Malware Devil

Thursday, July 1, 2021

ESB-2021.2291 – [SUSE] linux kernel: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2291
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3)
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: linux kernel
Publisher: SUSE
Operating System: SUSE
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Access Privileged Data — Existing Account
Create Arbitrary Files — Existing Account
Denial of Service — Existing Account
Reduced Security — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33034 CVE-2021-32399 CVE-2021-29154
CVE-2021-28950 CVE-2021-28660 CVE-2021-3490
CVE-2021-3489 CVE-2020-36322

Reference: ESB-2021.2184
ESB-2021.2136
ESB-2021.1962
ESB-2021.1819
ESB-2021.1669
ESB-2021.1376
ESB-2021.1307

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20212198-1

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for the Linux Kernel (Live

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2198-1
Rating: important
References: #1183658 #1184710 #1184952 #1185796 #1185847 #1185856
#1185899 #1186285
Cross-References: CVE-2020-36322 CVE-2021-28660 CVE-2021-29154 CVE-2021-32399
CVE-2021-33034 CVE-2021-3489 CVE-2021-3490
Affected Products:
SUSE Linux Enterprise Module for Live Patching 15-SP3
______________________________________________________________________________

Patch 0 for
SLE 15 SP3)

An update that solves 7 vulnerabilities and has one errata is now available.

Description:

This update for the Linux Kernel 5.3.18-57 fixes several issues.
The following issues were fixed:

o CVE-2021-3489: Fixed an issue where the eBPF RINGBUF bpf_ringbuf_reserve
did not check that the allocated size was smaller than the ringbuf size
(bsc#1185640).
o CVE-2021-3490: Fixed an issue where the eBPF ALU32 bounds tracking for
bitwise ops (AND, OR and XOR) did not update the 32-bit bounds (bsc#
1185641).
o CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This
could lead to writing an arbitrary values (bsc#1186111).
o CVE-2021-32399: Fixed a race condition when removing the HCI controller
(bsc#1184611).
o CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem
implementation which could have caused a system crash (bsc#1184211).
o CVE-2021-29154: Fixed incorrect computation of branch displacements,
allowing arbitrary code execution (bsc#1184391).
o CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan (bsc#
1183593).
o Fixed a data loss/data corruption that occurs if there is a write error on
an md/raid array (bsc#1185847).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2021-2198=1

Package List:

o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-57-default-2-3.1
kernel-livepatch-5_3_18-57-default-debuginfo-2-3.1
kernel-livepatch-SLE15-SP3_Update_0-debugsource-2-3.1

References:

o https://www.suse.com/security/cve/CVE-2020-36322.html
o https://www.suse.com/security/cve/CVE-2021-28660.html
o https://www.suse.com/security/cve/CVE-2021-29154.html
o https://www.suse.com/security/cve/CVE-2021-32399.html
o https://www.suse.com/security/cve/CVE-2021-33034.html
o https://www.suse.com/security/cve/CVE-2021-3489.html
o https://www.suse.com/security/cve/CVE-2021-3490.html
o https://bugzilla.suse.com/1183658
o https://bugzilla.suse.com/1184710
o https://bugzilla.suse.com/1184952
o https://bugzilla.suse.com/1185796
o https://bugzilla.suse.com/1185847
o https://bugzilla.suse.com/1185856
o https://bugzilla.suse.com/1185899
o https://bugzilla.suse.com/1186285

– ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYN0ifONLKJtyKPYoAQhp+A//eQXzzMv1TpYR1vGiX3HEXNmL1Y/Hpmhq
GpdwlPWqREJ8pT+BjHK77oQZ2czOLmwUWAGTeLZ1wvWaFBxCDwlfk+EydIvbbYn9
4Yoyl4dRSvXgHqjEW2fifcIi4PvExkgcjRynMw1PSvno0ufNpssjfYjehZ1Dj8/X
e28U2JAo6ocMsJGZI3waq6cARhCnENerOIh6WjZ36p+IBx9g34sh6pnR+maWga0E
Q/bL66aJANOtzu5NI/KJR2JOqggUGRoGRlJ0bDM2ba/ajCaEAZzUdySnK7zneIDO
WK4eoXGXBcnUXdMlMr8eBcdzXi9/o16FDGORmYr0tnz/8ORh//vnNhFQroKfLbzq
4Nm9AbPkoGAL8Bn5khsSqwQLRFF9nZxisp8y20mXmKq/PgvmbGQQAP1swQuoPgbG
k0WQtT+H5SYCRzQqOep7GtYcxe1pktxr9phcjCRnojPeo6STP5697M3ZQOCpVJdL
47rsfPYkINpJurX2ueRLk3kU7CVBngC7ncLPfFGGMM2e9sBumQVYEIuIExD6cQhr
V02EHaJClCDQ0YE3TH0MPzWthyrZAm0vZCRkVB8HW95pos7yMGkuD/eBUG82TX1g
R7POJt6yMvy2c5cyuqAo2nYRRuFP/axSi7APBL3KM5xCQYU+nhffr3LO9jVH9wLN
WxCH+RT7M1E=
=rBGm
—–END PGP SIGNATURE—–

The post ESB-2021.2291 – [SUSE] linux kernel: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2291-suse-linux-kernel-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2291-suse-linux-kernel-multiple-vulnerabilities

ESB-2021.2292 – [SUSE] lua53: Denial of service – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2292
Security update for lua53
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: lua53
Publisher: SUSE
Operating System: SUSE
Impact/Access: Denial of Service — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-24371 CVE-2020-24370

Reference: ESB-2020.3317

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20212196-1

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for lua53

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2196-1
Rating: moderate
References: #1175448 #1175449
Cross-References: CVE-2020-24370 CVE-2020-24371
Affected Products:
SUSE MicroOS 5.0
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP2
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for lua53 fixes the following issues:
Update to version 5.3.6:

o CVE-2020-24371: lgc.c mishandles the interaction between barriers and the
sweep phase, leading to a memory access violation involving collectgarbage
(bsc#1175449)
o CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault
in getlocal and setlocal (bsc#1175448)
o Long brackets with a huge number of ‘=’ overflow some internal buffer
arithmetic.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE MicroOS 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-2196=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-2196=1
o SUSE Linux Enterprise Module for Basesystem 15-SP2:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-2196=1

Package List:

o SUSE MicroOS 5.0 (aarch64 x86_64):
liblua5_3-5-5.3.6-3.6.1
liblua5_3-5-debuginfo-5.3.6-3.6.1
lua53-debuginfo-5.3.6-3.6.1
lua53-debugsource-5.3.6-3.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
liblua5_3-5-5.3.6-3.6.1
liblua5_3-5-debuginfo-5.3.6-3.6.1
lua53-5.3.6-3.6.1
lua53-debuginfo-5.3.6-3.6.1
lua53-debugsource-5.3.6-3.6.1
lua53-devel-5.3.6-3.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
liblua5_3-5-32bit-5.3.6-3.6.1
liblua5_3-5-32bit-debuginfo-5.3.6-3.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x
x86_64):
liblua5_3-5-5.3.6-3.6.1
liblua5_3-5-debuginfo-5.3.6-3.6.1
lua53-5.3.6-3.6.1
lua53-debuginfo-5.3.6-3.6.1
lua53-debugsource-5.3.6-3.6.1
lua53-devel-5.3.6-3.6.1
o SUSE Linux Enterprise Module for Basesystem 15-SP2 (x86_64):
liblua5_3-5-32bit-5.3.6-3.6.1
liblua5_3-5-32bit-debuginfo-5.3.6-3.6.1

References:

o https://www.suse.com/security/cve/CVE-2020-24370.html
o https://www.suse.com/security/cve/CVE-2020-24371.html
o https://bugzilla.suse.com/1175448
o https://bugzilla.suse.com/1175449

