The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1109 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * Concurrent reading of /proc/cpuinfo by multiple tasks causes soft lockup (BZ#2154442)

    * RHEL8: panic when THP split (BZ#2156111)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1110 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update RT source tree to the latest RHEL-8.2.z24 Batch (BZ#2166667)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1141 advisory.

    The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements     cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

    Security Fix(es):

    * gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * CCM tag length should be limited to known values (BZ#2144535)

    * In FIPS mode, gnutls should reject RSASSA-PSS salt lengths larger than the output size of the hash     function used, or provide an indicator (BZ#2144537)

    * dracut-cmdline[554]: Error in GnuTLS initialization: Error while performing self checks i FIPS mode     (BZ#2149640)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1130 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

    * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134587)

    * fix for CoW after fork() issue aka vmsplice child -> parent attack aka GUP after fork bug     (BZ#2137546)

    * Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137593)

    * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138206)

    * RHEL 8.7 - Outputs of lsmem, lparstat, numactl and /proc/meminfo show wrong value of memory when LMB     size is set to 4GB. (BZ#2140091)

    * RHEL8.7: tcp sessions hanging after ibmvnic failover on Denali (BZ#2140958)

    * RHEL8: Practically limit Dummy wait workaround to old Intel systems (BZ#2142171)

    * RHEL:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was     cloned for RHEL8.6 and need this patch in 8.6+ (BZ#2144584)

    * i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149746)

    * RHEL8.4 - boot: Add secure boot trailer (BZ#2151531)

    * error 524 from seccomp(2) when trying to load filter (BZ#2152139)

    * The kernel BUG at mm/usercopy.c:103! from BZ 2041529 is back on rhel-8.5 (BZ#2153231)

    * kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154461)

    * MSFT MANA NET Patch RHEL-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155438)

    * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at     0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155798)

    * RHEL8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem     (BZ#2157923)

    * 'date' command shows wrong time in nested KVM s390x guest (BZ#2158814)

    * Kernel FIPS-140-3 requirements - part 3 - AES-XTS (BZ#2160173)

    * ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160183)

    * i40e/iavf: VF reset task fails Never saw reset with 5 second timeout per VF (BZ#2160461)

    * Mellanox: backport net/mlx5e: TC NIC mode, fix tc chains miss table (BZ#2161630)

    * Kernel panic observed during VxFS module unload (BZ#2162764)

    * iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent     (BZ#2163259)

    * In FIPS mode, the kernel should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for     hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2165133)

    * panic in fib6_rule_suppress+0x22 with custom xdp prog involved in (BZ#2167604)

    * net/mlx5e: Fix use-after-free when reverting termination table (BZ#2167641)

    * Update intel_idle for Eaglestream/Sapphire Rapids support (BZ#2168357)

    * GSS: Set of fixes in ceph kernel module to prevent OCS node kernel crash -  blocklist the kclient when     receiving corrupted snap trace (BZ#2168898)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1107 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1095 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra     field (CVE-2022-37434)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1102 advisory.

    MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld,     and many client programs.

    The following packages have been upgraded to a later upstream version: rh-mysql80-mysql (8.0.32).
    (BZ#2142971, BZ#2162319)

    Security Fix(es):

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)

    * mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)

    * mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)

    * mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)

    * mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)

    * mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)

    * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)

    * mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)

    * mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1101 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1092 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update to the latest RHEL7.9.z21 source tree (BZ#2159523)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1103 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1093 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1090 advisory.

    Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common     Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and     various information.

    Security Fix(es):

    * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1091 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * Regression - SAS3416 card works on RHEL 7.7 and below, does not work on RHEL 7.8 or 7.9 (BZ#1974485)

    * use-after-free in sctp_do_8_2_transport_strike (BZ#2054037)

    * RHEL7.9 - [Regression] Kernel test failed during CPU polarization test - lscpu, chcpu - LPAR     (BZ#2071980)

    * RHEL 7, block: Crash in blk_mq_rq_timed_out() when dereferencing NULL request->q pointer (BZ#2088029)

    * qla2xxx: Qlogic double completion races during error handling are still not fixed and this will also  be     a RHEL8+ exposure (BZ#2092105)

    * kernel 3.10.0-1160.80.1.el7.x86_64 on Xeon E55xx crashes upon KVM startup (BZ#2143438)

    * Guest's time jumped forward by 12 minutes _after_ live-migration completes (in 30 seconds) (BZ#2152838)

    * RHEL7: target crashes if a malicious initiator sends a logout immediately after a login command     (BZ#2154243)

    * RHEL7.9 - LTP testcase creat09 fails related to 'CVE-2018-13405' and 'CVE-2021-4037` (BZ#2159946)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1066 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1065 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1067 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1068 advisory.

