Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.
Under investigation:
We are researching a detection and will publish one if
it is feasible.
In development:
We are coding a detection and will typically publish it
within a few days.
Recently published:
We have published the detection on the date indicated,
and it will typically be available in the KnowledgeBase
on shared platforms within a day.
Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.
Following security issues were discovered:
CVE-2020-0000
Affected Devices :
HUAWEI P series: P30 Pro, P30, P20 Pro, P20
HUAWEI Mate series: Mate 20 X, Mate 20 Pro, Mate 20, Mate 20 RS, Mate 10 Pro, Mate 10, PORSCHE DESIGN HUAWEI Mate RS
Following security issues were discovered:
CVE-2020-0000
Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)
Following security issues were discovered:
CVE-2020-0000
Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)
Following security issues were discovered:
CVE-2021-0541,CVE-2021-0540,CVE-2021-0538,CVE-2021-0539,CVE-2020-1971,CVE-2021-0542,CVE-2021-0534,CVE-2021-0535,CVE-2021-0536,CVE-2021-0537,CVE-2021-0570,CVE-2021-0571,CVE-2021-0572,CVE-2021-0559,CVE-2021-0556,CVE-2021-0557,CVE-2021-0554,CVE-2021-0555,CVE-2021-0552,CVE-2021-0553,CVE-2021-0550,CVE-2021-0551,CVE-2021-0608,CVE-2021-0606,CVE-2021-0607,CVE-2021-0605,CVE-2021-0548,CVE-2021-0569,CVE-2021-0568,CVE-2021-0549,CVE-2021-0558,CVE-2021-0563,CVE-2021-0562,CVE-2021-0561,CVE-2021-0546,CVE-2021-0567,CVE-2021-0566,CVE-2021-0565,CVE-2021-0564,CVE-2021-0545,CVE-2021-0544,CVE-2021-0543,CVE-2021-0547
Affected Products :
Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2
Multiple CVEs that could steal sensitive information or execute arbitrary code on the target.
Affected Versions:
IBM Cognos Analytics 11.1
IBM Cognos Analytics 11.0
QID Detection Logic (Authenticated):
This QID checks for vulnerable version of IBM Cognos Analytics by checking the registry file.
The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments,
has three high-severity security vulnerabilities that can be chained together
to enable remote code execution (RCE) with elevated privileges.
CVE-2021-31579: Use of hard-coded credentials
CVE-2021-31580 and CVE-2021-31581: Improper neutralization of special elements used in an OS command
CVE-2021-31582: Exposure of sensitive information to an unauthorized actor.
QID Detection Logic:
Sends a Web request "/pme/database/pme/phinx.yml" to get response
Following security issues were discovered:
CVE-2020-11292,CVE-2020-11291,CVE-2020-26555,CVE-2020-11176,CVE-2020-26558,CVE-2020-11304,CVE-2020-11298,CVE-2021-0530,CVE-2021-0531,CVE-2021-0532,CVE-2021-0533,CVE-2021-1925,CVE-2021-0512,CVE-2021-0513,CVE-2021-0510,CVE-2021-0511,CVE-2021-0516,CVE-2021-0517,CVE-2020-14305,CVE-2020-11267,CVE-2020-11306,CVE-2021-0520,CVE-2021-1900,CVE-2021-1937,CVE-2021-0529,CVE-2021-0528,CVE-2021-0527,CVE-2021-0526,CVE-2021-0525,CVE-2021-0523,CVE-2021-0522,CVE-2021-0521,CVE-2021-0478,CVE-2021-0505,CVE-2021-0504,CVE-2021-0507,CVE-2021-0506,CVE-2021-0509,CVE-2021-0508
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat OpenShift Container Platform 3.11 x86_64
Red Hat OpenShift Container Platform for Power 3.11 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2150 to address this issue and obtain more information.
Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2280 to address this issue and obtain more information.
Security Fix(es): kernel: Use after free via PI futex state (CVE-2021-3347)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2285 to address this issue and obtain more information.
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Security Fix(es): glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
Red Hat Enterprise Linux Server - AUS 7.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
Red Hat Enterprise Linux Server - TUS 7.6 x86_64
Red Hat Enterprise Linux for Power 9 7 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2204 to address this issue and obtain more information.
Security Fix(es): nginx: Off-by-one in ngx_resolver_copy()
when labels are followed by a pointer to a root domain name (CVE-2021-23017)
Affected Products:
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2258 to address this issue and obtain more information.
