Multiple vulnerabilities in OpenShift Virtualization 4.11



Published: 2022-12-02
Risk High
Patch available YES
Number of vulnerabilities 51
CVE-ID CVE-2022-27405
CVE-2022-25308
CVE-2022-25309
CVE-2022-25310
CVE-2022-26700
CVE-2022-26709
CVE-2022-26710
CVE-2022-26716
CVE-2022-26717
CVE-2022-26719
CVE-2022-27404
CVE-2022-27406
CVE-2022-22662
CVE-2022-29154
CVE-2022-30293
CVE-2022-30698
CVE-2022-30699
CVE-2022-32206
CVE-2022-32208
CVE-2022-34903
CVE-2022-37434
CVE-2022-38177
CVE-2022-38178
CVE-2022-40674
CVE-2022-24795
CVE-2022-22629
CVE-2021-38561
CVE-2022-0391
CVE-2022-24675
CVE-2022-24921
CVE-2022-28327
CVE-2022-30629
CVE-2015-20107
CVE-2016-3709
CVE-2020-0256
CVE-2020-35525
CVE-2020-35527
CVE-2021-0308
CVE-2022-0934
CVE-2022-22628
CVE-2022-1292
CVE-2022-1304
CVE-2022-1586
CVE-2022-1785
CVE-2022-1897
CVE-2022-1927
CVE-2022-2068
CVE-2022-2097
CVE-2022-2509
CVE-2022-3515
CVE-2022-22624
CWE-ID CWE-125
CWE-121
CWE-122
CWE-20
CWE-119
CWE-416
CWE-787
CWE-200
CWE-22
CWE-341
CWE-400
CWE-347
CWE-401
CWE-93
CWE-120
CWE-185
CWE-190
CWE-330
CWE-78
CWE-79
CWE-476
CWE-311
CWE-415
Exploitation vector Network
Public exploit Public exploit code for vulnerability #9 is available.
Public exploit code for vulnerability #21 is available.
Public exploit code for vulnerability #26 is available.
Public exploit code for vulnerability #41 is available.
Vulnerable software
Subscribe
OpenShift Virtualization
Server applications / Virtualization software

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 51 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU65637

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27405

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the "FNT_Size_Request" function. A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Stack-based buffer overflow

EUVDB-ID: #VU62019

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25308

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Heap-based buffer overflow

EUVDB-ID: #VU62020

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25309

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in fribidi_cap_rtl_to_unicode. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU62021

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25310

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to improper handling of empty input when removing marks from unicode strings. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Buffer overflow

EUVDB-ID: #VU63279

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26700

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Use-after-free

EUVDB-ID: #VU63280

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26709

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Use-after-free

EUVDB-ID: #VU63281

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26710

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Buffer overflow

EUVDB-ID: #VU63283

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26716

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Use-after-free

EUVDB-ID: #VU63282

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26717

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Buffer overflow

EUVDB-ID: #VU63284

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26719

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Out-of-bounds write

EUVDB-ID: #VU65639

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-27404

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in the "sfnt_init_face" function. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Out-of-bounds read

EUVDB-ID: #VU65638

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27406

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the "FT_Request_Size" function. A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Information disclosure

EUVDB-ID: #VU61333

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22662

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a cookie management issue in WebKit. A remote attacker can trick the victim to open a specially crafted webpage and gain access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Path traversal

EUVDB-ID: #VU66189

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29154

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote server to perform directory traversal attacks.

The vulnerability exists due to input validation error within the rsync client  when processing file names. A remote malicious server overwrite arbitrary files in the rsync client target directory and subdirectories on the connected peer.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Heap-based buffer overflow

EUVDB-ID: #VU63822

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-30293

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the WebCore::TextureMapperLayer::setContentsLayer() function in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. A remote attacker can trick the victim into visiting a specially crafted web page, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Predictable from Observable State

EUVDB-ID: #VU66548

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-30698

CWE-ID: CWE-341 - Predictable from Observable State

Exploit availability: No

Description

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to the way Unbound handles delegation information expiration event. A remote attacker who controls a rouge DNS server can force the Unbound instance to cache incorrect information about subdomain delegation and permanently poison the DNS cache, e.g. perform the "ghost domain names" attack. 

