Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 14 articles for you...
100
security advisorydenial of serviceSuSESUSE: Multi-Linux Manager Salt Bundle Important Fixes 2025:02499-1
* bsc#1236621 * bsc#1243268 * bsc#1244561 * bsc#1244564 * bsc#1244565 . # Security update 5.0.5 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2025:02499-1 Release Date: 2025-07-23T12:46:00Z Rating: important References: * bsc#1236621 * bsc#1243268 * bsc#1244561 * bsc#1244564 * bsc#1244565 * bsc#1244566 * bsc#1244567 * bsc#1244568 * bsc#1244570 * bsc#1244571 * bsc#1244572 * bsc#1244574 * bsc#1244575 * jsc#MSQA-993 Cross-References: * CVE-2024-38822 * CVE-2024-38823 * CVE-2024-38824 * CVE-2024-38825 * CVE-2025-22236 * CVE-2025-22237 * CVE-2025-22238 * CVE-2025-22239 * CVE-2025-22240 * CVE-2025-22241 * CVE-2025-22242 * CVE-2025-47287 CVSS scores: * CVE-2024-38822 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-38822 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-38822 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-38823 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-38823 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38823 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-38824 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-38824 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2024-38824 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2024-38824 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38825 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-38825 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N * CVE-2024-38825 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N * CVE-2025-22236 ( SUSE ): 6.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L * CVE-2025-22236 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L *CVE-2025-22236 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2025-22237 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22237 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22237 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22238 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22238 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22238 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N * CVE-2025-22239 ( SUSE ): 6.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L * CVE-2025-22239 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2025-22239 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2025-22240 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22240 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-22240 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-22241 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22241 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22241 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22242 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22242 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22242 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H * CVE-2025-47287 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47287 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47287 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves 12 vulnerabilities, contains one feature andhas one security fix can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2024-38822: Fixed Minion token validation (bsc#1244561) * CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564) * CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565) * CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566) * CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567) * CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568) * CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570) * CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571) * CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572) * CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574) * CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575) * CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268) * Other bugs fixed: * Added subsystem filter to udev.exportdb (bsc#1236621) * Fixed Ubuntu 24.04 test failures * Fixed refresh of osrelease and related grains on Python 3.10+ * Fixed issue requiring proper Python flavor for dependencies * Fixed VIRTUAL_ENV variable in activate file to point to actual path * Fixed the bundle path in pyvenv.cfg * Prevent tests failures when pygit2 is not present ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-2499=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.59.