Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisorysecurity fixRed Hat Enterprise Linux

Red Hat Enterprise Linux 9: RHSA-2023:0954-01 Moderate: Systemd Concerns

An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemd security update Advisory ID: RHSA-2023:0954-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0954 Issue date: 2023-02-28 CVE Names: CVE-2022-4415 CVE-2022-45873 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: local information leak due to systemd-coredump notrespecting fs.suid_dumpable kernel setting (CVE-2022-4415) * systemd: deadlock in systemd-coredump via a crash with a long backtrace (CVE-2022-45873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2149063 - CVE-2022-45873 systemd: deadlock in systemd-coredump via a crash with a long backtrace 2155515 - CVE-2022-4415 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 6. Package List: Red Hat Enterprise Linux AppStream (v.9): aarch64: systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debugsource-250-12.el9_1.3.aarch64.rpm systemd-devel-250-12.el9_1.3.aarch64.rpm systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm ppc64le: systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debugsource-250-12.el9_1.3.ppc64le.rpm systemd-devel-250-12.el9_1.3.ppc64le.rpm systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm s390x: systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debugsource-250-12.el9_1.3.s390x.rpm systemd-devel-250-12.el9_1.3.s390x.rpm systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm systemd-journal-remote-250-12.el9_1.3.s390x.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm x86_64: systemd-container-debuginfo-250-12.el9_1.3.i686.rpm systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debuginfo-250-12.el9_1.3.i686.rpm systemd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debugsource-250-12.el9_1.3.i686.rpm systemd-debugsource-250-12.el9_1.3.x86_64.rpm systemd-devel-250-12.el9_1.3.i686.rpm systemd-devel-250-12.el9_1.3.x86_64.rpm systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.9): Source: systemd-250-12.el9_1.3.src.rpm aarch64: systemd-250-12.el9_1.3.aarch64.rpm systemd-container-250-12.el9_1.3.aarch64.rpm systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debugsource-250-12.el9_1.3.aarch64.rpm systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-libs-250-12.el9_1.3.aarch64.rpm systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-oomd-250-12.el9_1.3.aarch64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-pam-250-12.el9_1.3.aarch64.rpm systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-resolved-250-12.el9_1.3.aarch64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-udev-250-12.el9_1.3.aarch64.rpm systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm noarch: systemd-rpm-macros-250-12.el9_1.3.noarch.rpm ppc64le: systemd-250-12.el9_1.3.ppc64le.rpm systemd-container-250-12.el9_1.3.ppc64le.rpm systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debugsource-250-12.el9_1.3.ppc64le.rpm systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-libs-250-12.el9_1.3.ppc64le.rpm systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-oomd-250-12.el9_1.3.ppc64le.rpm systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-pam-250-12.el9_1.3.ppc64le.rpm systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-resolved-250-12.el9_1.3.ppc64le.rpm systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-udev-250-12.el9_1.3.ppc64le.rpm systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm s390x: systemd-250-12.el9_1.3.s390x.rpm systemd-container-250-12.el9_1.3.s390x.rpm systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debugsource-250-12.el9_1.3.s390x.rpm systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm systemd-libs-250-12.el9_1.3.s390x.rpm systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm systemd-oomd-250-12.el9_1.3.s390x.rpm systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-pam-250-12.el9_1.3.s390x.rpm systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm systemd-resolved-250-12.el9_1.3.s390x.rpm systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm systemd-udev-250-12.el9_1.3.s390x.rpm systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm x86_64: systemd-250-12.el9_1.3.i686.rpm systemd-250-12.el9_1.3.x86_64.rpm systemd-container-250-12.el9_1.3.i686.rpm systemd-container-250-12.el9_1.3.x86_64.rpm systemd-container-debuginfo-250-12.el9_1.3.i686.rpm systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debuginfo-250-12.el9_1.3.i686.rpm systemd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debugsource-250-12.el9_1.3.i686.rpm systemd-debugsource-250-12.el9_1.3.x86_64.rpm systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-libs-250-12.el9_1.3.i686.rpm systemd-libs-250-12.el9_1.3.x86_64.rpm systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-oomd-250-12.el9_1.3.x86_64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-pam-250-12.el9_1.3.x86_64.rpm systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-resolved-250-12.el9_1.3.x86_64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-udev-250-12.el9_1.3.x86_64.rpm systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-4415 https://access.redhat.com/security/cve/CVE-2022-45873 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY/3zmtzjgjWX9erEAQjVQQ//T3ainOMg7qjaxA1Q91lW4nhLqsyoVSzX kYjdIOJ3Dn8+yEmhZWq73oNZLqWpSzRpDG6LmNHAGYZwnbVa6+bPeMMxvcI2ys89 tYYDIXwDJiNd2NFFzdanN5UnY2qO+NrkHz6MUHb60ZLfecHQLJXmCMZsoYKSDfC/ 4J8wzo4nHoUKGeWQP/0+DkGFS91ZFveJ+xDx6iCh7rY795NKcEbI8ss3yEMrEeKP BznZycfH+wScZrXIaZFvov2h6gExdznqLkBRNHyA0Sfc2e2P1NkbEc5Thx9X6jFH xCNbArQa1TGnyQjkxElgugqb/CUvFFbi/3KnB3hzcwk7jdg8hN9eIvyXuUdN0tVK AL01JjzJP2cSJmxPKyq/5bn6WPPTZIu9fmhsrKMWjUS7yurJECzpUVbFtjagt3YK B6qFITCU/DMe9q+eX2A5elo71Cu1sIbPtve+w3kbmodZ0zsOX+gsImg7hCirxuBT xWKSgmbfdCQiHcDDvHSj6u6xp31+yeMfpho5TN0W655jOwhh7taPwh48CIGPxUWB Rgc4hy268Ur09UkomIJ52KsUJScnqMHPW4X5cLkkFdtWYC0HUaw1b72u4FKFQRPV 48a9iz9LRBG1NBUifWjr9BqRC/pagSasyfIu2WnJmtWTIreBwHh3p5aRsdEUAOFF x94o/J1EsVM=P/XD -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A measured systemd patch for Red Hat Enterprise Linux tackles vulnerabilities. Uncover the effects and resolutions provided.. Red Hat Enterprise Linux,Systemd Update,Security Fix. . LinuxSecurity.com Team