Security Fix(es): nginx: Off-by-one in ngx_resolver_copy()
when labels are followed by a pointer to a root domain name (CVE-2021-23017)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2259 to address this issue and obtain more information.
Security Fix(es): libwebp: heap-based buffer overflow in PutLE16()
(CVE-2018-25011)
libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
libwebp: use-after-free in EmitFancyRGB()
in dec/io_dec.c (CVE-2020-36329)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2260 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2261 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2263 to address this issue and obtain more information.
Security Fix(es): nginx: Off-by-one in ngx_resolver_copy()
when labels are followed by a pointer to a root domain name (CVE-2021-23017)
Affected Products:
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2278 to address this issue and obtain more information.
Security Fix(es): nginx: Off-by-one in ngx_resolver_copy()
when labels are followed by a pointer to a root domain name (CVE-2021-23017)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2290 to address this issue and obtain more information.
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2291 to address this issue and obtain more information.
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2292 to address this issue and obtain more information.
Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489)
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258
Affected Products
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Fixes
BZ - 1962650
- CVE-2020-24489 hw: vt-d related privilege escalation
BZ - 1962666
- CVE-2020-24513 hw: information disclosure on some Intel Atom processors
BZ - 1962702
- CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
BZ - 1962722
- CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
CVEs
CVE-2020-24489
CVE-2020-24511
CVE-2020-24512
CVE-2020-24513
References
https://access.redhat.com/security/updates/classification/#important
Note:
More recent versions of these packages may be available.
Click a package name
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2304 to address this issue and obtain more information.
Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489)
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258
Affected Products
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Fixes
BZ - 1962650
- CVE-2020-24489 hw: vt-d related privilege escalation
BZ - 1962666
- CVE-2020-24513 hw: information disclosure on some Intel Atom processors
BZ - 1962702
- CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
BZ - 1962722
- CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
CVEs
CVE-2020-24489
CVE-2020-24511
CVE-2020-24512
CVE-2020-24513
References
https://access.redhat.com/security/updates/classification/#important
Note:
More recent versions of these packages may be available.
Click a package name
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2305 to address this issue and obtain more information.
Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489)
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258
Affected Products
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Fixes
BZ - 1962650
- CVE-2020-24489 hw: vt-d related privilege escalation
BZ - 1962666
- CVE-2020-24513 hw: information disclosure on some Intel Atom processors
BZ - 1962702
- CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
BZ - 1962722
- CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
CVEs
CVE-2020-24489
CVE-2020-24511
CVE-2020-24512
CVE-2020-24513
References
https://access.redhat.com/security/updates/classification/#important
Note:
More recent versions of these packages may be available.
Click a package name
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2306 to address this issue and obtain more information.
Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489)
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258
Affected Products
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Fixes
BZ - 1962650
- CVE-2020-24489 hw: vt-d related privilege escalation
BZ - 1962666
- CVE-2020-24513 hw: information disclosure on some Intel Atom processors
BZ - 1962702
- CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
BZ - 1962722
- CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
CVEs
CVE-2020-24489
CVE-2020-24511
CVE-2020-24512
CVE-2020-24513
References
https://access.redhat.com/security/updates/classification/#important
Note:
More recent versions of these packages may be available.
Click a package name
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2307 to address this issue and obtain more information.
Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489)
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258
Affected Products
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Fixes
BZ - 1962650
- CVE-2020-24489 hw: vt-d related privilege escalation
BZ - 1962666
- CVE-2020-24513 hw: information disclosure on some Intel Atom processors
BZ - 1962702
- CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
BZ - 1962722
- CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
CVEs
CVE-2020-24489
CVE-2020-24511
CVE-2020-24512
CVE-2020-24513
References
https://access.redhat.com/security/updates/classification/#important
Note:
More recent versions of these packages may be available.
Click a package name
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2308 to address this issue and obtain more information.
Security Fix(es): kernel: Integer overflow in Intel(R)
Graphics Drivers (CVE-2020-12362)
kernel: Use after free via PI futex state (CVE-2021-3347)
kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)
kernel: Improper input validation in some Intel(R)
Graphics Drivers (CVE-2020-12363)
kernel: Null pointer dereference in some Intel(R)
Graphics Drivers (CVE-2020-12364)
kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Red Hat Virtualization Host 4 for RHEL 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2314 to address this issue and obtain more information.