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38822.html * https://www.suse.com/security/cve/CVE-2024-38823.html * https://www.suse.com/security/cve/CVE-2024-38824.html * https://www.suse.com/security/cve/CVE-2024-38825.html * https://www.suse.com/security/cve/CVE-2025-22236.html * https://www.suse.com/security/cve/CVE-2025-22237.html * https://www.suse.com/security/cve/CVE-2025-22238.html * https://www.suse.com/security/cve/CVE-2025-22239.html * https://www.suse.com/security/cve/CVE-2025-22240.html * https://www.suse.com/security/cve/CVE-2025-22241.html * https://www.suse.com/security/cve/CVE-2025-22242.html * https://www.suse.com/security/cve/CVE-2025-47287.html * https://bugzilla.suse.com/show_bug.cgi?id=1236621 * https://bugzilla.suse.com/show_bug.cgi?id=1243268 * https://bugzilla.suse.com/show_bug.cgi?id=1244561 * https://bugzilla.suse.com/show_bug.cgi?id=1244564 * https://bugzilla.suse.com/show_bug.cgi?id=1244565 * https://bugzilla.suse.com/show_bug.cgi?id=1244566 * https://bugzilla.suse.com/show_bug.cgi?id=1244567 * https://bugzilla.suse.com/show_bug.cgi?id=1244568 * https://bugzilla.suse.com/show_bug.cgi?id=1244570 * https://bugzilla.suse.com/show_bug.cgi?id=1244571 * https://bugzilla.suse.com/show_bug.cgi?id=1244572 * https://bugzilla.suse.com/show_bug.cgi?id=1244574 * https://bugzilla.suse.com/show_bug.cgi?id=1244575 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-993&page_caps=&user_role= . A pivotal security patch for SUSE Multi-System Manager Salt Package tackles pressing risks and hazards.. SUSE Update, Security Fix, Salt Bundle, Vulnerability Management, Denial of Service. . Severity: Important. LinuxSecurity.com Team
Jul 23, 2025
•Important
SuSE
98
security advisorysecurity updateRed HatRed Hat Enterprise Linux 7: RHSA-2021-0968-01 Low: Single Sign-On Update
New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 7 Advisory ID: RHSA-2021:0968-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0968 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-14302 ==================================================================== 1. Summary: New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 7 Server - noarch 3. Description: Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 6. Package List: Red Hat Single Sign-On 7.4 for RHEL 7 Server: Source: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.src.rpm noarch: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_single_sign-on/7.4/html/release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYFn0ydzjgjWX9erEAQi49xAAkB5+0q6+kkltQQfyh1kGIkyNeTEPIUAg Dpy2bmOY10cUny0PlIuWIVCEbCdhvDr9pAlxCehLznUzyFP+gxxTlvI/Is28erRZ 3cvLo8Yw7EGfOGxYyy1l0MrQfmoAW+NLrRV4TENs2oFxJp8up8H4dEefKIVL/e09 WKxO2AzyZjYnc2XoJgKBoRifo9whuQPhnnM7eqqDCBHGsyTQevNhuAGhnPTK7EP3 mJZihUUp81RARIB94hyVj1BtsVGj++tmZgoDAoAvd528+nZs6jin3tGzS/55Witd pJhQKYIfi7ulgM2Zxqk06/QPmQXLeR23r6VLqSaxgDjOc+waP8g8udJ5sNNjGOXG sGUH061rH7xyqMah0vT+r7X9QcZzAi2tbEjOQkpaTyH7C/LBwSQlJd5bGWcRTG0U 8pemHh3xPdP5/kRlItrjw5fY9+rfx4nqv4zo7ZvIxBkuS/hFc0wu87fYInTOupxT fli0qNDtGT4PaRlKuEOgwn3wCW/aWDiJP0eTwNOjzk1XYJP+G1IO9g4XZXc2lL74 T3VeAO1hlS8P6Sem5e55BQfEgt4QfbvwBcxYutq0ZAm/uKDKnIpmWeDStTC1H/A9 aFrvENcCyHiB6C9FkkHOu+mW1+x+q1TYDZoUUbO0mADUI++THdubQHLMOvvaWIU0 3E4ZZjw6WOk=lpNt -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 23, 2021
•Low
Red Hat
98
security advisorysecurity updatesecurity issueRHEL 6: RHSA-2021:0967-01 Low Severity: Single Sign-On Replay Attack
New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 6 Advisory ID: RHSA-2021:0967-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0967 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-14302 ==================================================================== 1. Summary: New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 6 Server - noarch 3. Description: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 6. Package List: Red Hat Single Sign-On 7.4 for RHEL 6 Server: Source: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.src.rpm noarch: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_single_sign-on/7.4/html/release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYFn0rtzjgjWX9erEAQiooQ//UTbMYHInn8lC+HnAC3IZVlfgmNtu3EHx eSOuE9rR1zgWoiRAAMaCiVJQ6GncFM/iLwzpUv0pcKxObiisQTgV5b/q4rZrCMPc hg/4DjwJhqXf2elomoLMzzQH8uUhLFbHJ5ybO64/PKql/3Gz7zvVXqederiHVsHE LMPT9OaTIG9rIC+54gZZDgPUeE3+gL1oyDV3zixGCyvWK7pTkKYozR9zanbIRsom yNLxT6qIyFqBRoGJq2ztJlhrJFw55A/d97RB5Aq1MHc2pAWm9ZY7Q/ZU4gs8yXf4 oSwQXDgz07g5q+61c7v/yETR7oTlTLSYTzVHepYzkVC2IKPAOU6qyDgqhgFcz15Z TnRlvkAd5SqFO3g0hfsatDIop2VFm/uvK1g1tJtTZDQtVCGXV8+E/DQVI0J3DwHd xNaAxj4u+n3Dadeg5FEsqTYiya5uwQmlqNRrUtWPKnWWJZL0k5wM26sH2cPeE9EX LGmXcK8lCPL2/Ouy3ap+Dkbwuza0cdqGafToQfTtjHywrCP6ZQifFLDaV8SQy/Vg /R9Sex6S0A+ciUjizqJChyemu4mbeLc6Hp7YXa4+n5aJ9mcgwnard/HOx9X36qNO Mu4GbhDG7kCD82yyG/gKlX2WJFuyf8hQwd3diJd/D421yTjaKvxYq2e5Q1OEmVz7 yqpFAdQPxaQ=JHY7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 23, 2021
•Low
Red Hat
89
security advisoryfedoraupdateFedora 33 Ceph 15.2.7 Critical: Replay Attack Security Advisory
