Rocky Linux 8 : Satellite 6.11 Release (Moderate) (RLSA-2022:5498)

critical Nessus Plugin ID 184590

Synopsis

The remote Rocky Linux host is missing one or more security updates.

Description

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5498 advisory.

- Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user.
As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method File.createTempFile on unix-like systems creates a random file, but, by default will create this file with the permissions -rw-r--r--. Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's AbstractDiskHttpData is vulnerable.
This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own java.io.tmpdir when you start the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user. (CVE-2021-21290)

- Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`. (CVE-2021-21295)

- Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case.
This was fixed as part of 4.1.61.Final. (CVE-2021-21409)

- Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. (CVE-2021-30151)

- Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service (CVE-2021-3200)

- sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround don't use the sqlformat.format function with keyword strip_comments=True or the --strip- comments command line flag when using the sqlformat command line tool. The issues has been fixed in sqlparse 0.4.2. (CVE-2021-32839)

- Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. (CVE-2021-33928)

- Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. (CVE-2021-33929)

- Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. (CVE-2021-33930)

- Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. (CVE-2021-33938)

- A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0. (CVE-2021-3584)

- Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with `puma`. (CVE-2021-41136)

- The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin. (CVE-2021-4142)

- In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. (CVE-2021-42550)

- Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to sanitize header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final. (CVE-2021-43797)

- lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. (CVE-2021-43818)

- In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. (CVE-2021-44420)

- Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service. (CVE-2021-44568)

- An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1.
UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack. (CVE-2021-45115)

- An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. (CVE-2021-45116)

- Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. (CVE-2021-45452)

- The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. (CVE-2022-22818)

- Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA- wh98-p28r-vrc9 can be used. (CVE-2022-23633)

- Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAttributes` implementation to work correctly. The combination of these two behaviors (Puma not closing the body + Rails' Executor implementation) causes information leakage. This problem is fixed in Puma versions 5.6.2 and 4.3.11. This problem is fixed in Rails versions 7.02.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2. Upgrading to a patched Rails _or_ Puma version fixes the vulnerability. (CVE-2022-23634)

- An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
(CVE-2022-23833)

- In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
(CVE-2022-23837)

- An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4.
QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. (CVE-2022-28346)

- A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the
**options argument, and placing the injection payload in an option name. (CVE-2022-28347)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://errata.rockylinux.org/RLSA-2022:5498