    The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain     simple client programs for accessing the libjpeg functions. These packages provide the same functionality     and API as libjpeg but with better performance.

    Security Fix(es):

    * libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c (CVE-2021-46822)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1044 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):
    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1043 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):

    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1045 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):

    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1008 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0958 advisory.

    Vim (Vi IMproved) is an updated and improved version of the vi editor.

    Security Fix(es):

    * vim: no check if the return value of XChangeGC() is NULL (CVE-2022-47024)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0943 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0959 advisory.

    The GNU tar program can save multiple files in an archive and restore files from an archive.

    Security Fix(es):

    * tar: heap buffer overflow at from_header() in list.c via specially crafted checksum (CVE-2022-48303)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0945 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0954 advisory.

    The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and     LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for     starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
    In addition, it supports snapshotting and restoring of the system state, maintains mount and automount     points, and implements an elaborate transactional dependency-based service control logic. It can also work     as a drop-in replacement for sysvinit.

    Security Fix(es):

    * systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting     (CVE-2022-4415)

    * systemd: deadlock in systemd-coredump via a crash with a long backtrace (CVE-2022-45873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0980 advisory.

    Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable     version of the Ceph storage system with a Ceph management platform, deployment utilities, and support     services.

    Security Fix(es):

    * Ceph: ceph-crash.service allows local ceph user to root exploit (CVE-2022-3650)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    These updated packages include various bug fixes. Space precludes documenting all of these changes in this     advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most     significant of these changes:

    https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.3/html/release_notes/index

    All users of Red Hat Ceph Storage are advised to upgrade to these updated packages that provide various     bugs and security fixes.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0970 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)

    * httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)

    * httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * httpd-init fails to create localhost.crt, localhost.key due to sscg default now creates a     /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165975)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0951 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * RHEL 9.0: LTP Test failure and crash at fork14 on Sapphire Rapids Platinum 8280+ (BZ#2133083)

    * RHEL 9.1 Extending NMI watchdog's timer during LPM (BZ#2140085)

    * AMDSERVER 9.1: amdpstate driver incorrectly designed to load as default for Genoa (BZ#2151274)

    * qla2xxx NVMe-FC:  WARNING: CPU: 0 PID: 124072 at drivers/scsi/qla2xxx/qla_init.c:70     qla2xxx_rel_done_warning+0x25/0x30 [qla2xxx] (BZ#2152178)

    * Regression: Kernel panic on Lenovo T480 with AH40 USB-C docking station (BZ#2153277)

    * Scheduler Update (rhel9.2) (BZ#2153792)

    * RHEL9.1, Nx_Gzip: nr_total_credits is not decremented when processing units are reduced by dlpar in     shared mode. (FW1030 / DLPAR) (BZ#2154305)

    * MSFT, MANA, NET Patch RHEL-9: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155145)

    * Azure vPCI RHEL-9 add the support of multi-MSI (BZ#2155459)

    * Azure RHEL-9: VM Deployment Failures Patch Request (BZ#2155930)

    * The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158815)

    * RHEL-9.2: Update NVMe driver to sync with upstream v6.0 (BZ#2161344)

    * CEE cephfs: RHEL9 cephfs client crashing with RIP: 0010:netfs_rreq_unlock+0xef/0x380 [netfs]     (BZ#2161418)

    * block layer: update with upstream v6.0 (BZ#2162535)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0944 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0974 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * sinatra: Reflected File Download attack (CVE-2022-45442)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0957 advisory.

    The lua packages provide support for Lua, a powerful light-weight programming language designed for     extending applications. Lua is also frequently used as a general-purpose, stand-alone language.

    Security Fix(es):

    * lua: use after free allows Sandbox Escape (CVE-2021-44964)

    * lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0953 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * Python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0946 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)

    * openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)

    * openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)

    * openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)

    * openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)

    * openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)

    * openssl: NULL dereference validating DSA public key (CVE-2023-0217)

    * openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144000)

    * In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144003)

    * stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake     (BZ#2144008)

    * In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144010)

    * In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash     function used, or provide an indicator (BZ#2144012)

    * In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator     (BZ#2144015)

    * In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-     based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144017)

    * In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator     (BZ#2144019)

    * In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an     indicator (BZ#2145170)

    * RHEL9.1 Nightly[0912] - error:03000093:digital envelope routines::command not supported when git clone     is run with configured ibmca engine backed by libica.so.4 (OpenSSL 3.0) (BZ#2149010)

    * OpenSSL FIPS checksum code needs update (BZ#2158412)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0952 advisory.