ceph 15.2.7 GA ---- ceph-15.2.6 GA Security fix for CVE-2020-25660. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-a8f1120195 2020-12-10 01:13:07.368878 --------------------------------------------------------------------------------Name : ceph Product : Fedora 33 Version : 15.2.7 Release : 1.fc33 URL : Summary : User space components of the Ceph file system Description : Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. --------------------------------------------------------------------------------Update Information: ceph 15.2.7 GA ---- ceph-15.2.6 GA Security fix for CVE-2020-25660 --------------------------------------------------------------------------------ChangeLog: * Mon Nov 30 2020 Kaleb S. KEITHLEY - 2:15.2.7-1 - ceph 15.2.7 GA * Thu Nov 19 2020 Kaleb S. KEITHLEY - 2:15.2.6-1 - ceph 15.2.6 GA --------------------------------------------------------------------------------References: [ 1 ] Bug #1890354 - CVE-2020-25660 ceph: CEPHX_V2 replay attack protection lost https://bugzilla.redhat.com/show_bug.cgi?id=1890354 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a8f1120195' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 09, 2020
•Critical
Fedora
98
security advisoryRed Hatsoftware updateRed Hat: RHSA-2020:5325-01 Moderate: Ceph Storage Replay Attack
An update is now available for Red Hat Ceph Storage 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Ceph Storage 4.1 security and bug fix update Advisory ID: RHSA-2020:5325-01 Product: Red Hat Ceph Storage Advisory URL: https://access.redhat.com/errata/RHSA-2020:5325 Issue date: 2020-12-02 CVE Names: CVE-2020-25660 ==================================================================== 1. Summary: An update is now available for Red Hat Ceph Storage 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Ceph Storage 4.1 MON - noarch, ppc64le, s390x, x86_64 Red Hat Ceph Storage 4.1 OSD - ppc64le, s390x, x86_64 Red Hat Ceph Storage 4.1 Tools - noarch, ppc64le, s390x, x86_64 3. Description: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix(es): * ceph: CEPHX_V2 replay attack protection lost (CVE-2020-25660) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5.Bugs fixed (https://bugzilla.redhat.com/): 1890354 - CVE-2020-25660 ceph: CEPHX_V2 replay attack protection lost 1892644 - [GSS] S3 client is reporting S3 error: 404 (NoSuchKey) for an object which exists in the cluster 1895040 - ceph: problems with clusters containing nodes on s390x for some specific configurations and workloads 1896555 - mds decoding of enum types on big-endian systems broken 6. Package List: Red Hat Ceph Storage 4.1MON: Source: ceph-14.2.8-115.el7cp.src.rpm noarch: ceph-grafana-dashboards-14.2.8-115.el7cp.noarch.rpm ceph-mgr-dashboard-14.2.8-115.el7cp.noarch.rpm ceph-mgr-diskprediction-local-14.2.8-115.el7cp.noarch.rpm ceph-mgr-k8sevents-14.2.8-115.el7cp.noarch.rpm ceph-mgr-rook-14.2.8-115.el7cp.noarch.rpm ppc64le: ceph-base-14.2.8-115.el7cp.ppc64le.rpm ceph-common-14.2.8-115.el7cp.ppc64le.rpm ceph-debuginfo-14.2.8-115.el7cp.ppc64le.rpm ceph-mgr-14.2.8-115.el7cp.ppc64le.rpm ceph-mon-14.2.8-115.el7cp.ppc64le.rpm ceph-selinux-14.2.8-115.el7cp.ppc64le.rpm ceph-test-14.2.8-115.el7cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el7cp.ppc64le.rpm libcephfs2-14.2.8-115.el7cp.ppc64le.rpm librados-devel-14.2.8-115.el7cp.ppc64le.rpm librados2-14.2.8-115.el7cp.ppc64le.rpm libradospp-devel-14.2.8-115.el7cp.ppc64le.rpm libradosstriper1-14.2.8-115.el7cp.ppc64le.rpm librbd-devel-14.2.8-115.el7cp.ppc64le.rpm librbd1-14.2.8-115.el7cp.ppc64le.rpm librgw-devel-14.2.8-115.el7cp.ppc64le.rpm librgw2-14.2.8-115.el7cp.ppc64le.rpm python-ceph-argparse-14.2.8-115.el7cp.ppc64le.rpm python-cephfs-14.2.8-115.el7cp.ppc64le.rpm python-rados-14.2.8-115.el7cp.ppc64le.rpm python-rbd-14.2.8-115.el7cp.ppc64le.rpm python-rgw-14.2.8-115.el7cp.ppc64le.rpm x86_64: ceph-base-14.2.8-115.el7cp.x86_64.rpm ceph-common-14.2.8-115.el7cp.x86_64.rpm ceph-debuginfo-14.2.8-115.el7cp.x86_64.rpm ceph-mgr-14.2.8-115.el7cp.x86_64.rpm ceph-mon-14.2.8-115.el7cp.x86_64.rpm ceph-selinux-14.2.8-115.el7cp.x86_64.rpm ceph-test-14.2.8-115.el7cp.x86_64.rpm libcephfs-devel-14.2.8-115.el7cp.x86_64.rpm libcephfs2-14.2.8-115.el7cp.x86_64.rpm librados-devel-14.2.8-115.el7cp.x86_64.rpm librados2-14.2.8-115.el7cp.x86_64.rpm libradospp-devel-14.2.8-115.el7cp.x86_64.rpm libradosstriper1-14.2.8-115.el7cp.x86_64.rpm librbd-devel-14.2.8-115.el7cp.x86_64.rpm librbd1-14.2.8-115.el7cp.x86_64.rpm librgw-devel-14.2.8-115.el7cp.x86_64.rpm librgw2-14.2.8-115.el7cp.x86_64.rpm python-ceph-argparse-14.2.8-115.el7cp.x86_64.rpm python-cephfs-14.2.8-115.el7cp.x86_64.rpm python-rados-14.2.8-115.el7cp.x86_64.rpm python-rbd-14.2.8-115.el7cp.x86_64.rpm python-rgw-14.2.8-115.el7cp.x86_64.rpm Red Hat Ceph Storage 4.1 OSD: Source: ceph-14.2.8-115.el7cp.src.rpm ppc64le: ceph-base-14.2.8-115.el7cp.ppc64le.rpm ceph-common-14.2.8-115.el7cp.ppc64le.rpm ceph-debuginfo-14.2.8-115.el7cp.ppc64le.rpm ceph-osd-14.2.8-115.el7cp.ppc64le.rpm ceph-selinux-14.2.8-115.el7cp.ppc64le.rpm ceph-test-14.2.8-115.el7cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el7cp.ppc64le.rpm