RHEL 7 / 8 : OpenShift Container Platform 4.6.56 (RHSA-2022:0866)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0866 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host

An incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster 0 will be applied to the host if an attacker can create a pod with a hostIPC and hostNetwork kernel namespace...

cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host

An incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster 0 will be applied to the host if an attacker can create a pod with a hostIPC and hostNetwork kernel namespace...

Code Injection in CRI-O

Impact A flaw introduced in CRI-O version 1.19 which an attacker can use to bypass the safeguards and set arbitrary kernel parameters on the host. As a result, anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime can abuse the kernel.corepattern kernel parameter ...

cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host

An incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster 0 will be applied to the host if an attacker can create a pod with a hostIPC and hostNetwork kernel namespace...

CVE-2022-0002

A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 BTI where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently...

CVE-2022-0001

A flaw was found in hw. The Branch History Injection BHI describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to...

CVE-2022-0264

A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...

CVE-2021-4204

An out-of-bounds OOB memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. Mitigation The default Red Hat Enterprise Linux kernel prevents unprivileg...

PT-2025-8521 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists in the Linux kernel related to the sysctl tcp migrate req variable. This issue occurs because the variable can be changed concurrently while being read, which...

SUSE: Security Advisory (SUSE-SU-2021:3611-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-34866

A vulnerability was found in Linux Kernel, where a type confusion problem in checkmapfunccompatibility may lead to free arbitrary kernel memory. Mitigation The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivilegedbpfdisabled...

The vulnerabilities of the parameters NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS in the Linux kernel’s net/netfilter/nf_conntrack_standalone.c component allow attackers to disclose protected information.

The vulnerabilities of the parameters NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS in the Linux kernel’s net/netfilter/nfconntrackstandalone.c component are related to the disclosure of information through non-compliance. Exploiting these vulnerabilities can allow attackers to disclo...

CVE-2020-0430

An out of bounds memory read flaw was found in the Linux kernel’s implementation of the eBPF code verifier. A user passing corrupted data to a helper function could access data inside the adjustptrminmaxvals function. By default, the eBPF verifier is only accessible to users with CAPSYSADMIN...

DEBIAN-CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

UBUNTU-CVE-2021-38209

net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NFSYSCTLCTMAX, NFSYSCTLCTEXPECTMAX, and NFSYSCTLCTBUCKETS sysctls...

CVE-2021-35477

A flaw in the Linux kernel allows a privileged BPF program to obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel in the eBPF subsystem Mitigation The default Red Hat Enterprise Linux kernel setting prevents unprivileged users from being able to use eBPF vi...

CVE-2021-3600

A flaw was found in the Linux kernel’s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. By default, accessing the eBPF verifier is only possible to privileged users with CAPSYSADMIN. This flaw allows a local user who ca...

CVE-2021-22555

A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...