https://bugzilla.redhat.com/show_bug.cgi?id=1459231

https://bugzilla.redhat.com/show_bug.cgi?id=1473263

https://bugzilla.redhat.com/show_bug.cgi?id=1545000

https://bugzilla.redhat.com/show_bug.cgi?id=1596004

https://bugzilla.redhat.com/show_bug.cgi?id=1609543

https://bugzilla.redhat.com/show_bug.cgi?id=1659649

https://bugzilla.redhat.com/show_bug.cgi?id=1662924

https://bugzilla.redhat.com/show_bug.cgi?id=1685708

https://bugzilla.redhat.com/show_bug.cgi?id=2032928

https://bugzilla.redhat.com/show_bug.cgi?id=2032956

https://bugzilla.redhat.com/show_bug.cgi?id=2033174

https://bugzilla.redhat.com/show_bug.cgi?id=2033201

https://bugzilla.redhat.com/show_bug.cgi?id=2033217

https://bugzilla.redhat.com/show_bug.cgi?id=2033336

https://bugzilla.redhat.com/show_bug.cgi?id=2033560

https://bugzilla.redhat.com/show_bug.cgi?id=2033593

https://bugzilla.redhat.com/show_bug.cgi?id=2033847

https://bugzilla.redhat.com/show_bug.cgi?id=2033853

https://bugzilla.redhat.com/show_bug.cgi?id=2033940

https://bugzilla.redhat.com/show_bug.cgi?id=2034317

https://bugzilla.redhat.com/show_bug.cgi?id=2034346

https://bugzilla.redhat.com/show_bug.cgi?id=2034461

https://bugzilla.redhat.com/show_bug.cgi?id=2034552

https://bugzilla.redhat.com/show_bug.cgi?id=2034635

https://bugzilla.redhat.com/show_bug.cgi?id=2034643

https://bugzilla.redhat.com/show_bug.cgi?id=2034649

https://bugzilla.redhat.com/show_bug.cgi?id=2034659

https://bugzilla.redhat.com/show_bug.cgi?id=2035195

https://bugzilla.redhat.com/show_bug.cgi?id=2035204

https://bugzilla.redhat.com/show_bug.cgi?id=2035480

https://bugzilla.redhat.com/show_bug.cgi?id=2035907

https://bugzilla.redhat.com/show_bug.cgi?id=2036054

https://bugzilla.redhat.com/show_bug.cgi?id=2036187

https://bugzilla.redhat.com/show_bug.cgi?id=2036381

https://bugzilla.redhat.com/show_bug.cgi?id=2036628

https://bugzilla.redhat.com/show_bug.cgi?id=2036721

https://bugzilla.redhat.com/show_bug.cgi?id=2037024

https://bugzilla.redhat.com/show_bug.cgi?id=2037025

https://bugzilla.redhat.com/show_bug.cgi?id=2037028

https://bugzilla.redhat.com/show_bug.cgi?id=2037180

https://bugzilla.redhat.com/show_bug.cgi?id=2037275

https://bugzilla.redhat.com/show_bug.cgi?id=2037508

https://bugzilla.redhat.com/show_bug.cgi?id=2037518

https://bugzilla.redhat.com/show_bug.cgi?id=2037520

https://bugzilla.redhat.com/show_bug.cgi?id=2037648

https://bugzilla.redhat.com/show_bug.cgi?id=2037706

https://bugzilla.redhat.com/show_bug.cgi?id=2037773

https://bugzilla.redhat.com/show_bug.cgi?id=2038042

https://bugzilla.redhat.com/show_bug.cgi?id=2038192

https://bugzilla.redhat.com/show_bug.cgi?id=2038241

https://bugzilla.redhat.com/show_bug.cgi?id=2038388

https://bugzilla.redhat.com/show_bug.cgi?id=2038432

https://bugzilla.redhat.com/show_bug.cgi?id=2038849

https://bugzilla.redhat.com/show_bug.cgi?id=2039289

https://bugzilla.redhat.com/show_bug.cgi?id=2039696

https://bugzilla.redhat.com/show_bug.cgi?id=2040406

https://bugzilla.redhat.com/show_bug.cgi?id=2040447

https://bugzilla.redhat.com/show_bug.cgi?id=2040453

https://bugzilla.redhat.com/show_bug.cgi?id=2040596