libcephfs2-14.2.8-115.el7cp.ppc64le.rpm librados-devel-14.2.8-115.el7cp.ppc64le.rpm librados2-14.2.8-115.el7cp.ppc64le.rpm libradospp-devel-14.2.8-115.el7cp.ppc64le.rpm libradosstriper1-14.2.8-115.el7cp.ppc64le.rpm librbd-devel-14.2.8-115.el7cp.ppc64le.rpm librbd1-14.2.8-115.el7cp.ppc64le.rpm librgw-devel-14.2.8-115.el7cp.ppc64le.rpm librgw2-14.2.8-115.el7cp.ppc64le.rpm python-ceph-argparse-14.2.8-115.el7cp.ppc64le.rpm python-cephfs-14.2.8-115.el7cp.ppc64le.rpm python-rados-14.2.8-115.el7cp.ppc64le.rpm python-rbd-14.2.8-115.el7cp.ppc64le.rpm python-rgw-14.2.8-115.el7cp.ppc64le.rpm x86_64: ceph-base-14.2.8-115.el7cp.x86_64.rpm ceph-common-14.2.8-115.el7cp.x86_64.rpm ceph-debuginfo-14.2.8-115.el7cp.x86_64.rpm ceph-osd-14.2.8-115.el7cp.x86_64.rpm ceph-selinux-14.2.8-115.el7cp.x86_64.rpm ceph-test-14.2.8-115.el7cp.x86_64.rpm libcephfs-devel-14.2.8-115.el7cp.x86_64.rpm libcephfs2-14.2.8-115.el7cp.x86_64.rpm librados-devel-14.2.8-115.el7cp.x86_64.rpm librados2-14.2.8-115.el7cp.x86_64.rpm libradospp-devel-14.2.8-115.el7cp.x86_64.rpm libradosstriper1-14.2.8-115.el7cp.x86_64.rpm librbd-devel-14.2.8-115.el7cp.x86_64.rpm librbd1-14.2.8-115.el7cp.x86_64.rpm librgw-devel-14.2.8-115.el7cp.x86_64.rpm librgw2-14.2.8-115.el7cp.x86_64.rpm python-ceph-argparse-14.2.8-115.el7cp.x86_64.rpm python-cephfs-14.2.8-115.el7cp.x86_64.rpm python-rados-14.2.8-115.el7cp.x86_64.rpm python-rbd-14.2.8-115.el7cp.x86_64.rpm python-rgw-14.2.8-115.el7cp.x86_64.rpm Red Hat Ceph Storage 4.1Tools: Source: ceph-14.2.8-115.el7cp.src.rpm noarch: ceph-grafana-dashboards-14.2.8-115.el7cp.noarch.rpm ppc64le: ceph-base-14.2.8-115.el7cp.ppc64le.rpm ceph-common-14.2.8-115.el7cp.ppc64le.rpm ceph-debuginfo-14.2.8-115.el7cp.ppc64le.rpm ceph-fuse-14.2.8-115.el7cp.ppc64le.rpm ceph-mds-14.2.8-115.el7cp.ppc64le.rpm ceph-radosgw-14.2.8-115.el7cp.ppc64le.rpm ceph-selinux-14.2.8-115.el7cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el7cp.ppc64le.rpm libcephfs2-14.2.8-115.el7cp.ppc64le.rpm librados-devel-14.2.8-115.el7cp.ppc64le.rpm librados2-14.2.8-115.el7cp.ppc64le.rpm libradospp-devel-14.2.8-115.el7cp.ppc64le.rpm libradosstriper1-14.2.8-115.el7cp.ppc64le.rpm librbd-devel-14.2.8-115.el7cp.ppc64le.rpm librbd1-14.2.8-115.el7cp.ppc64le.rpm librgw-devel-14.2.8-115.el7cp.ppc64le.rpm librgw2-14.2.8-115.el7cp.ppc64le.rpm python-ceph-argparse-14.2.8-115.el7cp.ppc64le.rpm python-cephfs-14.2.8-115.el7cp.ppc64le.rpm python-rados-14.2.8-115.el7cp.ppc64le.rpm python-rbd-14.2.8-115.el7cp.ppc64le.rpm python-rgw-14.2.8-115.el7cp.ppc64le.rpm rbd-mirror-14.2.8-115.el7cp.ppc64le.rpm rbd-nbd-14.2.8-115.el7cp.ppc64le.rpm x86_64: ceph-base-14.2.8-115.el7cp.x86_64.rpm ceph-common-14.2.8-115.el7cp.x86_64.rpm ceph-debuginfo-14.2.8-115.el7cp.x86_64.rpm ceph-fuse-14.2.8-115.el7cp.x86_64.rpm ceph-mds-14.2.8-115.el7cp.x86_64.rpm ceph-radosgw-14.2.8-115.el7cp.x86_64.rpm ceph-selinux-14.2.8-115.el7cp.x86_64.rpm libcephfs-devel-14.2.8-115.el7cp.x86_64.rpm libcephfs2-14.2.8-115.el7cp.x86_64.rpm librados-devel-14.2.8-115.el7cp.x86_64.rpm librados2-14.2.8-115.el7cp.x86_64.rpm libradospp-devel-14.2.8-115.el7cp.x86_64.rpm libradosstriper1-14.2.8-115.el7cp.x86_64.rpm librbd-devel-14.2.8-115.el7cp.x86_64.rpm librbd1-14.2.8-115.el7cp.x86_64.rpm librgw-devel-14.2.8-115.el7cp.x86_64.rpm librgw2-14.2.8-115.el7cp.x86_64.rpm python-ceph-argparse-14.2.8-115.el7cp.x86_64.rpm python-cephfs-14.2.8-115.el7cp.x86_64.rpm python-rados-14.2.8-115.el7cp.x86_64.rpm python-rbd-14.2.8-115.el7cp.x86_64.rpm python-rgw-14.2.8-115.el7cp.x86_64.rpm rbd-mirror-14.2.8-115.el7cp.x86_64.rpm rbd-nbd-14.2.8-115.el7cp.x86_64.rpm Red Hat Ceph Storage 4.1MON: Source: ceph-14.2.8-115.el8cp.src.rpm noarch: ceph-grafana-dashboards-14.2.8-115.el8cp.noarch.rpm ceph-mgr-dashboard-14.2.8-115.el8cp.noarch.rpm ceph-mgr-diskprediction-local-14.2.8-115.el8cp.noarch.rpm ceph-mgr-k8sevents-14.2.8-115.el8cp.noarch.rpm ceph-mgr-rook-14.2.8-115.el8cp.noarch.rpm ppc64le: ceph-base-14.2.8-115.el8cp.ppc64le.rpm ceph-base-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-common-14.2.8-115.el8cp.ppc64le.rpm ceph-common-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-debugsource-14.2.8-115.el8cp.ppc64le.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mgr-14.2.8-115.el8cp.ppc64le.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mon-14.2.8-115.el8cp.ppc64le.