Security Fix(es): libwebp: heap-based buffer overflow in PutLE16()
(CVE-2018-25011)
libwebp: use of uninitialized value in ReadSymbol()
(CVE-2018-25014)
libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
libwebp: use-after-free in EmitFancyRGB()
in dec/io_dec.c (CVE-2020-36329)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2328 to address this issue and obtain more information.
Security Fix(es): samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2331 to address this issue and obtain more information.
Security Fix(es): dotnet: ASP.NET Core Client Disconnect Denial of Service (CVE-2021-31957)
Affected Products:
dotNET on RHEL (for RHEL Server) 1 x86_64
dotNET on RHEL (for RHEL Workstation) 1 x86_64
dotNET on RHEL (for RHEL Compute Node) 1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2350 to address this issue and obtain more information.
Security Fix(es): dotnet: ASP.NET Core Client Disconnect Denial of Service (CVE-2021-31957)
Affected Products:
dotNET on RHEL (for RHEL Server) 1 x86_64
dotNET on RHEL (for RHEL Workstation) 1 x86_64
dotNET on RHEL (for RHEL Compute Node) 1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2351 to address this issue and obtain more information.
Security Fix(es): dotnet: ASP.NET Core Client Disconnect Denial of Service (CVE-2021-31957)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2352 to address this issue and obtain more information.
Security Fix(es): dotnet: ASP.NET Core Client Disconnect Denial of Service (CVE-2021-31957)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2353 to address this issue and obtain more information.
Security Fix(es): libwebp: heap-based buffer overflow in PutLE16()
(CVE-2018-25011)
libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
libwebp: use-after-free in EmitFancyRGB()
in dec/io_dec.c (CVE-2020-36329)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2354 to address this issue and obtain more information.
Security Fix(es): dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2357 to address this issue and obtain more information.
Security Fix(es): dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2359 to address this issue and obtain more information.
Security Fix(es): postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2360 to address this issue and obtain more information.
Security Fix(es): postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2361 to address this issue and obtain more information.
Security Fix(es): gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2363 to address this issue and obtain more information.
Security Fix(es): libwebp: heap-based buffer overflow in PutLE16()
(CVE-2018-25011)
libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
libwebp: use-after-free in EmitFancyRGB()
in dec/io_dec.c (CVE-2020-36329)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2364 to address this issue and obtain more information.
Security Fix(es): libwebp: heap-based buffer overflow in PutLE16()
(CVE-2018-25011)
libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
libwebp: use-after-free in EmitFancyRGB()
in dec/io_dec.c (CVE-2020-36329)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2365 to address this issue and obtain more information.
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2370 to address this issue and obtain more information.
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2371 to address this issue and obtain more information.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Security Fix(es): postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028) postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029) postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2372 to address this issue and obtain more information.
Security Fix(es): postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028) postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2375 to address this issue and obtain more information.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
CVE-2021-33501: Unauthenticated attackers can achieve RCE on vulnerable clients by combining a reflected cross-site scripting (XSS) bug with a Chromium Embedded Framework (CEF) sandbox escape.
Affected Versions:
Overwolf Client 0.169.0.22 and earlier
QID Detection Logic(Authenticated):
This QID checks for the vulnerable version of overwolf with registry HKLM\SOFTWARE\WOW6432Node\Overwolf and using CurrentVersion
Affected Versions:
Google Chrome Prior to 91.0.4472.101
QID Detection Logic(Authenticated):
This QID checks for vulnerable versions of Google Chrome on Windows and MAC OS.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected Product:
Oracle Linux 7
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected Product:
Oracle Linux 8
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected Product:
Oracle Linux 7
Affected Versions:
Adobe Photoshop 2020 version 21.2.8 and earlier
Adobe Photoshop 2021 version 22.4.1 and earlier
QID Detection Logic:
Windows(Authenticated): This QID checks for vulnerable version of 'Photoshop.exe' file.
Affected Versions:
Apache HTTP Server versions prior to 2.4.46.
NOTE:
CVE-2021-26691, CVE-2021-26690, CVE-2020-35452, CVE-2020-13938 affects to Apache HTTP Server versions 2.4.46, 2.4.43, 2.4.41, 2.4.39, 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25, 2.4.23, 2.4.20, 2.4.18, 2.4.17, 2.4.16, 2.4.12, 2.4.10, 2.4.9, 2.4.7, 2.4.6, 2.4.4, 2.4.3, 2.4.2, 2.4.1, 2.4.0.