https://bugzilla.redhat.com/show_bug.cgi?id=2040650

https://bugzilla.redhat.com/show_bug.cgi?id=2040773

https://bugzilla.redhat.com/show_bug.cgi?id=2040796

https://bugzilla.redhat.com/show_bug.cgi?id=2040870

https://bugzilla.redhat.com/show_bug.cgi?id=2041457

https://bugzilla.redhat.com/show_bug.cgi?id=2041497

https://bugzilla.redhat.com/show_bug.cgi?id=2041508

https://bugzilla.redhat.com/show_bug.cgi?id=2041551

https://bugzilla.redhat.com/show_bug.cgi?id=2041588

https://bugzilla.redhat.com/show_bug.cgi?id=2041701

https://bugzilla.redhat.com/show_bug.cgi?id=2042416

https://bugzilla.redhat.com/show_bug.cgi?id=2042480

https://bugzilla.redhat.com/show_bug.cgi?id=2042848

https://bugzilla.redhat.com/show_bug.cgi?id=2042861

https://bugzilla.redhat.com/show_bug.cgi?id=2043081

https://bugzilla.redhat.com/show_bug.cgi?id=2043097

https://bugzilla.redhat.com/show_bug.cgi?id=2043144

https://bugzilla.redhat.com/show_bug.cgi?id=2043248

https://bugzilla.redhat.com/show_bug.cgi?id=1693733

https://bugzilla.redhat.com/show_bug.cgi?id=1694659

https://bugzilla.redhat.com/show_bug.cgi?id=1713401

https://bugzilla.redhat.com/show_bug.cgi?id=1723632

https://bugzilla.redhat.com/show_bug.cgi?id=1723751

https://bugzilla.redhat.com/show_bug.cgi?id=1735540

https://bugzilla.redhat.com/show_bug.cgi?id=1744521

https://bugzilla.redhat.com/show_bug.cgi?id=1761421

https://bugzilla.redhat.com/show_bug.cgi?id=1770075

https://bugzilla.redhat.com/show_bug.cgi?id=1771724

https://bugzilla.redhat.com/show_bug.cgi?id=1777820

https://bugzilla.redhat.com/show_bug.cgi?id=1784254

https://bugzilla.redhat.com/show_bug.cgi?id=1805028

https://bugzilla.redhat.com/show_bug.cgi?id=1807258

https://bugzilla.redhat.com/show_bug.cgi?id=1807536

https://bugzilla.redhat.com/show_bug.cgi?id=1809769

https://bugzilla.redhat.com/show_bug.cgi?id=1811166

https://bugzilla.redhat.com/show_bug.cgi?id=1813624

https://bugzilla.redhat.com/show_bug.cgi?id=1819309

https://bugzilla.redhat.com/show_bug.cgi?id=1825761

https://bugzilla.redhat.com/show_bug.cgi?id=1832858

https://bugzilla.redhat.com/show_bug.cgi?id=1844848

https://bugzilla.redhat.com/show_bug.cgi?id=1845471

https://bugzilla.redhat.com/show_bug.cgi?id=1847825

https://bugzilla.redhat.com/show_bug.cgi?id=1851808

https://bugzilla.redhat.com/show_bug.cgi?id=1852897

https://bugzilla.redhat.com/show_bug.cgi?id=1862140

https://bugzilla.redhat.com/show_bug.cgi?id=1867193

https://bugzilla.redhat.com/show_bug.cgi?id=1869351

https://bugzilla.redhat.com/show_bug.cgi?id=1872688

https://bugzilla.redhat.com/show_bug.cgi?id=1873241

https://bugzilla.redhat.com/show_bug.cgi?id=1877283

https://bugzilla.redhat.com/show_bug.cgi?id=1878049

https://bugzilla.redhat.com/show_bug.cgi?id=1881668

https://bugzilla.redhat.com/show_bug.cgi?id=1883612

https://bugzilla.redhat.com/show_bug.cgi?id=1883816

https://bugzilla.redhat.com/show_bug.cgi?id=1886780

https://bugzilla.redhat.com/show_bug.cgi?id=1893059

https://bugzilla.redhat.com/show_bug.cgi?id=1896628

https://bugzilla.redhat.com/show_bug.cgi?id=1898656

https://bugzilla.redhat.com/show_bug.cgi?id=1899481

https://bugzilla.redhat.com/show_bug.cgi?id=1902047