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-selinux-14.2.8-115.el8cp.ppc64le.rpm ceph-test-14.2.8-115.el8cp.ppc64le.rpm ceph-test-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados-devel-14.2.8-115.el8cp.ppc64le.rpm librados-devel-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados2-14.2.8-115.el8cp.ppc64le.rpm librados2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libradospp-devel-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librbd-devel-14.2.8-115.el8cp.ppc64le.rpm librbd1-14.2.8-115.el8cp.ppc64le.rpm librbd1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librgw-devel-14.2.8-115.el8cp.ppc64le.rpm librgw2-14.2.8-115.el8cp.ppc64le.rpm librgw2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-ceph-argparse-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rados-14.2.8-115.el8cp.ppc64le.rpm python3-rados-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm s390x: ceph-base-14.2.8-115.el8cp.s390x.rpm ceph-base-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-common-14.2.8-115.el8cp.s390x.rpm ceph-common-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-debugsource-14.2.8-115.el8cp.s390x.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mgr-14.2.8-115.el8cp.s390x.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mon-14.2.8-115.el8cp.s390x.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-selinux-14.2.8-115.el8cp.s390x.rpm ceph-test-14.2.8-115.el8cp.s390x.rpm ceph-test-debuginfo-14.2.8-115.el8cp.s390x.rpm libcephfs-devel-14.2.8-115.el8cp.s390x.rpm libcephfs2-14.2.8-115.el8cp.s390x.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.s390x.rpm librados-devel-14.2.8-115.el8cp.s390x.rpm librados-devel-debuginfo-14.2.8-115.el8cp.s390x.rpm librados2-14.2.8-115.el8cp.s390x.rpm librados2-debuginfo-14.2.8-115.el8cp.s390x.rpm libradospp-devel-14.2.8-115.el8cp.s390x.rpm libradosstriper1-14.2.8-115.el8cp.s390x.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.s390x.rpm librbd-devel-14.2.8-115.el8cp.s390x.rpm librbd1-14.2.8-115.el8cp.s390x.rpm librbd1-debuginfo-14.2.8-115.el8cp.s390x.rpm librgw-devel-14.2.8-115.el8cp.s390x.rpm librgw2-14.2.8-115.el8cp.s390x.rpm librgw2-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-ceph-argparse-14.2.8-115.el8cp.s390x.rpm python3-cephfs-14.2.8-115.el8cp.s390x.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rados-14.2.8-115.el8cp.s390x.rpm python3-rados-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rbd-14.2.8-115.el8cp.s390x.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rgw-14.2.8-115.el8cp.s390x.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.s390x.rpm x86_64: ceph-base-14.2.8-115.el8cp.x86_64.rpm ceph-base-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-common-14.2.8-115.el8cp.x86_64.rpm ceph-common-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-debugsource-14.2.8-115.el8cp.x86_64.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mgr-14.2.8-115.el8cp.x86_64.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mon-14.2.8-115.el8cp.x86_64.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-selinux-14.2.8-115.el8cp.x86_64.rpm ceph-test-14.2.8-115.el8cp.x86_64.rpm ceph-test-debuginfo-14.2.8-115.el8cp.x86_64.rpm libcephfs-devel-14.2.8-115.el8cp.x86_64.rpm libcephfs2-14.2.8-115.el8cp.x86_64.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados-devel-14.2.8-115.el8cp.x86_64.rpm librados-devel-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados2-14.2.8-115.el8cp.x86_64.rpm librados2-debuginfo-14.2.8-115.el8cp.x86_64.rpm libradospp-devel-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librbd-devel-14.2.8-115.el8cp.x86_64.rpm librbd1-14.2.8-115.el8cp.x86_64.rpm librbd1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librgw-devel-14.2.8-115.el8cp.x86_64.rpm librgw2-14.2.8-115.el8cp.x86_64.rpm librgw2-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-ceph-argparse-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rados-14.2.8-115.el8cp.x86_64.rpm python3-rados-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rbd-14.2.8-115.el8cp.x86_64.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rgw-14.2.8-115.el8cp.x86_64.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm Red Hat Ceph Storage 4.1OSD: Source: ceph-14.2.8-115.el8cp.src.rpm ppc64le: ceph-base-14.2.8-115.el8cp.ppc64le.rpm ceph-base-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-common-14.2.8-115.el8cp.ppc64le.rpm ceph-common-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-debugsource-14.2.8-115.el8cp.ppc64le.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-osd-14.2.8-115.el8cp.ppc64le.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-selinux-14.2.8-115.el8cp.ppc64le.rpm ceph-test-14.2.8-115.el8cp.ppc64le.rpm ceph-test-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados-devel-14.2.8-115.el8cp.ppc64le.rpm librados-devel-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados2-14.2.8-115.el8cp.ppc64le.rpm librados2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libradospp-devel-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librbd-devel-14.2.8-115.el8cp.ppc64le.rpm librbd1-14.2.8-115.el8cp.ppc64le.rpm librbd1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librgw-devel-14.2.8-115.el8cp.ppc64le.rpm librgw2-14.2.8-115.el8cp.ppc64le.rpm librgw2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-ceph-argparse-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rados-14.2.8-115.el8cp.ppc64le.rpm python3-rados-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm s390x: ceph-base-14.2.8-115.el8cp.s390x.rpm ceph-base-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-common-14.2.8-115.el8cp.s390x.rpm ceph-common-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-debugsource-14.2.8-115.el8cp.s390x.