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0ijuNLKJtyKPYoAQhCtBAAskMKIAQdXkcc3eLQJ3bUbYLQYW/KwdQn
lSAQ/zc49ewzwSlc+IXyP7h82QUVIHNEwG+bnlVBoAVsrTNJWE9QqzhsezzIltTt
DW/SV/VQ5p2WTFk6yyPW1AafQqOtZBPa6lBRHVINrhqqvW8JJtCDgzKz13IvYRbU
MjuQ7gd+ae/AWO7fe04Ke/bZVey9hHQcwxz9l43Uqwp559F9IltFkZBHn3ccWSso
ywNUI1OKyL18HvHhy3cPzjcC5dXbAeM+ahaoNQ80Uywzqw6r/dyegMyTsA7uJ0Va
NI/EKnr2h2CDh36JfXq/RD/Kj/PvyK2fLNd487fXfDMc67MsSpSgH/CZ9SrAMmVE
rX517F42I6RNtdRkYjsiWiaW+H5KG38hgqM87UO8pv5zmgGiApEWIsnkx8Xm9ePU
6TqGvz9qpHULSCY7a+b9OH92uHKshHl1NkugU3NKiVq1PYO81dHBa9IoreHpnHlD
iOh8FL8MrwGq40tndBKPIiALKH6JyuHl4y3QyjCJnT0qL+x65FJqifOFseMV0SlN
O821l1FQII0QRR33st87Arn+FXslEfn69fHwcv79pT1gXlf9Qcau7O2PE+3C+U7L
pCDMq5rNA7dCam5k5JcWJukFqpSDSiEPzEevUbX97xd894eqb9QW/DiNAE1C74v2
ekyliLNWf+s=
=BkmU
—–END PGP SIGNATURE—–

The post ESB-2021.2292 – [SUSE] lua53: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2292-suse-lua53-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2292-suse-lua53-denial-of-service-remote-unauthenticated

ESB-2021.2293 – [SUSE] go1.15: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2293
Security update for go1.15
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: go1.15
Publisher: SUSE
Operating System: SUSE
Impact/Access: Denial of Service — Remote/Unauthenticated
Provide Misleading Information — Remote with User Interaction
Reduced Security — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33198 CVE-2021-33197 CVE-2021-33196
CVE-2021-33195

Reference: ESB-2021.2255

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20212214-1

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for go1.15

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2214-1
Rating: important
References: #1175132 #1186622 #1187443 #1187444 #1187445
Cross-References: CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198
Affected Products:
SUSE Manager Server 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Proxy 4.0
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Enterprise Storage 6
SUSE CaaS Platform 4.0
______________________________________________________________________________

An update that solves four vulnerabilities and has one errata is now available.

Description:

This update for go1.15 fixes the following issues:
Update to 1.15.13.
Includes these security fixes

o CVE-2021-33195: net: Lookup functions may return invalid host names (bsc#
1187443).
o CVE-2021-33196: archive/zip: malformed archive may cause panic or memory
exhaustion (bsc#1186622).
o CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers
if first one is empty (bsc#1187444)
o CVE-2021-33198: math/big: (*Rat).SetString with
“1.770p02041010010011001001” crashes with “makeslice: len out of range”
(bsc#1187445).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE Manager Server 4.0:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-2214=1
o SUSE Manager Retail Branch Server 4.0:
zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-2214=1
o SUSE Manager Proxy 4.0:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-2214=1
o SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-2214=1
o SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-2214=1
o SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-2214=1
o SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2021-2214=1
o SUSE Linux Enterprise Module for Development Tools 15-SP2:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2021-2214=1
o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-2214=1
o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-2214=1
o SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2021-2214=1
o SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform ‘skuba’ tool. I will
inform you if it detects new updates and let you then trigger updating of
the complete cluster in a controlled way.

Package List:

o SUSE Manager Server 4.0 (ppc64le s390x x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
o SUSE Manager Server 4.0 (x86_64):
go1.15-race-1.15.13-1.33.1
o SUSE Manager Retail Branch Server 4.0 (x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE Manager Proxy 4.0 (x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
o SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 x86_64):
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le
s390x x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise Module for Development Tools 15-SP2 (aarch64 ppc64le
s390x x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
o SUSE Linux Enterprise Module for Development Tools 15-SP2 (aarch64 x86_64):
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64
x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64
x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE Enterprise Storage 6 (aarch64 x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1
o SUSE CaaS Platform 4.0 (x86_64):
go1.15-1.15.13-1.33.1
go1.15-doc-1.15.13-1.33.1
go1.15-race-1.15.13-1.33.1

References:

o https://www.suse.com/security/cve/CVE-2021-33195.html
o https://www.suse.com/security/cve/CVE-2021-33196.html
o https://www.suse.com/security/cve/CVE-2021-33197.html
o https://www.suse.com/security/cve/CVE-2021-33198.html
o https://bugzilla.suse.com/1175132
o https://bugzilla.suse.com/1186622
o https://bugzilla.suse.com/1187443
o https://bugzilla.suse.com/1187444
o https://bugzilla.suse.com/1187445

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0ir+NLKJtyKPYoAQjsrw//WQJENjs5KZ3ln4R93P7AvYa//2prP5sA
JR1CLuvnVwAyGgOGzaC5D+YUS90vxOaLbJ0eI+oubjE8NkCFgplUvJvSLGd3cBfV
DZrpvizALnFCfWVU2m8hHLQ8gF+iBQdN1koFlUscGcnvwy5zSg+WA5IUN0r+culs
a0WK+e18MZ5MBtgS6WBG9EEQXbrvs8gDSJmb/Gm6aEVP+4loYDiKQRrjXKP9wmlZ
h56pnBUWaSSU9dSO6npPJ1rkx2j5/Gme5t88lA3k6hAKCWhN91JmdlYIEcclZv0c
UC13n/5R9ZXA80Vx6Bjq82CRieMXUx6/qoIocTHuChTxWcceY+w5Kcj5GP4+A4p5
qwmyzMW+2nmwnQNQnYmuchxzSANaedQf/Dvruj55ULv0a8XF9WgiEOYzll555BcE
WRez7V84ps1F31KDDEEffXgonawGx09x6FZ1Oj6YIEo1opxB7KFH7fzIJGD/SbSN
Xmkbljuy9JF+IlTo1jutyTsEswrvNrmk9lkqqdz2RC2sWyThPeVomgJ2XEb/LDRR
oXGMyoi8/UcYCnX2nOE3yAs+n+hJmFm6UMTJ6jOLSbzoAzXRd7xcRV2QvHDZFlwT
nViJv3zQRkih851N+//NwxxwRmPJDXTLtzaWF/i02m+wOf/EfpE7TDZi7/nYkM6/
13SN3N+1Gio=
=eHt7
—–END PGP SIGNATURE—–

The post ESB-2021.2293 – [SUSE] go1.15: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2293-suse-go1-15-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2293-suse-go1-15-multiple-vulnerabilities

ESB-2021.2294 – [UNIX/Linux][SUSE] qemu: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2294
Security update for qemu
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: qemu
Publisher: SUSE
Operating System: SUSE
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Denial of Service — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-3546 CVE-2021-3545 CVE-2021-3544

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20212212-1
https://www.suse.com/support/update/announcement/2021/suse-su-20212213-1

Comment: This advisory references vulnerabilities in products which run on
platforms other than SUSE. It is recommended that administrators
running qemu check for an updated version of the software for their
operating system.

This bulletin contains two (2) SUSE security advisories.

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for qemu

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2212-1
Rating: moderate
References: #1184574 #1185591 #1185981 #1185990 #1186010 #1187013
Cross-References: CVE-2021-3544 CVE-2021-3545 CVE-2021-3546
Affected Products:
SUSE MicroOS 5.0
SUSE Linux Enterprise Module for Server Applications 15-SP2
SUSE Linux Enterprise Module for Basesystem 15-SP2
______________________________________________________________________________

An update that solves three vulnerabilities and has three fixes is now
available.