CVE-2019-17567 affects to Apache HTTP Server versions 2.4.46, 2.4.43, 2.4.41, 2.4.39, 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25, 2.4.23, 2.4.20, 2.4.18, 2.4.17, 2.4.16, 2.4.12, 2.4.10, 2.4.9, 2.4.7, 2.4.6
CVE-2021-30641 affects to Apache HTTP Server versions 2.4.46, 2.4.43, 2.4.41, 2.4.39
CVE-2020-13950 affects to Apache HTTP Server versions 2.4.46, 2.4.43, 2.4.41
QID Detection Logic:(Unauthenticated)
This QID checks for server banner to detect if the target is running vulnerable version of apache httpd.
This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users.
Affected Versions:
SolarWinds Orion products prior to Orion Platform 2020.2.4
QID Detection Logic (Authenticated):
The QID extracts Solarwinds Orion installation path from registry key "HKLM\SOFTWARE\SolarWinds\Orion\Core", value "InstallPath", then compare file version of "SolarWinds.Orion.Core.BusinessLayer.dll" with patched versions
When registry keys are not accessible, we skip the path extracting, directly check file versions of "%ProgramFiles%\SolarWinds\Orion\SolarWinds.Orion.Core.BusinessLayer.dll" and "%ProgramFiles(x86)%\SolarWinds\Orion\SolarWinds.Orion.Core.BusinessLayer.dll".
Customers are advised to refer to Orion Platform 2020.2.4 Release Notes
QID Detection Logic:
QID checks if the login page can be accessible using default credentials (username: admin, password: 1234).
A remote attacker could exploit this to perform sensitive actions and take control over the device.
Customers are advised not to use default credentials for Zebra Printer.
Security Fix(es): jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity (XXE)
attacks. (CVE-2021-21642)
golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP endpoints. (CVE-2021-21643)
jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF)
vulnerability. (CVE-2021-21644)
jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints. (CVE-2021-21645)
Affected Products:
Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64
Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2122 to address this issue and obtain more information.
The KB Articles associated with the update:
KB5003635
KB5003637
KB5003638
KB5003646
KB5003661
KB5003667
KB5003671
KB5003681
KB5003687
KB5003694
KB5003695
KB5003696
KB5003697
This QID checks for the file version of ntoskrnl.exe
The following versions of ntoskrnl.exe with their corresponding KBs are verified:
KB5003635 -
KB5003637 -
KB5003638 -
KB5003646 -
KB5003661 -
KB5003667 -
KB5003671 -
KB5003681 -
KB5003687 -
KB5003694 -
KB5003695 -
KB5003696 -
KB5003697 -
Affected Software:
Windows Defender
QID Detection Logic (Authenticated):
Detection checks for mpengine.dll file version less than 1.1.18200.3
Adobe has released security updates to address the fix for Out-of-Bounds Read,Out-of-Bounds Write,Type Confusion,User After Free and Heap Overflow Vulnerabilities.
Affected Versions:
Acrobat DC Continuous 2021.001.20155 and earlier versions(windows and macOS)
Acrobat Reader DC Continuous 2021.001.20155 and earlier versions (Windows and macOS )
Acrobat 2020 Classic 2020, 2020.001.30025 and earlier versions (Windows and macOS)
Acrobat Reader 2020 Classic 2020, 2020.001.30025 and earlier versions (Windows and macOS)
Acrobat 2017 Classic 2017, 2017.011.30196 and earlier version (Windows and macOS)
Acrobat Reader 2017 Classic 2017, 2017.011.30196 and earlier version (Windows and macOS)
QID Detection Logic (Authenticated):
Operating System: Windows
This QID looks for the vulnerable version of Acrobat.dll, AcroRd32.dll and nppdf32.dll files.
QID Detection Logic (Authenticated):
Operating System: MacOS
This QID looks for the vulnerable version of Adobe Reader and Acrobat from the installed application list.
QID Detection Logic (Authenticated):
The detection gets the version of dwmcore.dll.
The KB Articles associated with the update:
KB5003635
KB5003637
Affected Versions:
Microsoft Edge Based On Chromium versions before 91.0.864.41
QID Detection Logic: (authenticated)
Operating System: Windows
The install path is checked via registry "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge\shell\open\command". The version is checked via file msedge.exe.
