The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1369 advisory.

    Network Security Services (NSS) is a set of libraries designed to support the cross-platform development     of security-enabled client and server applications.

    Security Fix(es):

    * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1335 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1333 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    This update upgrades Firefox to version 102.9.0 ESR.

    Security Fix(es):

    * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)

    * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)

    * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)

    * Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

    * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation     (CVE-2023-28164)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1332 advisory.

    Network Security Services (NSS) is a set of libraries designed to support the cross-platform development     of security-enabled client and server applications.

    Security Fix(es):

    * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1337 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    This update upgrades Firefox to version 102.9.0 ESR.

    Security Fix(es):

    * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)

    * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)

    * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)

    * Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

    * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation     (CVE-2023-28164)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1336 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    This update upgrades Firefox to version 102.9.0 ESR.

    Security Fix(es):

    * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)

    * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)

    * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)

    * Mozilla: Invalid downcast in Worklets (CVE-2023-28162)

    * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation     (CVE-2023-28164)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1252 advisory.

    Network Security Services (NSS) is a set of libraries designed to support the cross-platform development     of security-enabled client and server applications.

    Security Fix(es):

    * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1251 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1221 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2165648)

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * RHEL 8.7 - Outputs of lsmem, lparstat, numactl and /proc/meminfo show wrong value of memory when LMB     size is set to 4GB. (BZ#2140092)

    * RHEL8.4 - boot: Add secure boot trailer (BZ#2151532)

    * Concurrent reading of /proc/cpuinfo by multiple tasks causes soft lockup (BZ#2154441)

    * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at     0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155799)

    * cgroup: Backport cgroup_mutex performance patches (BZ#2160165)

    * Redhat OpenShift: Error downloading big ZIP files inside pod on power OCP and pod getting restarted     (BZ#2160223)

    * i40e/iavf: VF reset task fails Never saw reset with 5 second timeout per VF (BZ#2160462)

    * panic in fib6_rule_suppress+0x22 with custom xdp prog involved in (BZ#2167606)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1200 advisory.

    The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements     cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

    Security Fix(es):

    * gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * CCM tag length should be limited to known values (BZ#2144536)

    * In FIPS mode, gnutls should reject RSASSA-PSS salt lengths larger than the output size of the hash     function used, or provide an indicator (BZ#2144538)

    * dracut-cmdline[554]: Error in GnuTLS initialization: Error while performing self checks i FIPS mode     (BZ#2149641)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1202 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * RHEL9:[P10] With Guest Secure Boot and lockdown enabled, DLPAR operations can't be done (Rainier)     (BZ#2107480)

    * [RHEL 9.0] LTP Test failure and crash at fork14 on Sapphire Rapids Platinum 8280+ (BZ#2133084)

    * RHEL9.0 - boot: Add secure boot trailer (BZ#2151529)

    * 'date' command shows wrong time in nested KVM s390x guest (BZ#2158816)

    * Kernel FIPS-140-3 requirements - part 3 - AES-XTS (BZ#2160176)

    * RHEL 9.0.0 soft quota cannot exceed more the 5 warns which breaks timer functionality (BZ#2164263)

    * In FIPS mode, the kernel should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for     hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2165131)

    * [RHEL 9] FIPS: deadlock between PID 1 and modprobe crypto-jitterentropy_rng at boot, preventing system     to boot. (BZ#2167762)

    Enhancement(s):

    * [Intel 9.2 FEAT] [SPR] CPU: AMX: Improve the init_fpstate setup code (BZ#2168383)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1211 advisory.

    The lua packages provide support for Lua, a powerful light-weight programming language designed for     extending applications. Lua is also frequently used as a general-purpose, stand-alone language.

    The following packages have been upgraded to a later upstream version: lua (5.4.4).

    Security Fix(es):

    * lua: use after free allows Sandbox Escape (CVE-2021-44964)

    * lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1220 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update RT source tree to the RHEL-8.4.z15 source tree. (BZ#2162415)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1199 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)

    * openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)

    * openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)

    * openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)

    * openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)

    * openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)

    * openssl: NULL dereference validating DSA public key (CVE-2023-0217)

    * openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144001)

    * In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)

    * stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake     (BZ#2144009)

    * In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)

    * In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash     function used, or provide an indicator (BZ#2144013)

    * In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator     (BZ#2144016)

    * In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-     based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)

    * In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator     (BZ#2144020)

    * In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an     indicator (BZ#2145171)

    * OpenSSL FIPS checksum code needs update (BZ#2158413)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1203 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update RT source tree to the latest RHEL-9.0.z7 Batch (BZ#2162424)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1192 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

    * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1185 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.

    Security Fix(es):

    * undertow: Infinite loop in SslConduit during close (CVE-2023-1108)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1140 advisory.