Description:

This update for qemu fixes the following issues:
Security issues fixed:

o CVE-2021-3546: Fix out-of-bounds write in virgl_cmd_get_capset (bsc#
1185981)
o CVE-2021-3544: Fix memory leaks found in the virtio vhost-user GPU device
(bsc#1186010)
o CVE-2021-3545: Fix information disclosure due to uninitialized memory read
(bsc#1185990)

Non-security issues fixed:

o Fix testsuite error (bsc#1184574)
o Fix qemu crash with iothread when block commit after snapshot (bsc#1187013)
o Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)
o Use RCU to avoid race during scsi hotplug/hotunplug (bsc#1184574)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE MicroOS 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-2212=1
o SUSE Linux Enterprise Module for Server Applications 15-SP2:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2021-2212=1
o SUSE Linux Enterprise Module for Basesystem 15-SP2:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-2212=1

Package List:

o SUSE MicroOS 5.0 (aarch64 x86_64):
qemu-4.2.1-11.22.1
qemu-debuginfo-4.2.1-11.22.1
qemu-debugsource-4.2.1-11.22.1
qemu-tools-4.2.1-11.22.1
qemu-tools-debuginfo-4.2.1-11.22.1
o SUSE MicroOS 5.0 (aarch64):
qemu-arm-4.2.1-11.22.1
qemu-arm-debuginfo-4.2.1-11.22.1
o SUSE MicroOS 5.0 (x86_64):
qemu-x86-4.2.1-11.22.1
qemu-x86-debuginfo-4.2.1-11.22.1
o SUSE MicroOS 5.0 (noarch):
qemu-ipxe-1.0.0+-11.22.1
qemu-seabios-1.12.1+-11.22.1
qemu-sgabios-8-11.22.1
qemu-vgabios-1.12.1+-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (aarch64
ppc64le s390x x86_64):
qemu-4.2.1-11.22.1
qemu-block-curl-4.2.1-11.22.1
qemu-block-curl-debuginfo-4.2.1-11.22.1
qemu-block-iscsi-4.2.1-11.22.1
qemu-block-iscsi-debuginfo-4.2.1-11.22.1
qemu-block-rbd-4.2.1-11.22.1
qemu-block-rbd-debuginfo-4.2.1-11.22.1
qemu-block-ssh-4.2.1-11.22.1
qemu-block-ssh-debuginfo-4.2.1-11.22.1
qemu-debuginfo-4.2.1-11.22.1
qemu-debugsource-4.2.1-11.22.1
qemu-guest-agent-4.2.1-11.22.1
qemu-guest-agent-debuginfo-4.2.1-11.22.1
qemu-lang-4.2.1-11.22.1
qemu-ui-spice-app-4.2.1-11.22.1
qemu-ui-spice-app-debuginfo-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (s390x x86_64):
qemu-kvm-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (aarch64):
qemu-arm-4.2.1-11.22.1
qemu-arm-debuginfo-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (ppc64le):
qemu-ppc-4.2.1-11.22.1
qemu-ppc-debuginfo-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (x86_64):
qemu-audio-alsa-4.2.1-11.22.1
qemu-audio-alsa-debuginfo-4.2.1-11.22.1
qemu-audio-pa-4.2.1-11.22.1
qemu-audio-pa-debuginfo-4.2.1-11.22.1
qemu-ui-curses-4.2.1-11.22.1
qemu-ui-curses-debuginfo-4.2.1-11.22.1
qemu-ui-gtk-4.2.1-11.22.1
qemu-ui-gtk-debuginfo-4.2.1-11.22.1
qemu-x86-4.2.1-11.22.1
qemu-x86-debuginfo-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (noarch):
qemu-ipxe-1.0.0+-11.22.1
qemu-microvm-4.2.1-11.22.1
qemu-seabios-1.12.1+-11.22.1
qemu-sgabios-8-11.22.1
qemu-vgabios-1.12.1+-11.22.1
o SUSE Linux Enterprise Module for Server Applications 15-SP2 (s390x):
qemu-s390-4.2.1-11.22.1
qemu-s390-debuginfo-4.2.1-11.22.1
o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x
x86_64):
qemu-debuginfo-4.2.1-11.22.1
qemu-debugsource-4.2.1-11.22.1
qemu-tools-4.2.1-11.22.1
qemu-tools-debuginfo-4.2.1-11.22.1

References:

o https://www.suse.com/security/cve/CVE-2021-3544.html
o https://www.suse.com/security/cve/CVE-2021-3545.html
o https://www.suse.com/security/cve/CVE-2021-3546.html
o https://bugzilla.suse.com/1184574
o https://bugzilla.suse.com/1185591
o https://bugzilla.suse.com/1185981
o https://bugzilla.suse.com/1185990
o https://bugzilla.suse.com/1186010
o https://bugzilla.suse.com/1187013

– ——————————————————————————

SUSE Security Update: Security update for qemu

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2213-1
Rating: moderate
References: #1185981 #1185990 #1186010
Cross-References: CVE-2021-3544 CVE-2021-3545 CVE-2021-3546
Affected Products:
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for qemu fixes the following issues:

o CVE-2021-3546: Fixed out-of-bounds write in virgl_cmd_get_capset (bsc#
1185981).
o CVE-2021-3544: Fixed memory leaks found in the virtio vhost-user GPU device
(bsc#1186010).
o CVE-2021-3545: Fixed information disclosure due to uninitialized memory
read (bsc#1185990).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2021-2213=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-2213=1

Package List:

o SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64
ppc64le s390x x86_64):
qemu-5.2.0-20.1
qemu-block-curl-5.2.0-20.1
qemu-block-curl-debuginfo-5.2.0-20.1
qemu-block-iscsi-5.2.0-20.1
qemu-block-iscsi-debuginfo-5.2.0-20.1
qemu-block-rbd-5.2.0-20.1
qemu-block-rbd-debuginfo-5.2.0-20.1
qemu-block-ssh-5.2.0-20.1
qemu-block-ssh-debuginfo-5.2.0-20.1
qemu-chardev-baum-5.2.0-20.1
qemu-chardev-baum-debuginfo-5.2.0-20.1
qemu-debuginfo-5.2.0-20.1
qemu-debugsource-5.2.0-20.1
qemu-guest-agent-5.2.0-20.1
qemu-guest-agent-debuginfo-5.2.0-20.1
qemu-ksm-5.2.0-20.1
qemu-lang-5.2.0-20.1
qemu-ui-curses-5.2.0-20.1
qemu-ui-curses-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64
ppc64le x86_64):
qemu-audio-spice-5.2.0-20.1
qemu-audio-spice-debuginfo-5.2.0-20.1
qemu-chardev-spice-5.2.0-20.1
qemu-chardev-spice-debuginfo-5.2.0-20.1
qemu-hw-display-qxl-5.2.0-20.1
qemu-hw-display-qxl-debuginfo-5.2.0-20.1
qemu-hw-display-virtio-vga-5.2.0-20.1
qemu-hw-display-virtio-vga-debuginfo-5.2.0-20.1
qemu-hw-usb-redirect-5.2.0-20.1
qemu-hw-usb-redirect-debuginfo-5.2.0-20.1
qemu-ui-gtk-5.2.0-20.1
qemu-ui-gtk-debuginfo-5.2.0-20.1
qemu-ui-opengl-5.2.0-20.1
qemu-ui-opengl-debuginfo-5.2.0-20.1
qemu-ui-spice-app-5.2.0-20.1
qemu-ui-spice-app-debuginfo-5.2.0-20.1
qemu-ui-spice-core-5.2.0-20.1
qemu-ui-spice-core-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x x86_64):
qemu-hw-display-virtio-gpu-5.2.0-20.1
qemu-hw-display-virtio-gpu-debuginfo-5.2.0-20.1
qemu-hw-display-virtio-gpu-pci-5.2.0-20.1
qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-20.1
qemu-kvm-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64):
qemu-arm-5.2.0-20.1
qemu-arm-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (ppc64le):
qemu-ppc-5.2.0-20.1
qemu-ppc-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64):
qemu-audio-alsa-5.2.0-20.1
qemu-audio-alsa-debuginfo-5.2.0-20.1
qemu-audio-pa-5.2.0-20.1
qemu-audio-pa-debuginfo-5.2.0-20.1
qemu-x86-5.2.0-20.1
qemu-x86-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
qemu-ipxe-1.0.0+-20.1
qemu-seabios-1.14.0_0_g155821a-20.1
qemu-sgabios-8-20.1
qemu-skiboot-5.2.0-20.1
qemu-vgabios-1.14.0_0_g155821a-20.1
o SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x):
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-20.1
qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-20.1
qemu-s390x-5.2.0-20.1
qemu-s390x-debuginfo-5.2.0-20.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
qemu-debuginfo-5.2.0-20.1
qemu-debugsource-5.2.0-20.1
qemu-tools-5.2.0-20.1
qemu-tools-debuginfo-5.2.0-20.1

