Unbreakable Enterprise kernel-container security update

5.4.17-2136.308.9 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34276099 5.4.17-2136.308.8 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202259 CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 - KVM: x86/speculation: Disable Fill buffe...

PT-2022-3407 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to a buffer overflow in memory, which can allow an attacker to execute arbitrary code. Xen's safety logic does not account for CPU-induced cache non-coherency, leading to...

Amazon Linux 2 : microcode_ctl (ALAS-2022-1800)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1800 advisory. A flaw was found in hw. Processor optimization removal or modification of security-critical code for some IntelR processors may...

SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1840-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1840-1 advisory. - Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO...

QEMU Buffer Overflow Vulnerability (CNVD-2023-80120)

QEMU Quick Emulator is a set of simulation processor software. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from an integer overflow in cursoralloc that could lead to a heap buffer overflow. A malicious privileged attacker can exploit this...

CVE-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1751-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1751-1 advisory. - Improper input validation in firmware for some IntelR PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potential...

PT-2022-3328 · Mariadb +9 · Mariadb +10

Name of the Vulnerable Software and Affected Versions: MariaDB versions 10.2 through 10.7 Description: The issue is related to a buffer overflow in the Item func in::cleanup/Item::cleanup processor function of the MariaDB database management system. This could allow a remote attacker to impact th...

SUSE-SU-2022:1744-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220510 release. bsc1199423 Updated to Intel CPU Microcode 20220419 release. bsc1198717 - CVE-2022-21151: Processor optimization removal or modification of security-critical code for some IntelR Processors may...

CVE-2022-28349

Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0...

Arm Mali GPU Kernel Driver 资源管理错误漏洞

The Arm Mali GPU Kernel Driver is a driver for a graphics processor unit from Arm UK. A security vulnerability exists in the Arm Mali GPU Kernel Driver, which stems from a reuse-after-release vulnerability and affects the following products and versions: Midgard versions r28p0 through r29p0, prio...

SUSE-SU-2022:1732-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220510 release. bsc1199423 Updated to Intel CPU Microcode 20220419 release. bsc1198717 - CVE-2022-21151: Processor optimization removal or modification of security-critical code for some IntelR Processors may...

CVE-2022-21151

A flaw was found in hw. Processor optimization removal or modification of security-critical code for some IntelR processors may potentially allow an authenticated user to enable information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currently...

com.hcl.commerce:commerce-search-processors (>=9.1.12.0 <=9.1.15.0), org.apache.nifi.minifi:minifi-assembly (>=1.14.0 <=1.28.1) +8 more potentially affected by CVE-2018-1309 via org.apache.nifi:nifi-standard-processors (>=0.2.0-incubating <=1.28.1)

org.apache.nifi:nifi-standard-processors MAVEN version =0.2.0-incubating, =9.1.12.0, =1.14.0, =1.14.0, =1.14.0, =0.2.0-incubating, =1.24.0, =1.15.0, =1.14.0, =0.10.0, =0.10.0, =0.12.0 Source cves: CVE-2018-1309 Source advisory: OSV:GHSA-42WX-65G4-5CXV...

Improper Restriction of XML External Entity Reference in Apache NiFi

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=1.0.0), com.airbus-cyber-security.graylog:graylog-plugin-logging-alert (>=1.0.0 <=1.0.1) +8 more potentially affected by CVE-2018-11651 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=2.4.3)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.0.0, =1.0.2, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2018-11651 Source advisory: OSV:GHSA-435G-R2M8-GJVM...

GHSA-W3J5-Q8F2-3CQQ Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...

CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...

GHSA-9HG2-395J-83RM Expected Behavior Violation in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

GHSA-7CWJ-J333-X7F7 Uncontrolled Resource Consumption in Apache ZooKeeper

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10,...