cri-o: Security regression of CVE-2022-27652

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10....

GSD-2023-1001514 lib/fonts: fix undefined behavior in bit shift for get_default_font

lib/fonts: fix undefined behavior in bit shift for getdefaultfont This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001266 ext4: fix undefined behavior in bit shift for ext4_check_flag_values

ext4: fix undefined behavior in bit shift for ext4checkflagvalues This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001027 nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()

nilfs2: fix shift-out-of-bounds/overflow in nilfssb2badoffset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001026 nilfs2: fix shift-out-of-bounds due to too large exponent of block size

nilfs2: fix shift-out-of-bounds due to too large exponent of block size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001013 wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()

wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000906 ext4: fix undefined behavior in bit shift for ext4_check_flag_values

ext4: fix undefined behavior in bit shift for ext4checkflagvalues This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

GSD-2023-1000845 lib/fonts: fix undefined behavior in bit shift for get_default_font

lib/fonts: fix undefined behavior in bit shift for getdefaultfont This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000788 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED

drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000605 fs: jfs: fix shift-out-of-bounds in dbDiscardAG

fs: jfs: fix shift-out-of-bounds in dbDiscardAG This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000582 wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()

wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000446 ext4: fix undefined behavior in bit shift for ext4_check_flag_values

ext4: fix undefined behavior in bit shift for ext4checkflagvalues This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

GSD-2023-1000142 HID: core: fix shift-out-of-bounds in hid_report_raw_event

HID: core: fix shift-out-of-bounds in hidreportrawevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commit...

PT-2023-33356 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue concerns a shift-out-of-bounds problem in the hid report raw event function. This problem was introduced in version v2.6.20 and fixed in version v5.4.227. The actual impact and...

PT-2023-34110 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to a shift-out-of-bounds in check special flags. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2023-33865 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue concerns undefined behavior in a bit shift operation related to TTM TT FLAG PRIV POPULATED. The actual impact and potential for attack have not been proven. Recommendations: For...

PT-2023-33116 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue concerns a shift-out-of-bounds problem in the hid report raw event function. This problem was introduced in version v2.6.20 and is fixed in version v6.0.13. The actual impact and...

PT-2023-33296 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: A shift-out-of-bounds issue was discovered in the hid report raw event function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version...

PT-2023-34090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: A potential shift-out-of-bounds issue in the brcmf fw alloc request function may exist. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-33686 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a shift-out-of-bounds in check special flags. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...