https://bugzilla.redhat.com/show_bug.cgi?id=1902314

https://bugzilla.redhat.com/show_bug.cgi?id=1906023

https://bugzilla.redhat.com/show_bug.cgi?id=1907795

https://bugzilla.redhat.com/show_bug.cgi?id=1910433

https://bugzilla.redhat.com/show_bug.cgi?id=1911545

https://bugzilla.redhat.com/show_bug.cgi?id=1914803

https://bugzilla.redhat.com/show_bug.cgi?id=1915394

https://bugzilla.redhat.com/show_bug.cgi?id=1919146

https://bugzilla.redhat.com/show_bug.cgi?id=1920579

https://bugzilla.redhat.com/show_bug.cgi?id=1922872

https://bugzilla.redhat.com/show_bug.cgi?id=1923766

https://bugzilla.redhat.com/show_bug.cgi?id=1924625

https://bugzilla.redhat.com/show_bug.cgi?id=1927028

https://bugzilla.redhat.com/show_bug.cgi?id=1927532

https://bugzilla.redhat.com/show_bug.cgi?id=1931489

https://bugzilla.redhat.com/show_bug.cgi?id=1937364

https://bugzilla.redhat.com/show_bug.cgi?id=1937470

https://bugzilla.redhat.com/show_bug.cgi?id=1940308

https://bugzilla.redhat.com/show_bug.cgi?id=1942806

https://bugzilla.redhat.com/show_bug.cgi?id=1944802

https://bugzilla.redhat.com/show_bug.cgi?id=1944888

https://bugzilla.redhat.com/show_bug.cgi?id=1951626

https://bugzilla.redhat.com/show_bug.cgi?id=1955385

https://bugzilla.redhat.com/show_bug.cgi?id=1957070

https://bugzilla.redhat.com/show_bug.cgi?id=1957288

https://bugzilla.redhat.com/show_bug.cgi?id=1958664

https://bugzilla.redhat.com/show_bug.cgi?id=1959691

https://bugzilla.redhat.com/show_bug.cgi?id=1960228

https://bugzilla.redhat.com/show_bug.cgi?id=1962307

https://bugzilla.redhat.com/show_bug.cgi?id=1962410

https://bugzilla.redhat.com/show_bug.cgi?id=1962847

https://bugzilla.redhat.com/show_bug.cgi?id=1964394

https://bugzilla.redhat.com/show_bug.cgi?id=1965968

https://bugzilla.redhat.com/show_bug.cgi?id=1967319

https://bugzilla.redhat.com/show_bug.cgi?id=1968439

https://bugzilla.redhat.com/show_bug.cgi?id=1969748

https://bugzilla.redhat.com/show_bug.cgi?id=1969992

https://bugzilla.redhat.com/show_bug.cgi?id=1970482

https://bugzilla.redhat.com/show_bug.cgi?id=1972501

https://bugzilla.redhat.com/show_bug.cgi?id=1973146

https://bugzilla.redhat.com/show_bug.cgi?id=1974225

https://bugzilla.redhat.com/show_bug.cgi?id=2043501

https://bugzilla.redhat.com/show_bug.cgi?id=2043609

https://bugzilla.redhat.com/show_bug.cgi?id=2043726

https://bugzilla.redhat.com/show_bug.cgi?id=2044581

https://bugzilla.redhat.com/show_bug.cgi?id=2044606

https://bugzilla.redhat.com/show_bug.cgi?id=2044631

https://bugzilla.redhat.com/show_bug.cgi?id=2044839

https://bugzilla.redhat.com/show_bug.cgi?id=2045504

https://bugzilla.redhat.com/show_bug.cgi?id=2045854

https://bugzilla.redhat.com/show_bug.cgi?id=2046281

https://bugzilla.redhat.com/show_bug.cgi?id=2046307

https://bugzilla.redhat.com/show_bug.cgi?id=2046322

https://bugzilla.redhat.com/show_bug.cgi?id=2046328

https://bugzilla.redhat.com/show_bug.cgi?id=2046337

https://bugzilla.redhat.com/show_bug.cgi?id=2046484

https://bugzilla.redhat.com/show_bug.cgi?id=2046573

https://bugzilla.redhat.com/show_bug.cgi?id=2047285

https://bugzilla.redhat.com/show_bug.cgi?id=2047443

