0.30-3.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-debuginfo-8.0.30-3.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mysql / mysql-common / mysql-debuginfo / mysql-debugsource / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
rocky | linux | mysql | p-cpe:/a:rocky:linux:mysql |
rocky | linux | mysql-common | p-cpe:/a:rocky:linux:mysql-common |
rocky | linux | mysql-debuginfo | p-cpe:/a:rocky:linux:mysql-debuginfo |
rocky | linux | mysql-debugsource | p-cpe:/a:rocky:linux:mysql-debugsource |
rocky | linux | mysql-devel | p-cpe:/a:rocky:linux:mysql-devel |
rocky | linux | mysql-devel-debuginfo | p-cpe:/a:rocky:linux:mysql-devel-debuginfo |
rocky | linux | mysql-errmsg | p-cpe:/a:rocky:linux:mysql-errmsg |
rocky | linux | mysql-libs | p-cpe:/a:rocky:linux:mysql-libs |
rocky | linux | mysql-libs-debuginfo | p-cpe:/a:rocky:linux:mysql-libs-debuginfo |
rocky | linux | mysql-server | p-cpe:/a:rocky:linux:mysql-server |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21425
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21427
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21462
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21515
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21517
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21522
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21525
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21526
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21527
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21528
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21529
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21534
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21556
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21592
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21605
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21866
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21872
bugzilla.redhat.com/show_bug.cgi?id=2082636
bugzilla.redhat.com/show_bug.cgi?id=2082637
bugzilla.redhat.com/show_bug.cgi?id=2082638
bugzilla.redhat.com/show_bug.cgi?id=2082639
bugzilla.redhat.com/show_bug.cgi?id=2082640
bugzilla.redhat.com/show_bug.cgi?id=2082641
bugzilla.redhat.com/show_bug.cgi?id=2082642
bugzilla.redhat.com/show_bug.cgi?id=2082643
bugzilla.redhat.com/show_bug.cgi?id=2082644
bugzilla.redhat.com/show_bug.cgi?id=2082645
bugzilla.redhat.com/show_bug.cgi?id=2082646
bugzilla.redhat.com/show_bug.cgi?id=2082647
bugzilla.redhat.com/show_bug.cgi?id=2082648
bugzilla.redhat.com/show_bug.cgi?id=2082649
bugzilla.redhat.com/show_bug.cgi?id=2082650
bugzilla.redhat.com/show_bug.cgi?id=2082651
bugzilla.redhat.com/show_bug.cgi?id=2082652
bugzilla.redhat.com/show_bug.cgi?id=2082653
bugzilla.redhat.com/show_bug.cgi?id=2082654
bugzilla.redhat.com/show_bug.cgi?id=2082655
bugzilla.redhat.com/show_bug.cgi?id=2082656
bugzilla.redhat.com/show_bug.cgi?id=2082657
bugzilla.redhat.com/show_bug.cgi?id=2082658
bugzilla.redhat.com/show_bug.cgi?id=2082659
bugzilla.redhat.com/show_bug.cgi?id=2115282
bugzilla.redhat.com/show_bug.cgi?id=2115283
bugzilla.redhat.com/show_bug.cgi?id=2115284
bugzilla.redhat.com/show_bug.cgi?id=2115285
bugzilla.redhat.com/show_bug.cgi?id=2115286
bugzilla.redhat.com/show_bug.cgi?id=2115287
bugzilla.redhat.com/show_bug.cgi?id=2115288
bugzilla.redhat.com/show_bug.cgi?id=2115289
bugzilla.redhat.com/show_bug.cgi?id=2115290
bugzilla.redhat.com/show_bug.cgi?id=2115291
bugzilla.redhat.com/show_bug.cgi?id=2115292
bugzilla.redhat.com/show_bug.cgi?id=2115293
bugzilla.redhat.com/show_bug.cgi?id=2115294
bugzilla.redhat.com/show_bug.cgi?id=2115295
bugzilla.redhat.com/show_bug.cgi?id=2115296
bugzilla.redhat.com/show_bug.cgi?id=2115297
bugzilla.redhat.com/show_bug.cgi?id=2115298
bugzilla.redhat.com/show_bug.cgi?id=2115299
bugzilla.redhat.com/show_bug.cgi?id=2115300
bugzilla.redhat.com/show_bug.cgi?id=2115301
bugzilla.redhat.com/show_bug.cgi?id=2122589
bugzilla.redhat.com/show_bug.cgi?id=2122592
errata.rockylinux.org/RLSA-2022:6590