    The curl packages provide the libcurl library and the curl utility for downloading files from servers     using various protocols, including HTTP, FTP, and LDAP.

    Security Fix(es):

    * curl: HTTP multi-header compression denial of service (CVE-2023-23916)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1109 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * Concurrent reading of /proc/cpuinfo by multiple tasks causes soft lockup (BZ#2154442)

    * RHEL8: panic when THP split (BZ#2156111)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1110 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update RT source tree to the latest RHEL-8.2.z24 Batch (BZ#2166667)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1141 advisory.

    The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements     cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

    Security Fix(es):

    * gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * CCM tag length should be limited to known values (BZ#2144535)

    * In FIPS mode, gnutls should reject RSASSA-PSS salt lengths larger than the output size of the hash     function used, or provide an indicator (BZ#2144537)

    * dracut-cmdline[554]: Error in GnuTLS initialization: Error while performing self checks i FIPS mode     (BZ#2149640)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1130 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

    * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

    * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134587)

    * fix for CoW after fork() issue aka vmsplice child -> parent attack aka GUP after fork bug     (BZ#2137546)

    * Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137593)

    * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138206)

    * RHEL 8.7 - Outputs of lsmem, lparstat, numactl and /proc/meminfo show wrong value of memory when LMB     size is set to 4GB. (BZ#2140091)

    * RHEL8.7: tcp sessions hanging after ibmvnic failover on Denali (BZ#2140958)

    * RHEL8: Practically limit Dummy wait workaround to old Intel systems (BZ#2142171)

    * RHEL:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was     cloned for RHEL8.6 and need this patch in 8.6+ (BZ#2144584)

    * i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149746)

    * RHEL8.4 - boot: Add secure boot trailer (BZ#2151531)

    * error 524 from seccomp(2) when trying to load filter (BZ#2152139)

    * The kernel BUG at mm/usercopy.c:103! from BZ 2041529 is back on rhel-8.5 (BZ#2153231)

    * kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154461)

    * MSFT MANA NET Patch RHEL-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155438)

    * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at     0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155798)

    * RHEL8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem     (BZ#2157923)

    * 'date' command shows wrong time in nested KVM s390x guest (BZ#2158814)

    * Kernel FIPS-140-3 requirements - part 3 - AES-XTS (BZ#2160173)

    * ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160183)

    * i40e/iavf: VF reset task fails Never saw reset with 5 second timeout per VF (BZ#2160461)

    * Mellanox: backport net/mlx5e: TC NIC mode, fix tc chains miss table (BZ#2161630)

    * Kernel panic observed during VxFS module unload (BZ#2162764)

    * iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent     (BZ#2163259)

    * In FIPS mode, the kernel should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for     hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2165133)

    * panic in fib6_rule_suppress+0x22 with custom xdp prog involved in (BZ#2167604)

    * net/mlx5e: Fix use-after-free when reverting termination table (BZ#2167641)

    * Update intel_idle for Eaglestream/Sapphire Rapids support (BZ#2168357)

    * GSS: Set of fixes in ceph kernel module to prevent OCS node kernel crash -  blocklist the kclient when     receiving corrupted snap trace (BZ#2168898)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1107 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1095 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra     field (CVE-2022-37434)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1102 advisory.

    MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld,     and many client programs.

    The following packages have been upgraded to a later upstream version: rh-mysql80-mysql (8.0.32).
    (BZ#2142971, BZ#2162319)

    Security Fix(es):

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)

    * mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)

    * mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)

    * mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)

    * mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)

    * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)

    * mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)

    * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)

    * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)

    * mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)

    * mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)

    * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1101 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1092 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * kernel-rt: update to the latest RHEL7.9.z21 source tree (BZ#2159523)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1103 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1093 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1090 advisory.

    Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common     Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and     various information.

    Security Fix(es):

    * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1091 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * Regression - SAS3416 card works on RHEL 7.7 and below, does not work on RHEL 7.8 or 7.9 (BZ#1974485)

    * use-after-free in sctp_do_8_2_transport_strike (BZ#2054037)

    * RHEL7.9 - [Regression] Kernel test failed during CPU polarization test - lscpu, chcpu - LPAR     (BZ#2071980)

    * RHEL 7, block: Crash in blk_mq_rq_timed_out() when dereferencing NULL request->q pointer (BZ#2088029)

    * qla2xxx: Qlogic double completion races during error handling are still not fixed and this will also  be     a RHEL8+ exposure (BZ#2092105)

    * kernel 3.10.0-1160.80.1.el7.x86_64 on Xeon E55xx crashes upon KVM startup (BZ#2143438)

    * Guest's time jumped forward by 12 minutes _after_ live-migration completes (in 30 seconds) (BZ#2152838)

    * RHEL7: target crashes if a malicious initiator sends a logout immediately after a login command     (BZ#2154243)

    * RHEL7.9 - LTP testcase creat09 fails related to 'CVE-2018-13405' and 'CVE-2021-4037` (BZ#2159946)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1066 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1065 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1067 advisory.