https://bugzilla.redhat.com/show_bug.cgi?id=2047451

https://bugzilla.redhat.com/show_bug.cgi?id=2047485

https://bugzilla.redhat.com/show_bug.cgi?id=2047649

https://bugzilla.redhat.com/show_bug.cgi?id=2047675

https://bugzilla.redhat.com/show_bug.cgi?id=2047683

https://bugzilla.redhat.com/show_bug.cgi?id=2048470

https://bugzilla.redhat.com/show_bug.cgi?id=2048517

https://bugzilla.redhat.com/show_bug.cgi?id=2048560

https://bugzilla.redhat.com/show_bug.cgi?id=2048775

https://bugzilla.redhat.com/show_bug.cgi?id=2048778

https://bugzilla.redhat.com/show_bug.cgi?id=2048913

https://bugzilla.redhat.com/show_bug.cgi?id=2048927

https://bugzilla.redhat.com/show_bug.cgi?id=2048986

https://bugzilla.redhat.com/show_bug.cgi?id=2049143

https://bugzilla.redhat.com/show_bug.cgi?id=2049304

https://bugzilla.redhat.com/show_bug.cgi?id=2049799

https://bugzilla.redhat.com/show_bug.cgi?id=2049913

https://bugzilla.redhat.com/show_bug.cgi?id=2050100

https://bugzilla.redhat.com/show_bug.cgi?id=2050297

https://bugzilla.redhat.com/show_bug.cgi?id=2050323

https://bugzilla.redhat.com/show_bug.cgi?id=2050440

https://bugzilla.redhat.com/show_bug.cgi?id=2051374

https://bugzilla.redhat.com/show_bug.cgi?id=2051408

https://bugzilla.redhat.com/show_bug.cgi?id=2051468

https://bugzilla.redhat.com/show_bug.cgi?id=2051522

https://bugzilla.redhat.com/show_bug.cgi?id=2051543

https://bugzilla.redhat.com/show_bug.cgi?id=2051912

https://bugzilla.redhat.com/show_bug.cgi?id=2052048

https://bugzilla.redhat.com/show_bug.cgi?id=2052088

https://bugzilla.redhat.com/show_bug.cgi?id=2052420

https://bugzilla.redhat.com/show_bug.cgi?id=2052493

https://bugzilla.redhat.com/show_bug.cgi?id=2052506

https://bugzilla.redhat.com/show_bug.cgi?id=2052524

https://bugzilla.redhat.com/show_bug.cgi?id=2052815

https://bugzilla.redhat.com/show_bug.cgi?id=2052958

https://bugzilla.redhat.com/show_bug.cgi?id=2053329

https://bugzilla.redhat.com/show_bug.cgi?id=2053395

https://bugzilla.redhat.com/show_bug.cgi?id=2053478

https://bugzilla.redhat.com/show_bug.cgi?id=2053601

https://bugzilla.redhat.com/show_bug.cgi?id=2053839

https://bugzilla.redhat.com/show_bug.cgi?id=2053843

https://bugzilla.redhat.com/show_bug.cgi?id=2053872

https://bugzilla.redhat.com/show_bug.cgi?id=2053876

https://bugzilla.redhat.com/show_bug.cgi?id=2053884

https://bugzilla.redhat.com/show_bug.cgi?id=2053923

https://bugzilla.redhat.com/show_bug.cgi?id=2053928

https://bugzilla.redhat.com/show_bug.cgi?id=2053956

https://bugzilla.redhat.com/show_bug.cgi?id=2053970

https://bugzilla.redhat.com/show_bug.cgi?id=2053996

https://bugzilla.redhat.com/show_bug.cgi?id=2053997

https://bugzilla.redhat.com/show_bug.cgi?id=2054008

https://bugzilla.redhat.com/show_bug.cgi?id=2054121

https://bugzilla.redhat.com/show_bug.cgi?id=2054123

https://bugzilla.redhat.com/show_bug.cgi?id=2054165

https://bugzilla.redhat.com/show_bug.cgi?id=2054174

https://bugzilla.redhat.com/show_bug.cgi?id=2054182

https://bugzilla.redhat.com/show_bug.cgi?id=2054211

https://bugzilla.redhat.com/show_bug.cgi?id=2054340

https://bugzilla.redhat.com/show_bug.cgi?id=2054758