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-osd-14.2.8-115.el8cp.s390x.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-selinux-14.2.8-115.el8cp.s390x.rpm ceph-test-14.2.8-115.el8cp.s390x.rpm ceph-test-debuginfo-14.2.8-115.el8cp.s390x.rpm libcephfs-devel-14.2.8-115.el8cp.s390x.rpm libcephfs2-14.2.8-115.el8cp.s390x.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.s390x.rpm librados-devel-14.2.8-115.el8cp.s390x.rpm librados-devel-debuginfo-14.2.8-115.el8cp.s390x.rpm librados2-14.2.8-115.el8cp.s390x.rpm librados2-debuginfo-14.2.8-115.el8cp.s390x.rpm libradospp-devel-14.2.8-115.el8cp.s390x.rpm libradosstriper1-14.2.8-115.el8cp.s390x.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.s390x.rpm librbd-devel-14.2.8-115.el8cp.s390x.rpm librbd1-14.2.8-115.el8cp.s390x.rpm librbd1-debuginfo-14.2.8-115.el8cp.s390x.rpm librgw-devel-14.2.8-115.el8cp.s390x.rpm librgw2-14.2.8-115.el8cp.s390x.rpm librgw2-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-ceph-argparse-14.2.8-115.el8cp.s390x.rpm python3-cephfs-14.2.8-115.el8cp.s390x.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rados-14.2.8-115.el8cp.s390x.rpm python3-rados-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rbd-14.2.8-115.el8cp.s390x.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rgw-14.2.8-115.el8cp.s390x.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.s390x.rpm x86_64: ceph-base-14.2.8-115.el8cp.x86_64.rpm ceph-base-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-common-14.2.8-115.el8cp.x86_64.rpm ceph-common-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-debugsource-14.2.8-115.el8cp.x86_64.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-osd-14.2.8-115.el8cp.x86_64.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-selinux-14.2.8-115.el8cp.x86_64.rpm ceph-test-14.2.8-115.el8cp.x86_64.rpm ceph-test-debuginfo-14.2.8-115.el8cp.x86_64.rpm libcephfs-devel-14.2.8-115.el8cp.x86_64.rpm libcephfs2-14.2.8-115.el8cp.x86_64.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados-devel-14.2.8-115.el8cp.x86_64.rpm librados-devel-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados2-14.2.8-115.el8cp.x86_64.rpm librados2-debuginfo-14.2.8-115.el8cp.x86_64.rpm libradospp-devel-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librbd-devel-14.2.8-115.el8cp.x86_64.rpm librbd1-14.2.8-115.el8cp.x86_64.rpm librbd1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librgw-devel-14.2.8-115.el8cp.x86_64.rpm librgw2-14.2.8-115.el8cp.x86_64.rpm librgw2-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-ceph-argparse-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rados-14.2.8-115.el8cp.x86_64.rpm python3-rados-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rbd-14.2.8-115.el8cp.x86_64.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rgw-14.2.8-115.el8cp.x86_64.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm Red Hat Ceph Storage 4.1Tools: Source: ceph-14.2.8-115.el8cp.src.rpm noarch: ceph-grafana-dashboards-14.2.8-115.el8cp.noarch.rpm ppc64le: ceph-base-14.2.8-115.el8cp.ppc64le.rpm ceph-base-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-common-14.2.8-115.el8cp.ppc64le.rpm ceph-common-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-debugsource-14.2.8-115.el8cp.ppc64le.rpm ceph-fuse-14.2.8-115.el8cp.ppc64le.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mds-14.2.8-115.el8cp.ppc64le.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-radosgw-14.2.8-115.el8cp.ppc64le.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm ceph-selinux-14.2.8-115.el8cp.ppc64le.rpm ceph-test-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libcephfs-devel-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-14.2.8-115.el8cp.ppc64le.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados-devel-14.2.8-115.el8cp.ppc64le.rpm librados-devel-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librados2-14.2.8-115.el8cp.ppc64le.rpm librados2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm libradospp-devel-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-14.2.8-115.el8cp.ppc64le.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librbd-devel-14.2.8-115.el8cp.ppc64le.rpm librbd1-14.2.8-115.el8cp.ppc64le.rpm librbd1-debuginfo-14.2.8-115.el8cp.ppc64le.rpm librgw-devel-14.2.8-115.el8cp.ppc64le.rpm librgw2-14.2.8-115.el8cp.ppc64le.rpm librgw2-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-ceph-argparse-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-14.2.8-115.el8cp.ppc64le.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rados-14.2.8-115.el8cp.ppc64le.rpm python3-rados-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-14.2.8-115.el8cp.ppc64le.