References:

o https://www.suse.com/security/cve/CVE-2021-3544.html
o https://www.suse.com/security/cve/CVE-2021-3545.html
o https://www.suse.com/security/cve/CVE-2021-3546.html
o https://bugzilla.suse.com/1185981
o https://bugzilla.suse.com/1185990
o https://bugzilla.suse.com/1186010

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0ixONLKJtyKPYoAQj0yxAAiP8EfwStTNaUGtGY+eJbOPYgLUdw/WQZ
KJXVcFftHs04SsLdLbVs1UpXhC5CvsQJdFiPjBPSgpfsvzKXPILtp4FbHPi0tXd4
xfqZ5EJZaTI+VsF4HoANwcikojc6Ogv9vvL+Sev02EoZ29ysshNX5nQETjGnl4Q+
a/zUqbhqvLVEnLqpsfA7Tc+0s4Ekawx0DXzBvyKCS2mfYsafwh7nfY3H7gAtfO6C
oiOP6IMqOFx99Z6IjPMP1kfRp1i42teid7lfEIhosTa8VZYvRqA4JJuaslTpv7d1
pWY7GyzIissQ4jrQGgZii1mjOZhyB0660oHVBPjamgAZBNFY8njTVbdBWDd6isi1
8iXAFKBVb5uIZ9BIIQ47ATYIi51exOsGZB1UeivI8dzndxM6C4LcugD7NfeqjSKO
Hl/Ic55Yy3p7WiaS2x1juvOh5OnlQaPDXbyPnSnq3fy5aRQ/PQfgx43ViOWiXuzM
0m5KhqVM9alDdJLaJAjN8pkAe4IkjFf5TeHyblOhJk8XAUiBBtUcTdxxX/Mx6FzY
sqsLRdNufC2igWlhf36uTp3R5JXumqVUjd66TDex2tcFGjB2PUaBFgDmteeV75ts
SwOXx/xh1tdEnAGiFjMhFeqVYqhSSphtWtk8QndZG2FlSPMEdCvl60tTnxUFJRPm
QpuSiA8M/Ok=
=fdfB
—–END PGP SIGNATURE—–

The post ESB-2021.2294 – [UNIX/Linux][SUSE] qemu: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2294-unix-linuxsuse-qemu-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2294-unix-linuxsuse-qemu-multiple-vulnerabilities

ESB-2021.2295 – [SUSE] curl: Access confidential data – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2295
Security update for curl
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: curl
Publisher: SUSE
Operating System: SUSE
Impact/Access: Access Confidential Data — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-22898

Reference: ESB-2021.1859
ESB-2021.1827

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-202114760-1

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for curl

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:14760-1
Rating: moderate
References: #1186114
Cross-References: CVE-2021-22898
Affected Products:
SUSE Linux Enterprise Server 11-SP4-LTSS
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for curl fixes the following issues:

o CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE Linux Enterprise Server 11-SP4-LTSS:
zypper in -t patch slessp4-curl-14760=1
o SUSE Linux Enterprise Server 11-SECURITY:
zypper in -t patch secsp3-curl-14760=1
o SUSE Linux Enterprise Point of Sale 11-SP3:
zypper in -t patch sleposp3-curl-14760=1
o SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-curl-14760=1
o SUSE Linux Enterprise Debuginfo 11-SP3:
zypper in -t patch dbgsp3-curl-14760=1

Package List:

o SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64):
curl-7.37.0-70.66.1
libcurl4-7.37.0-70.66.1
o SUSE Linux Enterprise Server 11-SP4-LTSS (ppc64 s390x x86_64):
libcurl4-32bit-7.37.0-70.66.1
o SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64):
curl-openssl1-7.37.0-70.66.1
libcurl4-openssl1-7.37.0-70.66.1
o SUSE Linux Enterprise Server 11-SECURITY (ppc64 s390x x86_64):
libcurl4-openssl1-32bit-7.37.0-70.66.1
o SUSE Linux Enterprise Server 11-SECURITY (ia64):
libcurl4-openssl1-x86-7.37.0-70.66.1
o SUSE Linux Enterprise Point of Sale 11-SP3 (i586):
curl-7.37.0-70.66.1
libcurl-devel-7.37.0-70.66.1
libcurl4-7.37.0-70.66.1
o SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64):
curl-debuginfo-7.37.0-70.66.1
curl-debugsource-7.37.0-70.66.1
o SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):
curl-debuginfo-7.37.0-70.66.1
curl-debugsource-7.37.0-70.66.1

References:

o https://www.suse.com/security/cve/CVE-2021-22898.html
o https://bugzilla.suse.com/1186114

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0tC+NLKJtyKPYoAQgAXw/+PdXDTN0uf9UD5kCfMGxiL5sW4NQacoEv
QkVBYicGNex9jGgbh46T2Ho8dCH5p0FjcfvvZqZrSjd1TMZUXxaVEX861TmUvsXr
QP+ebF6CGNvaarMGqF2AgJjtd3HlnWAxMYk1JU68hSFZgbYcQGi1HibBi8NCo9jg
8hPwJbMc52dATdOlbpp9+RXAdiEvP84LprCKtqerOj3eMGdsMswxQDPj1AC/NVRA
qCqIPjkKXMrS2FVLPEyI0hU0EWyF+HoT59YooQG3tB6FCWo1FaD6eTVVLMRx9jhK
i6xCfLXSvxB4M7BNxw0hLca/3eGoLqCMvb6N4lzD2kRCMJkeMQiRWnIPeap0xou2
nd/dIdSuKsP5DWDjZy+NWvuAsE4xJyU6g5emv5waCvDa0TFfKQsRmOtFdTqtgyoQ
HE6UPioi7WNOVMOwtCw2fJYyyvn1KwgCqBY7lYxv+CfT7Sv08W7e4zD0rm9BkyMY
xS0+tfCNratUBiR+UJB7LgvSMDBoGN4jqSV4QaIt3I0z0c+o56WCB+vLw8nd/gmW
V0VSD4GxgnoNaoRGraht+Q5xXqsAdKgPMI9Gb+J5F+U1jY/vBomXb7vWQKw6W9Sv
aMcYpgAucZZxciwtX9J8SZOt/zsAjZBiG9MLh+35GgnlprbEJYuYsauaB6bjEuZ+
vekTL4Ov6uo=
=WtAs
—–END PGP SIGNATURE—–

The post ESB-2021.2295 – [SUSE] curl: Access confidential data – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2295-suse-curl-access-confidential-data-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2295-suse-curl-access-confidential-data-remote-unauthenticated

ESB-2021.2296 – [UNIX/Linux][SUSE] dbus-1: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2296
Security update for dbus-1
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: dbus-1
Publisher: SUSE
Operating System: SUSE
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Denial of Service — Existing Account
Reduced Security — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-35512

Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20212211-1

Comment: This advisory references vulnerabilities in products which run on
platforms other than SUSE. It is recommended that administrators
running dbus-1 check for an updated version of the software for
their operating system.