Operating System: MacOS
The QID checks for the version of Microsoft Edge Based On Chromium app.
QID Detection Logic (Authenticated):
The detection gets the version of Microsoft.MSPaint by querying wmi class Win32_InstalledStoreProgram.
QID Detection Logic (Authenticated):
The detection gets the version of Microsoft.Microsoft3DViewer by querying wmi class Win32_InstalledStoreProgram.
This security update contains the following KBs:
KB5001943
KB5001956
KB5001950
KB5001951
KB5001953
KB5001955
KB5001947
KB5001963
QID Detection Logic:
This authenticated QID checks the file versions from the Microsoft advisory with the versions on the affected office system.
Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.
This security update contains the following KBs:
KB5001942
KB5001934
QID Detection Logic:
This authenticated QID checks the file versions from the Microsoft advisory with the versions on affected outlook applications.
Note: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.
This security update contains the following KBs:
KB5001944
KB5001945
KB5001962
KB5001939
KB5001946
KB5001922
KB5001954
KB4011698
QID Detection Logic:
This authenticated QID checks the file versions from the above Microsoft KB article with the versions on the affected SharePoint system.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967)
Affected Products:
Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2206 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2208 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2214 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2233 to address this issue and obtain more information.
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Security Fix(es): buffer overflow in the lldp_decode function in daemon/protocols/lldp.c (CVE-2015-8011)
Affected Products:
Red Hat OpenStack 10 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2205 to address this issue and obtain more information.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Security Fix(es): kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)
kernel: SCSI target (LIO)
write to any block on ILO backstore (CVE-2020-28374)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2167 to address this issue and obtain more information.
Security Fix(es): kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)
kernel: Integer overflow in Intel(R)
Graphics Drivers (CVE-2020-12362)
kernel: SCSI target (LIO)
write to any block on ILO backstore (CVE-2020-28374)
kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2185 to address this issue and obtain more information.
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Security Fix(es): glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2170 to address this issue and obtain more information.
Security Fix(es): glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2171 to address this issue and obtain more information.
Security Fix(es): glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2172 to address this issue and obtain more information.
Security Fix(es): glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
Red Hat Enterprise Linux Server - AUS 7.7 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2175 to address this issue and obtain more information.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Security Fix(es): kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run (CVE-2021-3501) kernel: nitro_enclaves stale file descriptors on failed usercopy (CVE-2021-3543)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Virtualization Host 4 for RHEL 8 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2168 to address this issue and obtain more information.
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Security Fix(es): pki-server: Dogtag installer "pkispawn" logs admin credentials into a world-readable log file (CVE-2021-3551) The PKI installer "pkispawn" logs admin credentials into aworld-readable log file. It also looks like the installer is passing thepassword as an insecure command line argument. The credentials are the389-DS LDAP server's Directory Manager credentials. The DirectoryManager is 389-DS' equivalent of unrestricted root account. The userbypasses permission checks and grants full access to data. In an IdM /FreeIPA installation the DM user is able to read and manipulate KerberosKDC master password, Kerberos keytabs, hashed user passwords, and more.Any and all IdM and FreeIPA installations with PKI 10.10 should beconsidered compromised.
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2235 to address this issue and obtain more information.
Security Fix(es): polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync()
(CVE-2021-3560)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2236 to address this issue and obtain more information.
Security Fix(es): polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync()
(CVE-2021-3560)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
Red Hat Enterprise Linux Server - AUS 8.2 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat Enterprise Linux Server - TUS 8.2 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2237 to address this issue and obtain more information.
Security Fix(es): polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync()
(CVE-2021-3560)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2238 to address this issue and obtain more information.
Security Fix(es): nginx: Off-by-one in ngx_resolver_copy()
when labels are followed by a pointer to a root domain name (CVE-2021-23017)
Affected Products:
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2258 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957)
Affected Products:
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2262 to address this issue and obtain more information.
Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957)
Affected Products:
Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:2264 to address this issue and obtain more information.
Affected Products:
Prior to Mozilla Thunderbird 78.11.0
Note:
CVE-2021-29964: This bug only affects Thunderbird on Windows. Other operating systems are unaffected.
QID Detection Logic (Authenticated):
This checks for vulnerable version of Thunderbird.