https://bugzilla.redhat.com/show_bug.cgi?id=2054849

https://bugzilla.redhat.com/show_bug.cgi?id=2054971

https://bugzilla.redhat.com/show_bug.cgi?id=2055159

https://bugzilla.redhat.com/show_bug.cgi?id=2055312

https://bugzilla.redhat.com/show_bug.cgi?id=2055329

https://bugzilla.redhat.com/show_bug.cgi?id=2055495

https://bugzilla.redhat.com/show_bug.cgi?id=2055513

https://bugzilla.redhat.com/show_bug.cgi?id=2055570

https://bugzilla.redhat.com/show_bug.cgi?id=2055808

https://bugzilla.redhat.com/show_bug.cgi?id=2055951

https://bugzilla.redhat.com/show_bug.cgi?id=2056167

https://bugzilla.redhat.com/show_bug.cgi?id=2056171

https://bugzilla.redhat.com/show_bug.cgi?id=2056172

https://bugzilla.redhat.com/show_bug.cgi?id=2056173

https://bugzilla.redhat.com/show_bug.cgi?id=2056177

https://bugzilla.redhat.com/show_bug.cgi?id=2056178

https://bugzilla.redhat.com/show_bug.cgi?id=2056183

https://bugzilla.redhat.com/show_bug.cgi?id=2056186

https://bugzilla.redhat.com/show_bug.cgi?id=2056189

https://bugzilla.redhat.com/show_bug.cgi?id=2056198

https://bugzilla.redhat.com/show_bug.cgi?id=2056202

https://bugzilla.redhat.com/show_bug.cgi?id=2056237

https://bugzilla.redhat.com/show_bug.cgi?id=2056469

https://bugzilla.redhat.com/show_bug.cgi?id=2056657

https://bugzilla.redhat.com/show_bug.cgi?id=2056966

https://bugzilla.redhat.com/show_bug.cgi?id=2057178

https://bugzilla.redhat.com/show_bug.cgi?id=2057309

https://bugzilla.redhat.com/show_bug.cgi?id=2057416

https://bugzilla.redhat.com/show_bug.cgi?id=2057605

https://bugzilla.redhat.com/show_bug.cgi?id=2057632

https://bugzilla.redhat.com/show_bug.cgi?id=2057658

https://bugzilla.redhat.com/show_bug.cgi?id=1975321

https://bugzilla.redhat.com/show_bug.cgi?id=1978323

https://bugzilla.redhat.com/show_bug.cgi?id=1978689

https://bugzilla.redhat.com/show_bug.cgi?id=1979092

https://bugzilla.redhat.com/show_bug.cgi?id=1979907

https://bugzilla.redhat.com/show_bug.cgi?id=1980023

https://bugzilla.redhat.com/show_bug.cgi?id=1980166

https://bugzilla.redhat.com/show_bug.cgi?id=1982970

https://bugzilla.redhat.com/show_bug.cgi?id=1988370

https://bugzilla.redhat.com/show_bug.cgi?id=1992570

https://bugzilla.redhat.com/show_bug.cgi?id=1992624

https://bugzilla.redhat.com/show_bug.cgi?id=1992698

https://bugzilla.redhat.com/show_bug.cgi?id=1994212

https://bugzilla.redhat.com/show_bug.cgi?id=1994237

https://bugzilla.redhat.com/show_bug.cgi?id=1994397

https://bugzilla.redhat.com/show_bug.cgi?id=1994679

https://bugzilla.redhat.com/show_bug.cgi?id=1996803

https://bugzilla.redhat.com/show_bug.cgi?id=1997575

https://bugzilla.redhat.com/show_bug.cgi?id=1997818

https://bugzilla.redhat.com/show_bug.cgi?id=1998172

https://bugzilla.redhat.com/show_bug.cgi?id=1999604

https://bugzilla.redhat.com/show_bug.cgi?id=2000699

https://bugzilla.redhat.com/show_bug.cgi?id=2000703

https://bugzilla.redhat.com/show_bug.cgi?id=2000705

https://bugzilla.redhat.com/show_bug.cgi?id=2000707

https://bugzilla.redhat.com/show_bug.cgi?id=2000769

https://bugzilla.redhat.com/show_bug.cgi?id=2002995

https://bugzilla.redhat.com/show_bug.cgi?id=2004016

https://bugzilla.redhat.com/show_bug.cgi?id=2004158