– ————————–BEGIN INCLUDED TEXT——————–

SUSE Security Update: Security update for dbus-1

______________________________________________________________________________

Announcement ID: SUSE-SU-2021:2211-1
Rating: important
References: #1187105
Cross-References: CVE-2020-35512
Affected Products:
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for dbus-1 fixes the following issues:

o CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour
caused by shared UID’s (bsc#1187105)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:

o SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-2211=1
o SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2021-2211=1
o SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2021-2211=1
o SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2021-2211=1

Package List:

o SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
dbus-1-1.12.2-3.11.1
dbus-1-debuginfo-1.12.2-3.11.1
dbus-1-debugsource-1.12.2-3.11.1
dbus-1-devel-1.12.2-3.11.1
dbus-1-x11-1.12.2-3.11.1
dbus-1-x11-debuginfo-1.12.2-3.11.1
dbus-1-x11-debugsource-1.12.2-3.11.1
libdbus-1-3-1.12.2-3.11.1
libdbus-1-3-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise Server for SAP 15 (x86_64):
dbus-1-32bit-debuginfo-1.12.2-3.11.1
libdbus-1-3-32bit-1.12.2-3.11.1
libdbus-1-3-32bit-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
dbus-1-1.12.2-3.11.1
dbus-1-debuginfo-1.12.2-3.11.1
dbus-1-debugsource-1.12.2-3.11.1
dbus-1-devel-1.12.2-3.11.1
dbus-1-x11-1.12.2-3.11.1
dbus-1-x11-debuginfo-1.12.2-3.11.1
dbus-1-x11-debugsource-1.12.2-3.11.1
libdbus-1-3-1.12.2-3.11.1
libdbus-1-3-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
dbus-1-1.12.2-3.11.1
dbus-1-debuginfo-1.12.2-3.11.1
dbus-1-debugsource-1.12.2-3.11.1
dbus-1-devel-1.12.2-3.11.1
dbus-1-x11-1.12.2-3.11.1
dbus-1-x11-debuginfo-1.12.2-3.11.1
dbus-1-x11-debugsource-1.12.2-3.11.1
libdbus-1-3-1.12.2-3.11.1
libdbus-1-3-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
dbus-1-32bit-debuginfo-1.12.2-3.11.1
libdbus-1-3-32bit-1.12.2-3.11.1
libdbus-1-3-32bit-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
dbus-1-1.12.2-3.11.1
dbus-1-debuginfo-1.12.2-3.11.1
dbus-1-debugsource-1.12.2-3.11.1
dbus-1-devel-1.12.2-3.11.1
dbus-1-x11-1.12.2-3.11.1
dbus-1-x11-debuginfo-1.12.2-3.11.1
dbus-1-x11-debugsource-1.12.2-3.11.1
libdbus-1-3-1.12.2-3.11.1
libdbus-1-3-debuginfo-1.12.2-3.11.1
o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
dbus-1-32bit-debuginfo-1.12.2-3.11.1
libdbus-1-3-32bit-1.12.2-3.11.1
libdbus-1-3-32bit-debuginfo-1.12.2-3.11.1

References:

o https://www.suse.com/security/cve/CVE-2020-35512.html
o https://bugzilla.suse.com/1187105

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0tHONLKJtyKPYoAQgrzQ/+IiiHPLThnpfJsSUI6v8XtXbv0OmqPLwr
aQJuFB/YJtLtAGCkUIq0aqhT3thDM/MZT80apySrc8ig0HvHVp8o7C6CLJ+4URrY
SpxPMRm5RjtdYORJMxm/S1xwniieid+qS+T0duoX3v/mkUOr9qYdQ0VKGqMR4+sg
IxbSI5v1+rA8asxDnibFqKyAlaovdjPepdM4rqBnDrNRquOPUEX6WHEpD7IfhlYb
n/XG16Nw/iFhN0hh396Mqi03AOOvG5xNCxR2Yws3aSajeVt2YsJvx0baHjUjlwJ3
2VRK8NlYFpPKGvd0g2QfoKHtp6IE5ee3wXp2877i0PkFTSUht4x6q2e9cy2S1bdM
yAsga6mijlTOZICPZhvnLJIgUiVfHmaRYIzovZlKHG9Mx6CLRjx2zm/lqLn0X65O
98Iko9VVKNTF91g3gUbfOe8Ng2PunoZ9OhCQKr/VfaXoO7ThyJ42fWMf1sT1PG8P
SJ2Iby26hK9hwzBqtwgPm4DrGR2IDPQV+qpydfCQ4FkMDMitS1tRnoPC5B7mJ1na
9Mx1nKBF2bh0tRxnRx77Wy552id1GZNOrHuzq+uVQ8BKdYg+vylrdwfvZvXJfnR6
H6YoZ1TUXdFyYOwKnSkf9t9uL2ze30HN7Gt/SZlne3vx93dmNIQPly1qRede2KRE
CCIhj+2LkIE=
=Dn/+
—–END PGP SIGNATURE—–

The post ESB-2021.2296 – [UNIX/Linux][SUSE] dbus-1: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2296-unix-linuxsuse-dbus-1-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2296-unix-linuxsuse-dbus-1-multiple-vulnerabilities

ESB-2021.2286 – [RedHat] OpenShift Container Platform: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2286
OpenShift Container Platform 3.11.462 bug fix and security update
1 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: OpenShift Container Platform
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Increased Privileges — Existing Account
Create Arbitrary Files — Existing Account
Delete Arbitrary Files — Remote with User Interaction
Denial of Service — Remote/Unauthenticated
Cross-site Request Forgery — Remote with User Interaction
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-21645 CVE-2021-21644 CVE-2021-21643
CVE-2021-21642 CVE-2020-27223 CVE-2020-27218
CVE-2020-27216

Reference: ESB-2021.2275
ESB-2021.1863
ESB-2021.1368
ESB-2020.4536

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:2517

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: OpenShift Container Platform 3.11.462 bug fix and security update
Advisory ID: RHSA-2021:2517-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2517
Issue date: 2021-06-30
CVE Names: CVE-2020-27216 CVE-2020-27218 CVE-2020-27223
CVE-2021-21642 CVE-2021-21643 CVE-2021-21644
CVE-2021-21645
=====================================================================

1. Summary:

An update is now available for Red Hat OpenShift Container Platform 3.11.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenShift Container Platform 3.11 – noarch, ppc64le, x86_64

3. Description:

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.462. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHBA-2021:2516

Space precludes documenting all of the bug fixes and enhancements in this
advisory. See the following Release Notes documentation, which will be
updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r
elease_notes.html

All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.

Security Fix(es):

* jenkins-2-plugins/config-file-provider: Does not configure its XML parser
to prevent XML external entity (XXE) attacks. (CVE-2021-21642)

* jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)

* jetty: buffer not correctly recycled in Gzip Request inflation
(CVE-2020-27218)

* jetty: request containing multiple Accept headers with a large number of
“quality” parameters may lead to DoS (CVE-2020-27223)

* jenkins-2-plugins/config-file-provider: Does not correctly perform
permission checks in several HTTP endpoints. (CVE-2021-21643)

* jenkins-2-plugins/config-file-provider: does not require POST requests
for an HTTP endpoint, resulting in a cross-site request forgery (CSRF)
vulnerability. (CVE-2021-21644)

* jenkins-2-plugins/config-file-provider: Does not perform permission
checks in several HTTP endpoints. (CVE-2021-21645)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

See the following documentation, which will be updated shortly for release
3.11.462, for important instructions on how to upgrade your cluster and
fully
apply this asynchronous errata update:

https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r
elease_notes.html

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258.