The attack is carried out when Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. Since Unbound is a child-centric resolver, the ever-updating child delegation information can keep a rogue domain name resolvable long after revocation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Predictable from Observable State

EUVDB-ID: #VU66547

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-30699

CWE-ID: CWE-341 - Predictable from Observable State

Exploit availability: No

Description

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to the way Unbound handles delegation information expiration event. A remote attacker who controls a rouge DNS server can force the Unbound instance to cache incorrect information about domain delegation and permanently poison the DNS cache, e.g. perform the "ghost domain names" attack. 

The attack is perform when Unbound is queried for a rogue domain name, which cached delegation information is about to expire. The rogue nameserver delays the response until the cached delegation information expires. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Resource exhaustion

EUVDB-ID: #VU64682

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32206

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure processing of compressed HTTP responses. A malicious server can send a specially crafted HTTP response to curl and perform a denial of service attack by forcing curl to spend enormous amounts of allocated heap memory, or trying to and returning out of memory errors.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU64685

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32208

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper handling of message verification failures when performing FTP transfers secured by krb5. A remote attacker can perform MitM attack and manipulate data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU64909

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-34903

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error in GnuPG, which allows signature spoofing via arbitrary injection into the status line. A remote attacker who controls the secret part of any signing-capable key or subkey in the victim's keyring, can take advantage of this flaw to provide a correctly-formed signature that some software, including gpgme, will accept to have validity and signer fingerprint chosen from the attacker.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Heap-based buffer overflow

EUVDB-ID: #VU66153

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-37434

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing a large gzip header within inflateGetHeader in inflate.c. A remote attacker can pass a specially crafted file to the affected application, trigger heap-based buffer overflow and execute arbitrary code on the target system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Memory leak

EUVDB-ID: #VU67549

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-38177

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the DNSSEC verification code for the ECDSA algorithm. A remote attacker can spoof the target resolver with responses that have a malformed ECDSA signature and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Memory leak

EUVDB-ID: #VU67550

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-38178

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the DNSSEC verification code for the EdDSA algorithm. A remote attacker can spoof the target resolver with responses that have a malformed EdDSA signature and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Use-after-free

EUVDB-ID: #VU67532

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-40674

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the doContent() function in xmlparse.c. A remote attacker can pass specially crafted input to the application that is using the affected library, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Heap-based buffer overflow

EUVDB-ID: #VU64001

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-24795

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary error when handling large inputs. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Heap-based buffer overflow

EUVDB-ID: #VU61337

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22629

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content within the WebGLMultiDraw component. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Out-of-bounds read

EUVDB-ID: #VU65006

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-38561

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) CRLF injection

EUVDB-ID: #VU61675

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-0391

CWE-ID: CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to inject arbitrary data in server response.

The vulnerability exists due to insufficient validation of attacker-supplied data within the urllib.parse module in Python. A remote attacker can pass specially crafted data to the application containing CR-LF characters and modify application behavior.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Buffer overflow

EUVDB-ID: #VU64266

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-24675

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the Golang's library encoding/pem. A remote attacker can send to victim a large (more than 5 MB) PEM input to cause a stack overflow in Decode and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) Incorrect Regular Expression

EUVDB-ID: #VU61227

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-24921

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in regexp.Compile in Go. A remote attacker can pass specially crafted input to the application and perform regular expression denial of service (ReDoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

31) Integer overflow

EUVDB-ID: #VU64269

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-28327

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to integer overflow in the Golang's library crypto/elliptic. A remote attacker can send a specially crafted scalar input longer than 32 bytes to cause P256().ScalarMult or P256().ScalarBaseMult to panic and perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

32) Use of insufficiently random values

EUVDB-ID: #VU66122

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-30629

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote attacker gain access to sensitive information.