https://bugzilla.redhat.com/show_bug.cgi?id=2004234

https://bugzilla.redhat.com/show_bug.cgi?id=2004335

https://bugzilla.redhat.com/show_bug.cgi?id=2005072

https://bugzilla.redhat.com/show_bug.cgi?id=2007655

https://bugzilla.redhat.com/show_bug.cgi?id=2008809

https://bugzilla.redhat.com/show_bug.cgi?id=2009049

https://bugzilla.redhat.com/show_bug.cgi?id=2009398

https://bugzilla.redhat.com/show_bug.cgi?id=2010138

https://bugzilla.redhat.com/show_bug.cgi?id=2011062

https://bugzilla.redhat.com/show_bug.cgi?id=2013495

https://bugzilla.redhat.com/show_bug.cgi?id=2013503

https://bugzilla.redhat.com/show_bug.cgi?id=2013837

https://bugzilla.redhat.com/show_bug.cgi?id=2014037

https://bugzilla.redhat.com/show_bug.cgi?id=2014244

https://bugzilla.redhat.com/show_bug.cgi?id=2014251

https://bugzilla.redhat.com/show_bug.cgi?id=2018263

https://bugzilla.redhat.com/show_bug.cgi?id=2020329

https://bugzilla.redhat.com/show_bug.cgi?id=2021255

https://bugzilla.redhat.com/show_bug.cgi?id=2021352

https://bugzilla.redhat.com/show_bug.cgi?id=2021406

https://bugzilla.redhat.com/show_bug.cgi?id=2021985

https://bugzilla.redhat.com/show_bug.cgi?id=2022648

https://bugzilla.redhat.com/show_bug.cgi?id=2023809

https://bugzilla.redhat.com/show_bug.cgi?id=2024269

https://bugzilla.redhat.com/show_bug.cgi?id=2024553

https://bugzilla.redhat.com/show_bug.cgi?id=2024889

https://bugzilla.redhat.com/show_bug.cgi?id=2024894

https://bugzilla.redhat.com/show_bug.cgi?id=2024963

https://bugzilla.redhat.com/show_bug.cgi?id=2024978

https://bugzilla.redhat.com/show_bug.cgi?id=2024986

https://bugzilla.redhat.com/show_bug.cgi?id=2025049

https://bugzilla.redhat.com/show_bug.cgi?id=2025437

https://bugzilla.redhat.com/show_bug.cgi?id=2025494

https://bugzilla.redhat.com/show_bug.cgi?id=2025523

https://bugzilla.redhat.com/show_bug.cgi?id=2025760

https://bugzilla.redhat.com/show_bug.cgi?id=2025811

https://bugzilla.redhat.com/show_bug.cgi?id=2026239

https://bugzilla.redhat.com/show_bug.cgi?id=2026277

https://bugzilla.redhat.com/show_bug.cgi?id=2026415

https://bugzilla.redhat.com/show_bug.cgi?id=2026658

https://bugzilla.redhat.com/show_bug.cgi?id=2026718

https://bugzilla.redhat.com/show_bug.cgi?id=2026873

https://bugzilla.redhat.com/show_bug.cgi?id=2027052

https://bugzilla.redhat.com/show_bug.cgi?id=2027968

https://bugzilla.redhat.com/show_bug.cgi?id=2028178

https://bugzilla.redhat.com/show_bug.cgi?id=2028205

https://bugzilla.redhat.com/show_bug.cgi?id=2028273

https://bugzilla.redhat.com/show_bug.cgi?id=2028377

https://bugzilla.redhat.com/show_bug.cgi?id=2028446

https://bugzilla.redhat.com/show_bug.cgi?id=2028733

https://bugzilla.redhat.com/show_bug.cgi?id=2029192

https://bugzilla.redhat.com/show_bug.cgi?id=2029375

https://bugzilla.redhat.com/show_bug.cgi?id=2029385

https://bugzilla.redhat.com/show_bug.cgi?id=2029548

https://bugzilla.redhat.com/show_bug.cgi?id=2029760

https://bugzilla.redhat.com/show_bug.cgi?id=2029807

https://bugzilla.redhat.com/show_bug.cgi?id=2029828

https://bugzilla.redhat.com/show_bug.cgi?id=2029829

https://bugzilla.redhat.com/show_bug.cgi?id=2029914