5. Bugs fixed (https://bugzilla.redhat.com/):

1891132 – CVE-2020-27216 jetty: local temporary directory hijacking vulnerability
1902826 – CVE-2020-27218 jetty: buffer not correctly recycled in Gzip Request inflation
1929718 – Update plugins and Jenkins version to prepare openshift-sync-plugin 1.0.46 release
1934116 – CVE-2020-27223 jetty: request containing multiple Accept headers with a large number of “quality” parameters may lead to DoS
1944916 – python2-requests prevents updating python-urllib3
1952146 – CVE-2021-21642 jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity (XXE) attacks.
1952148 – CVE-2021-21643 jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP endpoints.
1952151 – CVE-2021-21644 jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability.
1952152 – CVE-2021-21645 jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.
1962884 – Update etcd to 3.2.32
1965827 – openshift-ansible lacks individual public certificate redeployment playbook for catalog, but 3.9 has it
1973109 – Fixed MAVEN _VERSION env var
1973123 – Add jkhelil to 3.11 OWNERS
1974623 – Placeholder bug for OCP 3.11.z image release

6. Package List:

Red Hat OpenShift Container Platform 3.11:

Source:
atomic-enterprise-service-catalog-3.11.462-1.git.2e6be86.el7.src.rpm
atomic-openshift-3.11.462-1.git.0.e7d0362.el7.src.rpm
atomic-openshift-cluster-autoscaler-3.11.462-1.git.99b2acf.el7.src.rpm
atomic-openshift-descheduler-3.11.462-1.git.d435537.el7.src.rpm
atomic-openshift-dockerregistry-3.11.462-1.git.3571208.el7.src.rpm
atomic-openshift-metrics-server-3.11.462-1.git.f8bf728.el7.src.rpm
atomic-openshift-node-problem-detector-3.11.462-1.git.c8f26da.el7.src.rpm
atomic-openshift-service-idler-3.11.462-1.git.39cfc66.el7.src.rpm
atomic-openshift-web-console-3.11.462-1.git.656f5d6.el7.src.rpm
golang-github-openshift-oauth-proxy-3.11.462-1.git.edebe84.el7.src.rpm
golang-github-prometheus-alertmanager-3.11.462-1.git.13de638.el7.src.rpm
golang-github-prometheus-node_exporter-3.11.462-1.git.609cd20.el7.src.rpm
golang-github-prometheus-prometheus-3.11.462-1.git.99aae51.el7.src.rpm
jenkins-2-plugins-3.11.1624366838-1.el7.src.rpm
jenkins-2.289.1.1624365627-1.el7.src.rpm
openshift-ansible-3.11.462-1.git.0.53e69e6.el7.src.rpm
openshift-enterprise-autoheal-3.11.462-1.git.f2f435d.el7.src.rpm
openshift-enterprise-cluster-capacity-3.11.462-1.git.22be164.el7.src.rpm
openshift-kuryr-3.11.462-1.git.c33a657.el7.src.rpm
python-requests-2.19.1-5.el7.src.rpm

noarch:
atomic-openshift-docker-excluder-3.11.462-1.git.0.e7d0362.el7.noarch.rpm
atomic-openshift-excluder-3.11.462-1.git.0.e7d0362.el7.noarch.rpm
jenkins-2-plugins-3.11.1624366838-1.el7.noarch.rpm
jenkins-2.289.1.1624365627-1.el7.noarch.rpm
openshift-ansible-3.11.462-1.git.0.53e69e6.el7.noarch.rpm
openshift-ansible-docs-3.11.462-1.git.0.53e69e6.el7.noarch.rpm
openshift-ansible-playbooks-3.11.462-1.git.0.53e69e6.el7.noarch.rpm
openshift-ansible-roles-3.11.462-1.git.0.53e69e6.el7.noarch.rpm
openshift-ansible-test-3.11.462-1.git.0.53e69e6.el7.noarch.rpm
openshift-kuryr-cni-3.11.462-1.git.c33a657.el7.noarch.rpm
openshift-kuryr-common-3.11.462-1.git.c33a657.el7.noarch.rpm
openshift-kuryr-controller-3.11.462-1.git.c33a657.el7.noarch.rpm
python2-kuryr-kubernetes-3.11.462-1.git.c33a657.el7.noarch.rpm
python2-requests-2.19.1-5.el7.noarch.rpm

ppc64le:
atomic-enterprise-service-catalog-3.11.462-1.git.2e6be86.el7.ppc64le.rpm
atomic-enterprise-service-catalog-svcat-3.11.462-1.git.2e6be86.el7.ppc64le.rpm
atomic-openshift-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-clients-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-cluster-autoscaler-3.11.462-1.git.99b2acf.el7.ppc64le.rpm
atomic-openshift-descheduler-3.11.462-1.git.d435537.el7.ppc64le.rpm
atomic-openshift-hyperkube-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-hypershift-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-master-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-metrics-server-3.11.462-1.git.f8bf728.el7.ppc64le.rpm
atomic-openshift-node-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-node-problem-detector-3.11.462-1.git.c8f26da.el7.ppc64le.rpm
atomic-openshift-pod-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-sdn-ovs-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-service-idler-3.11.462-1.git.39cfc66.el7.ppc64le.rpm
atomic-openshift-template-service-broker-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-tests-3.11.462-1.git.0.e7d0362.el7.ppc64le.rpm
atomic-openshift-web-console-3.11.462-1.git.656f5d6.el7.ppc64le.rpm
golang-github-openshift-oauth-proxy-3.11.462-1.git.edebe84.el7.ppc64le.rpm
openshift-enterprise-autoheal-3.11.462-1.git.f2f435d.el7.ppc64le.rpm
openshift-enterprise-cluster-capacity-3.11.462-1.git.22be164.el7.ppc64le.rpm
prometheus-3.11.462-1.git.99aae51.el7.ppc64le.rpm
prometheus-alertmanager-3.11.462-1.git.13de638.el7.ppc64le.rpm
prometheus-node-exporter-3.11.462-1.git.609cd20.el7.ppc64le.rpm