Feb 28, 2023 Red Hat

security advisoryRed Hatupdate

Red Hat 8: RHSA-2023-0837-01 Moderate: Systemd Local Info Leak Fix

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemd security and bug fix update Advisory ID: RHSA-2023:0837-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0837 Issue date: 2023-02-21 CVE Names: CVE-2022-4415 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting (CVE-2022-4415) For more details about the security issue(s),including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * systemd doesn't record messages to the journal during boot (BZ#2164049) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2155515 - CVE-2022-4415 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 2164049 - systemd doesn't record messages to the journal during boot [rhel-8.7.0.z] 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: systemd-239-68.el8_7.4.src.rpm aarch64: systemd-239-68.el8_7.4.aarch64.rpm systemd-container-239-68.el8_7.4.aarch64.rpm systemd-container-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-debugsource-239-68.el8_7.4.aarch64.rpm systemd-devel-239-68.el8_7.4.aarch64.rpm systemd-journal-remote-239-68.el8_7.4.aarch64.rpm systemd-journal-remote-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-libs-239-68.el8_7.4.aarch64.rpm systemd-libs-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-pam-239-68.el8_7.4.aarch64.rpm systemd-pam-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-tests-239-68.el8_7.4.aarch64.rpm systemd-tests-debuginfo-239-68.el8_7.4.aarch64.rpm systemd-udev-239-68.el8_7.4.aarch64.rpm systemd-udev-debuginfo-239-68.el8_7.4.aarch64.rpm ppc64le: systemd-239-68.el8_7.4.ppc64le.rpm systemd-container-239-68.el8_7.4.ppc64le.rpm systemd-container-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-debugsource-239-68.el8_7.4.ppc64le.rpm systemd-devel-239-68.el8_7.4.ppc64le.rpm systemd-journal-remote-239-68.el8_7.4.ppc64le.rpm systemd-journal-remote-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-libs-239-68.el8_7.4.ppc64le.rpm systemd-libs-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-pam-239-68.el8_7.4.ppc64le.rpm systemd-pam-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-tests-239-68.el8_7.4.ppc64le.rpm systemd-tests-debuginfo-239-68.el8_7.4.ppc64le.rpm systemd-udev-239-68.el8_7.4.ppc64le.rpm systemd-udev-debuginfo-239-68.el8_7.4.ppc64le.rpm s390x: systemd-239-68.el8_7.4.s390x.rpm systemd-container-239-68.el8_7.4.s390x.rpm systemd-container-debuginfo-239-68.el8_7.4.s390x.rpm systemd-debuginfo-239-68.el8_7.4.s390x.rpm systemd-debugsource-239-68.el8_7.4.s390x.rpm systemd-devel-239-68.el8_7.4.s390x.rpm systemd-journal-remote-239-68.el8_7.4.s390x.rpm systemd-journal-remote-debuginfo-239-68.el8_7.4.s390x.rpm