Affected Products:
Prior to Firefox ESR 78.11
QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
Affected Products:
Prior to Firefox 89
QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected OS: EulerOS V2.0SP9
Affected OS: EulerOS V2.0SP9
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Security Fix(es): runc: vulnerable to symlink exchange attack (CVE-2021-30465)
Affected Products:
Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Refer to Red Hat security advisory RHSA-2021:1566 to address this issue and obtain more information.
CVE-2020-9041: The Cluster Management and Views endpoints are vulnerable to the "Slowloris" denial-of-service attack as they don't more aggressively terminate slow connections.
Affected Products:
Couchbase Sync Gateway through 2.7.0
QID Detection Logic(Unauthenticated):
This QID sends a GET request and identify the vulnerable version of Couchbase sync Gateway.
CVE-2021-23010: When the BIG-IP ASM system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file.
Vulnerable Component: BIG-IP ASM
Affected Versions:
16.0.0 - 16.0.1
15.1.0 - 15.1.1
14.1.0 - 14.1.3
13.1.0 - 13.1.3
12.1.0 - 12.1.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Workaround:
To mitigate this vulnerability, you can use the ASM Security menu to create a new custom JSON content profile and then apply it to Allowed WebSocket URLs.
A remote code execution vulnerability is present in network-listening components in some versions of Aruba OS. Affected Versions:
For CVE-2020-10713, CVE-2020-24637
Affected Versions:
ArubaOS 8.5.0.10, 8.6.0.5, 8.7.0.0 and below
Resolution:
ArubaOS 8.5.0.11, 8.6.0.6, 8.7.1.0 and above
For CVE-2020-24634
Affected Versions:
ArubaOS 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below
Resolution:
ArubaOS 8.2.2.10, 8.3.0.14, 8.5.0.11, 8.6.0.6, 8.7.1.0 and above
SD-WAN 2.1.0.2, 2.2.0.1 and above
For CVE-2020-24633
Affected Versions:
ArubaOS 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5,
8.7.0.0 and below
Resolution:
ArubaOS 6.4.4.24, 6.5.4.18, 8.2.2.10, 8.3.0.14, 8.5.0.11, 8.6.0.6,
8.7.1.0 and above
NOTE:
6.4.x.x and 6.5.x.x branches are not affected by CVE-2020-24634.
QID Detection Logic (Unauthenticated):
This QID gets the vulnerable Aruba OS version via SNMP.
Please refer to ARUBA-PSA-2020-012 for more information about patching the vulnerability.
Note:Not all vulnerabilities in this advisory affect all ArubaOS branches. If an ArubaOS branch is not listed as affected, it means that any ArubaOS version in that given branch is not affected.
For example, the 6.4.x.x and 6.5.x.x branches are not affected by CVE-2020-24634.
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. (CVE-2021-21985)
Affected Versions:
VMware vCenter Server 7.0 prior to build 17958471
VMware vCenter Server 6.7 prior to build 18010531
VMware vCenter Server 6.5 prior to build 17994927
QID Detection Logic (Unauthenticated):
The QID sends a POST request to " /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getHostCapabilityData" to detect if the target is vulnerable or not.
Note: If the workaround mentioned by the vendor is applied, QID will not flag.
Refer to VMware advisory VMSA-2021-0010 for more information.
Workaround:
Affected Plugins must be set to "incompatible." Disabling a plugin from within the UI does not prevent exploitation. Please refer to KB article KB83829 for more information.
A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled
Affected releases are Junos OS:
115.1X49 versions prior to 15.1X49-D190;
17.4 versions prior to 17.4R2-S9;
17.4R3 and later versions prior to 18.1R3-S9;
18.2 versions prior to 18.2R3-S1;
18.3 versions prior to 18.3R2-S3, 18.3R3;
18.4 versions prior to 18.4R2-S3, 18.4R3;
19.1 versions prior to 19.1R1-S4, 19.1R2;
19.2 versions prior to 19.2R1-S1, 19.2R2.
QID detection logic: (Authenticated)
It checks for vulnerable Junos OS version.
For more information please visit JSA11142.
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 33
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 33 Update
Affected OS:
Fedora 34
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 34 Update
Affected OS:
Fedora 32
For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 32 Update
Affected Product:
Oracle Linux 8
Affected Product:
Oracle Linux 8
Affected Product:
Oracle Linux 8