    The python-setuptools package provides a collection of enhancements to Python distribution utilities     allowing convenient building and distribution of Python packages.

    Security Fix(es):

    * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0965 advisory.

    PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

    The following packages have been upgraded to a later upstream version: php (8.0.27). (BZ#2161667)

    Security Fix(es):

    * XKCP: buffer overflow in the SHA-3 reference implementation (CVE-2022-37454)

    * php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications     (CVE-2022-31629)

    * php: OOB read due to insufficient input validation in imageloadfont() (CVE-2022-31630)

    * php: Due to an integer overflow PDO::quote() may return unquoted string (CVE-2022-31631)

    * php: phar wrapper can occur dos when using quine gzip file (CVE-2022-31628)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0978 advisory.

    Git is a distributed revision control system with a decentralized architecture. As opposed to centralized     version control systems with a client-server model, Git ensures that each working copy of a Git repository     is an exact copy with complete revision history. This not only allows the user to work on and contribute     to projects without the need to have permission to push the changes to their official repositories, but     also makes it possible for the user to work with no network connection.

    Security Fix(es):

    * git: gitattributes parsing integer overflow (CVE-2022-23521)

    * git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0979 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update RT source tree to the latest RHEL-9.1.z2 Batch (BZ#2160463)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0976 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0975 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0903 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution     (CVE-2023-23529)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0902 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK     platform.

    Security Fix(es):

    * webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution     (CVE-2023-23529)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0835 advisory.

    The python-setuptools package provides a collection of enhancements to Python distribution utilities     allowing convenient building and distribution of Python packages.

    Security Fix(es):

    * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0852 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)

    * httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)

    * httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * httpd-init fails to create localhost.crt, localhost.key due to sscg default now creates a     /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165967)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0839 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

    * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0848 advisory.

    PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

    The following packages have been upgraded to a later upstream version: php (8.0). (BZ#2161666)

    Security Fix(es):

    * XKCP: buffer overflow in the SHA-3 reference implementation (CVE-2022-37454)

    * php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications     (CVE-2022-31629)

    * php: OOB read due to insufficient input validation in imageloadfont() (CVE-2022-31630)

    * php: Due to an integer overflow PDO::quote() may return unquoted string (CVE-2022-31631)

    * php: phar wrapper can occur dos when using quine gzip file (CVE-2022-31628)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0832 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

    * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

    * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586)

    * Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592)

    * Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580)

    * MEI support for Alder Lake-S (BZ#2141783)

    * Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect     (BZ#2141959)

    * RHEL8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver     (BZ#2149287)

    * Intel 8.7 Bug: OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2149474)

    * i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745)

    * RHEL8.4 - boot: Add secure boot trailer (BZ#2151530)

    * error 524 from seccomp(2) when trying to load filter (BZ#2152138)

    * Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session [scsi_transport_iscsi] (BZ#2152734)

    * Connectivity issue with vDPA driver (BZ#2152912)

    * High Load average due to cfs cpu throttling (BZ#2153108)

    * The kernel BUG at mm/usercopy.c:103! from BZ 2041529 is back on rhel-8.5 (BZ#2153230)

    * RHEL8: tick storm on nohz (isolated) CPU cores (BZ#2153653)

    * kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460)

    * Azure RHEL 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during     provisioning (BZ#2155272)

    * Azure: VM Deployment Failures Patch Request (BZ#2155280)

    * Azure vPCI RHEL-8: add the support of multi-MSI (BZ#2155289)

    * MSFT MANA NET Patch RHEL-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437)

    * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at     0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155797)

    * Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail     (BZ#2157905)

    * RHEL8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem     (BZ#2157922)

    * The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158813)

    * ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182)

    * (Redhat OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted     (BZ#2160221)

    * i40e/iavf: VF reset task fails Never saw reset with 5 second timeout per VF (BZ#2160460)

    * iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent     (BZ#2163257)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0833 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading     to DoS (CVE-2020-10735)

    * python: open redirection vulnerability in lib/http/server.py may lead to information disclosure     (CVE-2021-28861)

    * Python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0837 advisory.

    The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and     LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for     starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
    In addition, it supports snapshotting and restoring of the system state, maintains mount and automount     points, and implements an elaborate transactional dependency-based service control logic. It can also work     as a drop-in replacement for sysvinit.

    Security Fix(es):

    * systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting     (CVE-2022-4415)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * systemd doesn't record messages to the journal during boot (BZ#2164049)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0842 advisory.

    The GNU tar program can save multiple files in an archive and restore files from an archive.