systemd-libs-239-68.el8_7.4.s390x.rpm systemd-libs-debuginfo-239-68.el8_7.4.s390x.rpm systemd-pam-239-68.el8_7.4.s390x.rpm systemd-pam-debuginfo-239-68.el8_7.4.s390x.rpm systemd-tests-239-68.el8_7.4.s390x.rpm systemd-tests-debuginfo-239-68.el8_7.4.s390x.rpm systemd-udev-239-68.el8_7.4.s390x.rpm systemd-udev-debuginfo-239-68.el8_7.4.s390x.rpm x86_64: systemd-239-68.el8_7.4.i686.rpm systemd-239-68.el8_7.4.x86_64.rpm systemd-container-239-68.el8_7.4.i686.rpm systemd-container-239-68.el8_7.4.x86_64.rpm systemd-container-debuginfo-239-68.el8_7.4.i686.rpm systemd-container-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-debuginfo-239-68.el8_7.4.i686.rpm systemd-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-debugsource-239-68.el8_7.4.i686.rpm systemd-debugsource-239-68.el8_7.4.x86_64.rpm systemd-devel-239-68.el8_7.4.i686.rpm systemd-devel-239-68.el8_7.4.x86_64.rpm systemd-journal-remote-239-68.el8_7.4.x86_64.rpm systemd-journal-remote-debuginfo-239-68.el8_7.4.i686.rpm systemd-journal-remote-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-libs-239-68.el8_7.4.i686.rpm systemd-libs-239-68.el8_7.4.x86_64.rpm systemd-libs-debuginfo-239-68.el8_7.4.i686.rpm systemd-libs-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-pam-239-68.el8_7.4.x86_64.rpm systemd-pam-debuginfo-239-68.el8_7.4.i686.rpm systemd-pam-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-tests-239-68.el8_7.4.x86_64.rpm systemd-tests-debuginfo-239-68.el8_7.4.i686.rpm systemd-tests-debuginfo-239-68.el8_7.4.x86_64.rpm systemd-udev-239-68.el8_7.4.x86_64.rpm systemd-udev-debuginfo-239-68.el8_7.4.i686.rpm systemd-udev-debuginfo-239-68.el8_7.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-4415 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY/S5FNzjgjWX9erEAQhQ9A//SUnTNh8T0kyEg+slRj/E2SGFR0iqgG7u YJ0z0u2pRDpjMoeGfBikubwZojAo1oaVbR+v1d9CMgtVyvSqAsp7lLvxDP0ePBvP YYweM3s/VY8clCjRA/GxprWnAP6zfjh+Mz5las2tkP0Vuk5ac8devOVaL+1AQ/zH +E7IgzAWX34vODoWzZRLxmRXUFJZt78QVvwrkjH1Abau+HnV6NVNdKaeKDvs4Emy Sfy3PSxGmis0MZcRGhtnX6kJKA9FdlTn9zGwovKZfSqKGDwWPH+I4QWn061n8JyX zMEi0tqRzNlNJt/qS2p+RqRy2GZegRKuTT4hZNQPO+0MBeGlb/fKqO2OiXKenkup 18yanfRLayUgX/H9tlOMRoT56bbOT1Er25nVwMJOFJKuA5z54AeE6zQiVZiubAS7 Zwl1SWCL+D28wkOP0Aez0YMOeJ683QUwx7EYMO/ZHKE1L/iEdoqNDEUxcxqvd4aW AoccGzP1zh+Ut8OU0TM6a+Y1ITL/3yGGSlhhuqHl6rPinBYJTDQ8jxV3irOSxhAk MEURtv2/F/mlO81juDdKN6Uw4/1DmPSxr46LRENBBpxOgMdunpY8ud2Iri3T++HH wdnrMqA/cGYLcgAPMIaqv5ETZjOAsO8LVVuwrzbCUD6loJ3aYDu6dv3/ACk5dIEE 0TfRmylITfA=zigV -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu introduces a critical patch for OpenSSH correcting potential vulnerabilities and enhancing stability. Discover further details here.. Red Hat, Systemd Update, Security Patch, Linux Update, Bug Fixes. . LinuxSecurity.com Team