x86_64:
atomic-enterprise-service-catalog-3.11.462-1.git.2e6be86.el7.x86_64.rpm
atomic-enterprise-service-catalog-svcat-3.11.462-1.git.2e6be86.el7.x86_64.rpm
atomic-openshift-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-clients-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-clients-redistributable-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-cluster-autoscaler-3.11.462-1.git.99b2acf.el7.x86_64.rpm
atomic-openshift-descheduler-3.11.462-1.git.d435537.el7.x86_64.rpm
atomic-openshift-dockerregistry-3.11.462-1.git.3571208.el7.x86_64.rpm
atomic-openshift-hyperkube-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-hypershift-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-master-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-metrics-server-3.11.462-1.git.f8bf728.el7.x86_64.rpm
atomic-openshift-node-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-node-problem-detector-3.11.462-1.git.c8f26da.el7.x86_64.rpm
atomic-openshift-pod-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-sdn-ovs-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-service-idler-3.11.462-1.git.39cfc66.el7.x86_64.rpm
atomic-openshift-template-service-broker-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-tests-3.11.462-1.git.0.e7d0362.el7.x86_64.rpm
atomic-openshift-web-console-3.11.462-1.git.656f5d6.el7.x86_64.rpm
golang-github-openshift-oauth-proxy-3.11.462-1.git.edebe84.el7.x86_64.rpm
openshift-enterprise-autoheal-3.11.462-1.git.f2f435d.el7.x86_64.rpm
openshift-enterprise-cluster-capacity-3.11.462-1.git.22be164.el7.x86_64.rpm
prometheus-3.11.462-1.git.99aae51.el7.x86_64.rpm
prometheus-alertmanager-3.11.462-1.git.13de638.el7.x86_64.rpm
prometheus-node-exporter-3.11.462-1.git.609cd20.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-27216
https://access.redhat.com/security/cve/CVE-2020-27218
https://access.redhat.com/security/cve/CVE-2020-27223
https://access.redhat.com/security/cve/CVE-2021-21642
https://access.redhat.com/security/cve/CVE-2021-21643
https://access.redhat.com/security/cve/CVE-2021-21644
https://access.redhat.com/security/cve/CVE-2021-21645
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYNySf9zjgjWX9erEAQg0xA/9Hkr/pWWZmcVWlp4oDejF7IU/kE3KoiTW
wXlWV+916Ko5Ry14kZI/TQD1FwSLYdwBqQ1Ys8oZhPuvIC3FDlIcJKR4RPPtNMDN
m+0rdgQQPecYR1b7d0H0m5kfGS5PQP6QtBdihNeKxqBhTnseevIx5DmufVAr0uZF
UM7PervwHob6OU4gNeQOi8N2Lg4ooasscI2nUU83Xt64qRVm/FjbJhzlTJyPzqLl
wE1BmsU2dqagK+ViAKFVXsZZ/GbMTcs5Q9yaRSVfh8JOHgaR7PoSb9FPHy/HvECz
kL6kr1AusHS0N11qibSEUlxTqYRTE57wz3omP4fv8WMOQT+iOAFEew8sM6C01RYK
4ygpnQramD1WPE8tTt65fI6qTJyhKC0UtkklZv4XE/KOOC6tIlb3ftjiURE6bfc4
sdOtzsd6eAbpe6jQBATw2pbd2Gt6Tx/4xTJPJSpL2jbQK/E/nWTUzcDbFpvtKRnu
IQCSpcHCBwOEhQfP24qVY7MVJzzKK6yZmYntHyuR5bxs3QJlogpuzCFZHAqLae/l
JQyYCXogqcMhdla4YqpRizl1RnXKN2fLxlYTK/eD/q+tm1Ztw1ofk+VQPTO2P5AP
Ia2ObJL0Bumyd+gG9m3gsLSBuQjWbFsbwJA+kcF5n6nltb4iy+YVMFnYBV0DK5c/
SjPItc0/7WE=
=aI83
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYN0VCONLKJtyKPYoAQgBFQ/6AwmTLiyP6zfYGL1H43R7bFSKm+OCotlH
8Bj394Ys0XuIMoDWxC8QANmjV73o/qC19iA5mvhD3WQd/xNswGZ6nba0GYTb8aqh
CoZNH7C8V09yyj/d3NIyctjiuZCb+dmJkZk2tzqvpFz8tECP5Vtjs5ej2wgiFbSn
S5a/t0d13ypm5RcpLU7UyaiUg7oQYHLrMcYx3cH4BKN4OopW9ouWm5qE4zhae32t
kc+ST4imMRTHL/0JmRiraM3ZfePGvZgk1kMtWzfW1QqoW9CmK44vNozon1FuZBhH
cjxL3v4DOWIvZlI3dqyPKWjaHZ4AJonwt8g91jMGv6bfbBUSG9WJQi6wg/XAG9v+
s+UTLNPm677PW2cKOFleaB80c4xNTQC2WgELI92BGZpItFICzGmcKgTwCzFNSvsQ
FR5NCqkYxCdsnmeqcegh1JtIx6OEqwZC8Pv876FtcRoPJRc3x65iSK6a/4xrrGt6
P/5JDqtUEKVv9kXLoQ55fEGlrc4UH6QfGEv2qAw/Jj5uXNNfe+9EpkpHtXXioDLM
7l/dcpT9A7GLJR4QxvFj6mqn9z/rCRQ1bK4y6cXOaLmRwv9JqVUiJMH+vxHHP9K0
7gXijRDiNos94wXI/ac8w6FHxAZw45fp49csnV2OOokU6+S+IUkXCZEThHsVt/bL
Is+Gf0ZoPuQ=
=UKJd
—–END PGP SIGNATURE—–

The post ESB-2021.2286 – [RedHat] OpenShift Container Platform: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/esb-2021-2286-redhat-openshift-container-platform-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2286-redhat-openshift-container-platform-multiple-vulnerabilities

Network Security News Summary for Thursday July 1st, 2021

CVE-2021-1675 Printnightmare; IE11 PDF Patch; Netgear Vuln;

CVE-2021-1675 Incomplete Patch – Printnightmware
https://isc.sans.edu/forums/diary/CVE20211675+Incomplete+Patch+and+Leaked+RCE+Exploit/27588/

Internet Explorer PDF Update
https://support.microsoft.com/en-us/topic/june-29-2021-kb5004760-os-builds-19041-1082-19042-1082-and-19043-1082-out-of-band-9508f7a2-0713-432f-b06c-1ae6d802a2f7

NETGEAR Router Vulnerabilities (DGN-2200v1)
https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/

keywords: printnightmare; print spooler; windows; cve-2021-1675; internet explorer; pdf; netgear; router; dgb-2200v1

The post Network Security News Summary for Thursday July 1st, 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/07/01/network-security-news-summary-for-thursday-july-1st-2021/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-thursday-july-1st-2021

Wednesday, June 30, 2021

2021-06-30 – TA551 (Shathak) pushes Trickbot with DarkVNC and Cobalt Strike

The post 2021-06-30 – TA551 (Shathak) pushes Trickbot with DarkVNC and Cobalt Strike appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/2021-06-30-ta551-shathak-pushes-trickbot-with-darkvnc-and-cobalt-strike/?utm_source=rss&utm_medium=rss&utm_campaign=2021-06-30-ta551-shathak-pushes-trickbot-with-darkvnc-and-cobalt-strike

PrintNightmare, the zero-day hole in Windows – here’s what to do

All bugs are equal. But some bugs ar emore equal than others.
Read More

The post PrintNightmare, the zero-day hole in Windows – here’s what to do appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/printnightmare-the-zero-day-hole-in-windows-heres-what-to-do/?utm_source=rss&utm_medium=rss&utm_campaign=printnightmare-the-zero-day-hole-in-windows-heres-what-to-do

Why DAST – from Project Management Perspective

Watch today’s episode of ESW on Why DAST – from Project Management Perspective with Suha Akyuz from Netsparker at https://securityweekly.com/esw233 !

The post Why DAST – from Project Management Perspective appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/why-dast-from-project-management-perspective/?utm_source=rss&utm_medium=rss&utm_campaign=why-dast-from-project-management-perspective

We Infiltrated a Counterfeit Check Ring! Now What?

Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you’ve shared this information in advance with the authorities each day for a year with no outward indication that they are doing anything about it. How frustrated would you be?

A counterfeit check image [redacted] that was intended for a person helping this fraud gang print and mail phony checks tied to a raft of email-based scams. One fraud-fighting group is intercepting hundreds to thousands of these per day.

Such is the curse of the fraud fighter known online by the handles “Brianna Ware” and “BWare” for short, a longtime member of a global group of volunteers who’ve infiltrated a cybercrime gang that disseminates counterfeit checks tied to a dizzying number of online scams.

For the past year, BWare has maintained contact with an insider from the criminal group that’s been sending daily lists of would-be victims who are to receive counterfeit checks printed using the real bank account information of legitimate companies.

“Some days we’re seeing thousands of counterfeit checks going out,” BWare said.

The scams used in connection with the fraudulent checks vary widely, from fake employment and “mystery shopper” schemes to those involving people who have been told they can get paid to cover their cars in advertisements (a.k.a. the “car wrap” scam).

A form letter mailed out with a counterfeit check urges the recipient to text a phone number after the check has been deposited.

Most of the counterfeit checks being disseminated by this fraud group are in amounts ranging from $2,500 to $5,000. The crimes that the checks enable are known variously as “advanced fee” scams, in that they involve tricking people into making payments in anticipation of receiving something of greater value in return.

But in each scheme the goal is the same: Convince the recipient to deposit the check and then wire a portion of the amount somewhere else. A few days after the check is deposited, it gets invariably canceled by the organization whose bank account information was on the check. And then person who deposited the phony check is on the hook for the entire amount.

“Like the car wrap scam, where they send you a check for $5,000, and you agree to keep $1,000 for your first payment and send the rest back to them in exchange for the car wrap materials,” BWare said. “Usually the check includes a letter that says they want you to text a specific phone number to let them know you received the check. When you do that, they’ll start sending you instructions on how and where to send the money.”

A typical confirmation letter that accompanies a counterfeit check for a car wrap scam.