The vulnerability exists in crypto/tls implementation when generating TLS tickets age. The newSessionTicketMsgTLS13.ageAdd is always set to "0" instead of a random value.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

33) OS Command Injection

EUVDB-ID: #VU64573

Risk: High

CVSSv3.1:

CVE-ID: CVE-2015-20107

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the mailcap module, which does not escape characters into commands discovered in the system mailcap file. A remote unauthenticated attacker can pass specially crafted data to the applications that call mailcap.findmatch with untrusted input and execute arbitrary OS commands on the target system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

34) Cross-site scripting

EUVDB-ID: #VU66123

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2016-3709

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

35) Out-of-bounds write

EUVDB-ID: #VU45872

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-0256

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

36) NULL pointer dereference

EUVDB-ID: #VU67411

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-35525

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the INTERSEC query processing. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

37) Out-of-bounds read

EUVDB-ID: #VU67412

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-35527

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling ALTER TABLE for views that have a nested FROM clause. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

38) Out-of-bounds write

EUVDB-ID: #VU49882

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-0308

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

39) Use-after-free

EUVDB-ID: #VU63013

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-0934

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when handling DHCPv6 requests. A remote attacker can send specially crafted DHCPv6 packets to the affected application, trigger a use-after-free error and perform a denial of service (DoS) attack.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

40) Use-after-free

EUVDB-ID: #VU61336

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22628

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

41) OS Command Injection

EUVDB-ID: #VU62765

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-1292

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

42) Out-of-bounds write

EUVDB-ID: #VU64075

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-1304

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can use a specially crafted filesystem, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

43) Out-of-bounds read

EUVDB-ID: #VU63945

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-1586

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary condition in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. A remote attacker can pass specially crafted data to the application, trigger out-of-bounds read error, gain access to sensitive information or perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

44) Out-of-bounds write

EUVDB-ID: #VU63487

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-1785

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code

The vulnerability exists due to a boundary error when processing untrusted input in vim_regsub_both() function. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

45) Out-of-bounds write

EUVDB-ID: #VU64506

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-1897

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to Illegal memory access and leads to an out-of-bounds write vulnerability in the vim_regsub_both() function. A local attacker can trick the victim into opening a specially crafted file, leading to a system crash or code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

46) Out-of-bounds read

EUVDB-ID: #VU64508

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-1927

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the system.

The vulnerability exists due to Illegal memory access and leads to a buffer over-read vulnerability in the utf_ptr2char() function. A local attacker can trick the victim into opening a specially crafted file, trigger out-of-bounds read error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

47) OS Command Injection

EUVDB-ID: #VU64559

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2068

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the c_rehash script distributed by some operating systems. A remote attacker with ability to pass data to c_rehash script can and execute arbitrary OS commands with the privileges of the script.

The vulnerability exists due to incomplete fix for #VU62765 (CVE-2022-1292).

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

48) Missing Encryption of Sensitive Data

EUVDB-ID: #VU64922

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2097

CWE-ID: CWE-311 - Missing Encryption of Sensitive Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error in AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation. Under specific circumstances OpenSSL does not encrypt the entire message and can reveal sixteen bytes of data that was preexisting in the memory that wasn't written. A remote attacker can gain access to potentially sensitive information.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

49) Double Free

EUVDB-ID: #VU65915

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-2509

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within gnutls_pkcs7_verify() function when verifying the pkcs7 signatures. A remote attacker can pass specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

50) Integer overflow

EUVDB-ID: #VU68376

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-3515

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the CRL parser in libksba. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

51) Use-after-free

EUVDB-ID: #VU61335

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22624

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: before 4.11.1


CPE2.3
External links

http://access.redhat.com/errata/RHSA-2022:8750

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###