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-14.2.8-115.el8cp.ppc64le.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-mirror-14.2.8-115.el8cp.ppc64le.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.ppc64le.rpm rbd-nbd-14.2.8-115.el8cp.ppc64le.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.ppc64le.rpm s390x: ceph-base-14.2.8-115.el8cp.s390x.rpm ceph-base-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-common-14.2.8-115.el8cp.s390x.rpm ceph-common-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-debugsource-14.2.8-115.el8cp.s390x.rpm ceph-fuse-14.2.8-115.el8cp.s390x.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mds-14.2.8-115.el8cp.s390x.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-radosgw-14.2.8-115.el8cp.s390x.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.s390x.rpm ceph-selinux-14.2.8-115.el8cp.s390x.rpm ceph-test-debuginfo-14.2.8-115.el8cp.s390x.rpm libcephfs-devel-14.2.8-115.el8cp.s390x.rpm libcephfs2-14.2.8-115.el8cp.s390x.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.s390x.rpm librados-devel-14.2.8-115.el8cp.s390x.rpm librados-devel-debuginfo-14.2.8-115.el8cp.s390x.rpm librados2-14.2.8-115.el8cp.s390x.rpm librados2-debuginfo-14.2.8-115.el8cp.s390x.rpm libradospp-devel-14.2.8-115.el8cp.s390x.rpm libradosstriper1-14.2.8-115.el8cp.s390x.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.s390x.rpm librbd-devel-14.2.8-115.el8cp.s390x.rpm librbd1-14.2.8-115.el8cp.s390x.rpm librbd1-debuginfo-14.2.8-115.el8cp.s390x.rpm librgw-devel-14.2.8-115.el8cp.s390x.rpm librgw2-14.2.8-115.el8cp.s390x.rpm librgw2-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-ceph-argparse-14.2.8-115.el8cp.s390x.rpm python3-cephfs-14.2.8-115.el8cp.s390x.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rados-14.2.8-115.el8cp.s390x.rpm python3-rados-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rbd-14.2.8-115.el8cp.s390x.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.s390x.rpm python3-rgw-14.2.8-115.el8cp.s390x.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-mirror-14.2.8-115.el8cp.s390x.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.s390x.rpm rbd-nbd-14.2.8-115.el8cp.s390x.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.s390x.rpm x86_64: ceph-base-14.2.8-115.el8cp.x86_64.rpm ceph-base-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-common-14.2.8-115.el8cp.x86_64.rpm ceph-common-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-debugsource-14.2.8-115.el8cp.x86_64.rpm ceph-fuse-14.2.8-115.el8cp.x86_64.rpm ceph-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mds-14.2.8-115.el8cp.x86_64.rpm ceph-mds-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mgr-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-mon-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-osd-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-radosgw-14.2.8-115.el8cp.x86_64.rpm ceph-radosgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm ceph-selinux-14.2.8-115.el8cp.x86_64.rpm ceph-test-debuginfo-14.2.8-115.el8cp.x86_64.rpm libcephfs-devel-14.2.8-115.el8cp.x86_64.rpm libcephfs2-14.2.8-115.el8cp.x86_64.rpm libcephfs2-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados-devel-14.2.8-115.el8cp.x86_64.rpm librados-devel-debuginfo-14.2.8-115.el8cp.x86_64.rpm librados2-14.2.8-115.el8cp.x86_64.rpm librados2-debuginfo-14.2.8-115.el8cp.x86_64.rpm libradospp-devel-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-14.2.8-115.el8cp.x86_64.rpm libradosstriper1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librbd-devel-14.2.8-115.el8cp.x86_64.rpm librbd1-14.2.8-115.el8cp.x86_64.rpm librbd1-debuginfo-14.2.8-115.el8cp.x86_64.rpm librgw-devel-14.2.8-115.el8cp.x86_64.rpm librgw2-14.2.8-115.el8cp.x86_64.rpm librgw2-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-ceph-argparse-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-14.2.8-115.el8cp.x86_64.rpm python3-cephfs-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rados-14.2.8-115.el8cp.x86_64.rpm python3-rados-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rbd-14.2.8-115.el8cp.x86_64.rpm python3-rbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm python3-rgw-14.2.8-115.el8cp.x86_64.rpm python3-rgw-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-fuse-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-mirror-14.2.8-115.el8cp.x86_64.rpm rbd-mirror-debuginfo-14.2.8-115.el8cp.x86_64.rpm rbd-nbd-14.2.8-115.el8cp.x86_64.rpm rbd-nbd-debuginfo-14.2.8-115.el8cp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25660 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX8exo9zjgjWX9erEAQgj0Q//YeuzKMfZQiZZMmotVgFLsm0omMLlIA4T xXA75A1DBkLDGK0SKGukmnHwHvBbJC41b5grgud4BvaJPHZoMWm4v5OLft//VokT 833uSDfP4PYKORKqDChgmKmfx87X5zpHlcRxgrJFmRG1hc7xx0RF/do5B0I1wSws j9VwtepTDcYnpKUWqyQB/cg/+SqOy/2YiJf+ewyaoZpPZnu91T3IvSD5G5O+v/y6 jzTgZ8yrr78bxNfBTwgMIupMGWjgqU2sVXcyU/P8laaICzOGlcGStbStX0AzH726 HGXRymXB8sXwrKlJ4mXRQDYXnO7v5Hb0GQNu6Fk6Bo4Y3hS0DhChbNegMUcgOlMZ +w/88ADxXGIltMTpSLIl0y3dZnGxELMFfS5vlbPxoLYmhbS3lxh9TmKPLENRLR42 /BUnWUkyX7w6Ce1/5wUksQ5o32qqye3UTGWr492vtQ4v2+XH91yz3Q8nkN7Bzdlr evof8cA6I7Tv73w+v0z6rG5Ct/NPAGJyA/xmjA5EL5RJhtnPgcCNeZquLfekvRTd dp0XJNGLmonCPDGIdg6XrV1te5+vnSets0O+aBGppxRhjDTVfx8GdZHBLSb7hk2b 8lylmse8zltWzM9AMYIUBiDO+MJFEwsJcBUXhTXwjNAg5Zed64jDmpPMVNG7Pbmp fqia79MGsV0=lnLE -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Dec 02, 2020