    The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated     tools.

    Security Fix(es):

    * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1068 advisory.

    The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain     simple client programs for accessing the libjpeg functions. These packages provide the same functionality     and API as libjpeg but with better performance.

    Security Fix(es):

    * libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c (CVE-2021-46822)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1044 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):
    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1043 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):

    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1045 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On     7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):

    * keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
    * Moment.js: Path traversal in moment.locale (CVE-2022-24785)
    * keycloak: missing email notification template allowlist (CVE-2022-1274)
    * keycloak: minimist: prototype pollution (CVE-2021-44906)
    * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
    * undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations     (CVE-2022-2764)
    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
    * loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
    * keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
    * keycloak: path traversal via double URL encoding (CVE-2022-3782)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode     (CVE-2022-38749)
    * snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
    * snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject     (CVE-2022-38750)
    * keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
    * keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
    * json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
    * keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
    * snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
    * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
    * rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip     (CVE-2018-14042)
    * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError     which may lead to dos (CVE-2022-45693)
    * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
    * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
    * jettison: parser crash by stackoverflow (CVE-2022-40149)
    * jackson-databind: use of deeply nested arrays (CVE-2022-42004)
    * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
    * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code     execution (CVE-2020-11023)
    * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
    * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution,     or property injection (CVE-2019-11358)
    * CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
    * keycloak: reflected XSS attack (CVE-2022-4137)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1008 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0958 advisory.

    Vim (Vi IMproved) is an updated and improved version of the vi editor.

    Security Fix(es):

    * vim: no check if the return value of XChangeGC() is NULL (CVE-2022-47024)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0943 advisory.

    The zlib packages provide a general-purpose lossless data compression library that is used by many     different programs.

    Security Fix(es):

    * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0959 advisory.

    The GNU tar program can save multiple files in an archive and restore files from an archive.

    Security Fix(es):

    * tar: heap buffer overflow at from_header() in list.c via specially crafted checksum (CVE-2022-48303)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0945 advisory.

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify     the code of a running kernel.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0954 advisory.

    The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and     LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for     starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
    In addition, it supports snapshotting and restoring of the system state, maintains mount and automount     points, and implements an elaborate transactional dependency-based service control logic. It can also work     as a drop-in replacement for sysvinit.

    Security Fix(es):

    * systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting     (CVE-2022-4415)

    * systemd: deadlock in systemd-coredump via a crash with a long backtrace (CVE-2022-45873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0980 advisory.

    Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable     version of the Ceph storage system with a Ceph management platform, deployment utilities, and support     services.

    Security Fix(es):

    * Ceph: ceph-crash.service allows local ceph user to root exploit (CVE-2022-3650)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    These updated packages include various bug fixes. Space precludes documenting all of these changes in this     advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most     significant of these changes:

    https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.3/html/release_notes/index

    All users of Red Hat Ceph Storage are advised to upgrade to these updated packages that provide various     bugs and security fixes.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0970 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)

    * httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)

    * httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * httpd-init fails to create localhost.crt, localhost.key due to sscg default now creates a     /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165975)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0951 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service     attack (CVE-2022-4379)

    * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)

    * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * RHEL 9.0: LTP Test failure and crash at fork14 on Sapphire Rapids Platinum 8280+ (BZ#2133083)

    * RHEL 9.1 Extending NMI watchdog's timer during LPM (BZ#2140085)

    * AMDSERVER 9.1: amdpstate driver incorrectly designed to load as default for Genoa (BZ#2151274)

    * qla2xxx NVMe-FC:  WARNING: CPU: 0 PID: 124072 at drivers/scsi/qla2xxx/qla_init.c:70     qla2xxx_rel_done_warning+0x25/0x30 [qla2xxx] (BZ#2152178)

    * Regression: Kernel panic on Lenovo T480 with AH40 USB-C docking station (BZ#2153277)

    * Scheduler Update (rhel9.2) (BZ#2153792)

    * RHEL9.1, Nx_Gzip: nr_total_credits is not decremented when processing units are reduced by dlpar in     shared mode. (FW1030 / DLPAR) (BZ#2154305)

    * MSFT, MANA, NET Patch RHEL-9: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155145)

    * Azure vPCI RHEL-9 add the support of multi-MSI (BZ#2155459)

    * Azure RHEL-9: VM Deployment Failures Patch Request (BZ#2155930)

    * The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158815)

    * RHEL-9.2: Update NVMe driver to sync with upstream v6.0 (BZ#2161344)

    * CEE cephfs: RHEL9 cephfs client crashing with RIP: 0010:netfs_rreq_unlock+0xef/0x380 [netfs]     (BZ#2161418)

    * block layer: update with upstream v6.0 (BZ#2162535)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0944 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0974 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * sinatra: Reflected File Download attack (CVE-2022-45442)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0957 advisory.