Feb 21, 2023 Red Hat

Banner 2 1028x280 1708121730 1 1771599631

security advisorykernel updatecritical fix

SUSE Linux Enterprise 11 SP1: 2011-038 Moderate: Kernel Information Leak

The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.45 and fixes various bugs and security issues. 2.6.32.45 and fixes various bugs and security issues. Following security issues were fixed: CVE-2011-1776: Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access c [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2011:038 Date: Thu, 01 Sep 2011 15:00:00 +0000 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 Vulnerability Type: local kernel information leak CVSS v2 Base Score: 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N) SUSE Default Package: yes Cross-References: CVE-2010-3881, CVE-2011-1776, CVE-2011-2495 CVE-2011-2700, CVE-2011-2909, CVE-2011-2918 Content of This Advisory: 1) Security Vulnerability Resolved: Linux kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.45 and fixes various bugs and security issues. Following security issues were fixed: CVE-2011-1776: Timo Warns reported an issue in theLinux implementation for GUID partitions. Users with physical access could gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted partition table. CVE-2010-3881: The second part of this fix was not yet applied to our kernel: arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device. CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or similar. CVE-2011-2700: A small buffer overflow in the radio driver si4713-i2c was fixed that could potentially used by local attackers to crash the kernel or potentially execute code. CVE-2011-2909: A kernel information leak in the comedi driver from kernel to userspace was fixed. CVE-2011-2918: In the perf framework software event overflows could deadlock or delete an uninitialized timer. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offeredfor installation from the maintenance web: SUSE Linux Enterprise High Availability Extension 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify thesignature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from This email address is being protected from spambots. You need JavaScript enabled to view it. with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to . ==================================================================== SUSE's security contact is or . The public key is listed below. ==================================================================== . SUSE Linux Enterprise 11 SP1 kernel patch addresses local data breaches and several problems with essential corrections.. SUSE Linux, Kernel Update, Local Information Leak, Security Patch. . LinuxSecurity.com Team

Sep 01, 2011 SuSE

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Red Hat Enterprise Linux 9: RHSA-2023:0954-01 Moderate: Systemd Concerns

Red Hat 8: RHSA-2023-0837-01 Moderate: Systemd Local Info Leak Fix

SUSE Linux Enterprise 11 SP1: 2011-038 Moderate: Kernel Information Leak

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!