    Security Fix(es):

    * tar: heap buffer overflow at from_header() in list.c via specially crafted checksum (CVE-2022-48303)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
172373	RHEL 8 : kernel (RHSA-2023:1109)	high
172372	RHEL 8 : kernel-rt (RHSA-2023:1110)	high
172371	RHEL 9 : gnutls (RHSA-2023:1141)	high
172370	RHEL 8 : kernel (RHSA-2023:1130)	high
172369	RHEL 8 : pesign (RHSA-2023:1107)	medium
172232	RHEL 7 : zlib (RHSA-2023:1095)	critical
172226	RHEL 7 : rh-mysql80-mysql (RHSA-2023:1102)	medium
172225	RHEL 7 : kpatch-patch (RHSA-2023:1101)	high
172224	RHEL 7 : kernel-rt (RHSA-2023:1092)	high
172220	RHEL 8 : kpatch-patch (RHSA-2023:1103)	high
172212	RHEL 7 : pesign (RHSA-2023:1093)	medium
172211	RHEL 7 : samba (RHSA-2023:1090)	high
172182	RHEL 7 : kernel (RHSA-2023:1091)	high
172119	RHEL 8 : pesign (RHSA-2023:1066)	medium
172118	RHEL 9 : pesign (RHSA-2023:1065)	medium
172117	RHEL 9 : pesign (RHSA-2023:1067)	medium
172116	RHEL 9 : libjpeg-turbo (RHSA-2023:1068)	medium
172042	RHEL 8 : Red Hat Single Sign-On 7.6.2 security update on RHEL 8 (Important) (RHSA-2023:1044)	critical
172041	RHEL 7 : Red Hat Single Sign-On 7.6.2 security update on RHEL 7 (Important) (RHSA-2023:1043)	critical
172039	RHEL 9 : Red Hat Single Sign-On 7.6.2 security update on RHEL 9 (Important) (RHSA-2023:1045)	critical
171996	RHEL 9 : kpatch-patch (RHSA-2023:1008)	high
171987	RHEL 9 : vim (RHSA-2023:0958)	high
171984	RHEL 7 : zlib (RHSA-2023:0943)	high
171983	RHEL 9 : tar (RHSA-2023:0959)	medium
171982	RHEL 7 : kpatch-patch (RHSA-2023:0945)	high
171981	RHEL 9 : systemd (RHSA-2023:0954)	medium
171980	RHEL 8 / 9 : Red Hat Ceph Storage 5.3 Bug fix (RHSA-2023:0980)	high
171979	RHEL 9 : httpd (RHSA-2023:0970)	critical
171978	RHEL 9 : kernel (RHSA-2023:0951)	high
171977	RHEL 7 : kernel (RHSA-2023:0944)	high
171976	RHEL 9 : pcs (RHSA-2023:0974)	high
171975	RHEL 9 : lua (RHSA-2023:0957)	medium
171974	RHEL 9 : python3.9 (RHSA-2023:0953)	high
171973	RHEL 9 : openssl (RHSA-2023:0946)	critical
171972	RHEL 9 : python-setuptools (RHSA-2023:0952)	medium
171971	RHEL 9 : php (RHSA-2023:0965)	critical
171970	RHEL 7 : git (RHSA-2023:0978)	critical
171968	RHEL 9 : kernel-rt (RHSA-2023:0979)	high
171963	RHEL 7 : zlib (RHSA-2023:0976)	high
171962	RHEL 7 : zlib (RHSA-2023:0975)	high
171796	RHEL 9 : webkit2gtk3 (RHSA-2023:0903)	high
171794	RHEL 8 : webkit2gtk3 (RHSA-2023:0902)	high
171727	RHEL 8 : python-setuptools (RHSA-2023:0835)	medium
171726	RHEL 8 : httpd:2.4 (RHSA-2023:0852)	critical
171725	RHEL 8 : kpatch-patch (RHSA-2023:0839)	high
171724	RHEL 8 : php:8.0 (RHSA-2023:0848)	critical
171723	RHEL 8 : kernel (RHSA-2023:0832)	high
171722	RHEL 8 : python3 (RHSA-2023:0833)	high
171721	RHEL 8 : systemd (RHSA-2023:0837)	medium
171720	RHEL 8 : tar (RHSA-2023:0842)	medium

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

high

high

high

medium

critical

medium

high

high

high

medium

high

high

medium

medium

medium

medium

critical

critical

critical

high

high

high

medium

high

medium

high

critical

high

high

high

medium

high

critical

medium

critical

critical

high

high

high

high

high

medium

critical

high

critical

high

high

medium

medium