    The lua packages provide support for Lua, a powerful light-weight programming language designed for     extending applications. Lua is also frequently used as a general-purpose, stand-alone language.

    Security Fix(es):

    * lua: use after free allows Sandbox Escape (CVE-2021-44964)

    * lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Severity
173303	RHEL 8 : nss (RHSA-2023:1369)	high
173046	RHEL 7 : openssl (RHSA-2023:1335)	critical
173045	RHEL 7 : firefox (RHSA-2023:1333)	high
173043	RHEL 7 : nss (RHSA-2023:1332)	high
173042	RHEL 9 : firefox (RHSA-2023:1337)	high
173041	RHEL 8 : firefox (RHSA-2023:1336)	high
172587	RHEL 8 : nss (RHSA-2023:1252)	high
172586	RHEL 8 : kpatch-patch (RHSA-2023:1251)	high
172549	RHEL 8 : kernel (RHSA-2023:1221)	high
172548	RHEL 9 : gnutls (RHSA-2023:1200)	high
172547	RHEL 9 : kernel (RHSA-2023:1202)	high
172546	RHEL 9 : lua (RHSA-2023:1211)	medium
172544	RHEL 8 : kernel-rt (RHSA-2023:1220)	high
172543	RHEL 9 : openssl (RHSA-2023:1199)	critical
172542	RHEL 9 : kernel-rt (RHSA-2023:1203)	high
172501	RHEL 8 : kpatch-patch (RHSA-2023:1192)	high
172400	RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2023:1185)	high
172374	RHEL 8 : curl (RHSA-2023:1140)	medium
172373	RHEL 8 : kernel (RHSA-2023:1109)	high
172372	RHEL 8 : kernel-rt (RHSA-2023:1110)	high
172371	RHEL 9 : gnutls (RHSA-2023:1141)	high
172370	RHEL 8 : kernel (RHSA-2023:1130)	high
172369	RHEL 8 : pesign (RHSA-2023:1107)	medium
172232	RHEL 7 : zlib (RHSA-2023:1095)	critical
172226	RHEL 7 : rh-mysql80-mysql (RHSA-2023:1102)	medium
172225	RHEL 7 : kpatch-patch (RHSA-2023:1101)	high
172224	RHEL 7 : kernel-rt (RHSA-2023:1092)	high
172220	RHEL 8 : kpatch-patch (RHSA-2023:1103)	high
172212	RHEL 7 : pesign (RHSA-2023:1093)	medium
172211	RHEL 7 : samba (RHSA-2023:1090)	high
172182	RHEL 7 : kernel (RHSA-2023:1091)	high
172119	RHEL 8 : pesign (RHSA-2023:1066)	medium
172118	RHEL 9 : pesign (RHSA-2023:1065)	medium
172117	RHEL 9 : pesign (RHSA-2023:1067)	medium
172116	RHEL 9 : libjpeg-turbo (RHSA-2023:1068)	medium
172042	RHEL 8 : Red Hat Single Sign-On 7.6.2 security update on RHEL 8 (Important) (RHSA-2023:1044)	critical
172041	RHEL 7 : Red Hat Single Sign-On 7.6.2 security update on RHEL 7 (Important) (RHSA-2023:1043)	critical
172039	RHEL 9 : Red Hat Single Sign-On 7.6.2 security update on RHEL 9 (Important) (RHSA-2023:1045)	critical
171996	RHEL 9 : kpatch-patch (RHSA-2023:1008)	high
171987	RHEL 9 : vim (RHSA-2023:0958)	high
171984	RHEL 7 : zlib (RHSA-2023:0943)	high
171983	RHEL 9 : tar (RHSA-2023:0959)	medium
171982	RHEL 7 : kpatch-patch (RHSA-2023:0945)	high
171981	RHEL 9 : systemd (RHSA-2023:0954)	medium
171980	RHEL 8 / 9 : Red Hat Ceph Storage 5.3 Bug fix (RHSA-2023:0980)	high
171979	RHEL 9 : httpd (RHSA-2023:0970)	critical
171978	RHEL 9 : kernel (RHSA-2023:0951)	high
171977	RHEL 7 : kernel (RHSA-2023:0944)	high
171976	RHEL 9 : pcs (RHSA-2023:0974)	high
171975	RHEL 9 : lua (RHSA-2023:0957)	medium

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

high

critical

high

high

high

high

high

high

high

high

high

medium

high

critical

high

high

high

medium

high

high

high

high

medium

critical

medium

high

high

high

medium

high

high

medium

medium

medium

medium

critical

critical

critical

high

high

high

medium

high

medium

high

critical

high

high

high

medium