Traditionally, these groups have asked recipients to transit money via wire transfer. But these days, BWare said, the same crooks are now asking people to forward the money via mobile applications like CashApp and Venmo.

BWare and other volunteer fraud fighters believe the fake checks gang is using people looped into phony employment schemes and wooed through online romance scams to print the counterfeit checks, and that other recruits are responsible for mailing them out each day.

“More often than not, the scammers creating the shipping labels will provide those to an unwitting accomplice, or the accomplice is told to log in to an account and print the labels,” BWare explained.

Often the counterfeit checks and labels forwarded by BWare’s informant come with notes attached indicating the type of scam with which they are associated.

“Sometimes they’re mystery shopper scams, and other times it’s overpayment for an item sold on Craigslist,” BWare said. “We don’t know how the scammers are getting the account and routing numbers for these checks, but they are drawn on real companies and always scan fine through a bank’s systems initially. The recipients can deposit them at any bank, but we try to get the checks to the banks when we can so they have a heads up.”

SHRINKING FROM THE FIREHOSE?

Roughly a year ago, BWare’s group started sharing its intelligence with fraud investigators at FedEx and the U.S. Postal Service — the primary delivery mechanisms for these counterfeit checks.

Both the USPS and FedEx have an interest in investigating because the fraudsters in this case are using stolen shipping labels paid for by companies who have no idea their FedEx or USPS accounts are being used for such purposes.

“In most cases, the name of the sender will be completely unrelated to what’s being sent,” BWare said. “For example, you’ll see a label for a letter to go out with a counterfeit check for a car wrap scam, and the sender on the shipping label will be something like XYZ Biological Resources.”

But BWare says a year later, there is little sign that anyone is interested in acting on the shared intelligence.

“It’s so much information that they really don’t want it anymore and they’re not doing anything about it,” BWare said of FedEx and the USPS. “It’s almost like they’re turning a blind eye. There are so many of these checks going out each day that instead of trying to drink from the firehouse, they’re just turning their heads.”

FedEx did not respond to requests for comment. The U.S. Postal Inspection Service responded with a statement saying it “does not comment publicly on its investigative procedures and operational protocols.”

ANY METHOD THAT WORKS

Ronnie Tokazowski is a threat researcher at Agari, a security firm that has closely tracked many of the groups behind these advanced fee schemes [KrebsOnSecurity interviewed Tokazowski in 2018 after he received a security industry award for his work in this area].

Tokazowski said it’s likely the group BWare has infiltrated is involved in a myriad other email fraud schemes, including so-called “business email compromise” (BEC) or “CEO scams,” in which the fraudsters impersonate executives at a company in the hopes of convincing someone at the firm to wire money for payment of a non-existent invoice. According to the FBI, BEC scams netted thieves nearly $2 billion in 2020 — far more than any other type of cybercrime.

In a report released in 2019 (PDF), Agari profiled a group it dubbed “Scattered Canary” that is operating principally out of West Africa and dabbles in a dizzying array of schemes, including BEC and romance scams, FEMA and SBA loans, unemployment insurance fraud, counterfeit checks and of course money laundering.

Image: Agari.

Tokazowski said he doesn’t know if the group BWare is watching has any affiliation with Scattered Canary. But he said his experience with Scattered Canary shows these groups tend to make money via any and all methods that reliably produce results.

“One of the things that came out of the Scattered Canary report was that the actors we saw doing BEC scams were the same actors doing the car wrap and various Craigslist scams involving fake checks,” he said. “The people doing this type of crime will have tutorials on how to run the scam, how to wire money out for unemployment fraud, how to target people on Craigslist, and so on. It’s very different from the way a Russian hacking group might go after one industry vertical or piece of software or focus on one or two types of fraud. They will follow any method they can that works.”

Tokazowski said he’s taken his share of flack from people on social media who say his focus on West African nations as the primary source of these advanced fee and BEC scams is somehow racist [KrebsOnSecurity experienced a similar response to the 2013 stories, Spy Service Exposes Nigerian ‘Yahoo Boys’, and ‘Yahoo Boys’ Have 419 Facebook Friends].

But Tokazowski maintains he has been one of the more vocal proponents of the idea that trying to fight these problems by arresting those involved is something of a Sisyphean task, and that it makes way more sense to focus on changing the economic realities in places like Nigeria, which has been a hotbed of advanced fee activity for decades.

Nigeria has the world’s second-highest unemployment rate — rising from 27.1 percent in 2019 to 33 percent in 2020, according to the National Bureau of Statistics. The nation also is among the world’s most corrupt, according to 2020 findings from Transparency International.

“Education is definitely one piece, as raising awareness is hands down the best way to get ahead of this,” Tokazowski said. “But we also need to think about ways to create more business opportunities there so that people who are doing this to put food on the table have more legitimate opportunities. Unfortunately, thanks to the level of corruption of government officials, there are a lot of cultural reasons that fighting this type of crime at the source is going to be difficult.”

The post We Infiltrated a Counterfeit Check Ring! Now What? appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/we-infiltrated-a-counterfeit-check-ring-now-what/?utm_source=rss&utm_medium=rss&utm_campaign=we-infiltrated-a-counterfeit-check-ring-now-what

Indexsinas SMB Worm Campaign Infests Whole Enterprises

The self-propagating malware’s attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines.
Read More

The post Indexsinas SMB Worm Campaign Infests Whole Enterprises appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/indexsinas-smb-worm-campaign-infests-whole-enterprises/?utm_source=rss&utm_medium=rss&utm_campaign=indexsinas-smb-worm-campaign-infests-whole-enterprises

MalWare Labs & Why You Should Challenge Shift-Left Testing – ESW #233

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by delivering a unique combination of static and dynamic analysis capabilities at scale to identify malicious files including those in the software supply chain.

This segment is sponsored by Reversing Labs.

Visit https://securityweekly.com/ReversingLabs to learn more about them!

The development life cycle as we know it is rapidly changing, and today’s AppSec testing needs to keep up with shorter and faster processes. A shift-left approach is no longer enough to protect web assets – you need much more dynamic tools and ways of working.

This segment is sponsored by Detectify.

Visit https://securityweekly.com/detectify to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

The post MalWare Labs & Why You Should Challenge Shift-Left Testing – ESW #233 appeared first on Malware Devil.

https://malwaredevil.com/2021/06/30/malware-labs-why-you-should-challenge-shift-left-testing-esw-233/?utm_source=rss&utm_medium=rss&utm_campaign=malware-labs-why-you-should-challenge-shift-left-testing-esw-233

Malware Devil

Malware Devil

Thursday, July 1, 2021

ESB-2021.2291 – [SUSE] linux kernel: Multiple vulnerabilities

ESB-2021.2292 – [SUSE] lua53: Denial of service – Remote/unauthenticated

ESB-2021.2293 – [SUSE] go1.15: Multiple vulnerabilities

ESB-2021.2294 – [UNIX/Linux][SUSE] qemu: Multiple vulnerabilities

ESB-2021.2295 – [SUSE] curl: Access confidential data – Remote/unauthenticated

ESB-2021.2296 – [UNIX/Linux][SUSE] dbus-1: Multiple vulnerabilities

ESB-2021.2286 – [RedHat] OpenShift Container Platform: Multiple vulnerabilities

Network Security News Summary for Thursday July 1st, 2021

Wednesday, June 30, 2021

2021-06-30 – TA551 (Shathak) pushes Trickbot with DarkVNC and Cobalt Strike

PrintNightmare, the zero-day hole in Windows – here’s what to do

Why DAST – from Project Management Perspective

We Infiltrated a Counterfeit Check Ring! Now What?

SHRINKING FROM THE FIREHOSE?

ANY METHOD THAT WORKS

Indexsinas SMB Worm Campaign Infests Whole Enterprises

MalWare Labs & Why You Should Challenge Shift-Left Testing – ESW #233

Barbary Pirates and Russian Cybercrime

Blog Archive

About Me