•Important
Red Hat
172
security advisorysecurity issueDoSUbuntu: 3850-2 Moderate: NSS Cache Timing And Replay Attacks
Several security issues were fixed in NSS.. =========================================================================Ubuntu Security Notice USN-3850-2 February 18, 2019 nss vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Several security issues were fixed in NSS. Software Description: - nss: Network Security Service library Details: USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. (CVE-2018-12384) It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. (CVE-2018-12404) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: libnss3 2:3.28.4-0ubuntu0.12.04.2 After a standard system update you need to restart any applications that use NSS, such as Evolution, to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3850-2 https://ubuntu.com/security/notices/USN-3850-1 CVE-2018-0495, CVE-2018-12384, CVE-2018-12404 . Several vulnerabilities corrected in Ubuntu Security Notice USN-3850-3, with essential patches suggested.. NSS vulnerabilities, Ubuntu security update, cache-timing attack, replay attack, critical security fix. . Severity: Important. LinuxSecurity.comTeam
Feb 18, 2019
•Important
Ubuntu
203
security advisoryinformation leakaccess controlMageia 6: MGASA-2018-0487 Critical: Kernel Security Flaws Addressed
This kernel update is based on the upstream 4.14.89 and fixes atleast the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors (STIBP) support. Note that STIBP also . MGASA-2018-0487 - Updated kernel packages fix security vulnerabilities Publication date: 21 Dec 2018 URL: https://advisories.mageia.org/MGASA-2018-0487.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-1128, CVE-2018-1129, CVE-2018-14625, CVE-2018-16862, CVE-2018-18397, CVE-2018-19824 This kernel update is based on the upstream 4.14.89 and fixes atleast the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors (STIBP) support. Note that STIBP also requires the functionality be supported by the Intel microcode in use. It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service (CVE-2018-1128). A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol (CVE-2018-1129). A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (CVE-2018-14625). A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the sameinode may contain leftover pages from cleancache and the old file data instead of the new one (CVE-2018-16862). The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes) (CVE-2018-18397). In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) (CVE-2018-19824). For other uptstream fixes in this update, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=24032 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.79 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.80 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.81 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.82 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.83 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.84 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.86 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.88 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.89 - https://www.cve.org/CVERecord?id=CVE-2018-1128 - https://www.cve.org/CVERecord?id=CVE-2018-1129 - https://www.cve.org/CVERecord?id=CVE-2018-14625 - https://www.cve.org/CVERecord?id=CVE-2018-16862 - https://www.cve.org/CVERecord?id=CVE-2018-18397 - https://www.cve.org/CVERecord?id=CVE-2018-19824 SRPMS: - 6/core/kernel-4.14.89-1.mga6 - 6/core/kernel-userspace-headers-4.14.89-1.mga6 - 6/core/kmod-vboxadditions-5.2.22-5.mga6 - 6/core/kmod-virtualbox-5.2.22-5.mga6 - 6/core/kmod-xtables-addons-2.13-75.mga6 . The crucial patch MGASA-2018-0487 targets significant security flaws andvulnerabilities present in Mageia 6's kernel.. Mageia Kernel Update Security Threats Vulnerabilities Protection. . Severity: Critical. LinuxSecurity.com Team
Dec 21, 2018
•Critical
Mageia
87
security advisorydenial of servicedebianDebian DSA-4339-1 Critical: Ceph Replay Attack & DoS Issues
Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system: The cephx authentication protocol was suspectible to replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4339-1
Nov 13, 2018
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!