https://bugzilla.redhat.com/show_bug.cgi?id=2030101

https://bugzilla.redhat.com/show_bug.cgi?id=2030273

https://bugzilla.redhat.com/show_bug.cgi?id=2030434

https://bugzilla.redhat.com/show_bug.cgi?id=2030460

https://bugzilla.redhat.com/show_bug.cgi?id=2030715

https://bugzilla.redhat.com/show_bug.cgi?id=2031154

https://bugzilla.redhat.com/show_bug.cgi?id=2031958

https://bugzilla.redhat.com/show_bug.cgi?id=2032098

https://bugzilla.redhat.com/show_bug.cgi?id=2032400

https://bugzilla.redhat.com/show_bug.cgi?id=2032569

https://bugzilla.redhat.com/show_bug.cgi?id=2032602

https://bugzilla.redhat.com/show_bug.cgi?id=2057782

https://bugzilla.redhat.com/show_bug.cgi?id=2057848

https://bugzilla.redhat.com/show_bug.cgi?id=2058397

https://bugzilla.redhat.com/show_bug.cgi?id=2058532

https://bugzilla.redhat.com/show_bug.cgi?id=2058649

https://bugzilla.redhat.com/show_bug.cgi?id=2058711

https://bugzilla.redhat.com/show_bug.cgi?id=2058844

https://bugzilla.redhat.com/show_bug.cgi?id=2058863

https://bugzilla.redhat.com/show_bug.cgi?id=2058867

https://bugzilla.redhat.com/show_bug.cgi?id=2058894

https://bugzilla.redhat.com/show_bug.cgi?id=2058905

https://bugzilla.redhat.com/show_bug.cgi?id=2058984

https://bugzilla.redhat.com/show_bug.cgi?id=2059576

https://bugzilla.redhat.com/show_bug.cgi?id=2059985

https://bugzilla.redhat.com/show_bug.cgi?id=2060097

https://bugzilla.redhat.com/show_bug.cgi?id=2060396

https://bugzilla.redhat.com/show_bug.cgi?id=2060512

https://bugzilla.redhat.com/show_bug.cgi?id=2060546

https://bugzilla.redhat.com/show_bug.cgi?id=2060885

https://bugzilla.redhat.com/show_bug.cgi?id=2061688

https://bugzilla.redhat.com/show_bug.cgi?id=2061749

https://bugzilla.redhat.com/show_bug.cgi?id=2061773

https://bugzilla.redhat.com/show_bug.cgi?id=2061970

https://bugzilla.redhat.com/show_bug.cgi?id=2062189

https://bugzilla.redhat.com/show_bug.cgi?id=2062476

https://bugzilla.redhat.com/show_bug.cgi?id=2063149

https://bugzilla.redhat.com/show_bug.cgi?id=2063190

https://bugzilla.redhat.com/show_bug.cgi?id=2063575

https://bugzilla.redhat.com/show_bug.cgi?id=2063910

https://bugzilla.redhat.com/show_bug.cgi?id=2064400

https://bugzilla.redhat.com/show_bug.cgi?id=2064410

https://bugzilla.redhat.com/show_bug.cgi?id=2064434

https://bugzilla.redhat.com/show_bug.cgi?id=2064583

https://bugzilla.redhat.com/show_bug.cgi?id=2064707

https://bugzilla.redhat.com/show_bug.cgi?id=2064793

https://bugzilla.redhat.com/show_bug.cgi?id=2065015

https://bugzilla.redhat.com/show_bug.cgi?id=2065027

https://bugzilla.redhat.com/show_bug.cgi?id=2065391

https://bugzilla.redhat.com/show_bug.cgi?id=2065448

https://bugzilla.redhat.com/show_bug.cgi?id=2065450

https://bugzilla.redhat.com/show_bug.cgi?id=2066408

https://bugzilla.redhat.com/show_bug.cgi?id=2066899

https://bugzilla.redhat.com/show_bug.cgi?id=2067301

https://bugzilla.redhat.com/show_bug.cgi?id=2067331

https://bugzilla.redhat.com/show_bug.cgi?id=2069135

https://bugzilla.redhat.com/show_bug.cgi?id=2069248

https://bugzilla.redhat.com/show_bug.cgi?id=2069381

https://bugzilla.redhat.com/show_bug.cgi?id=2069456

https://bugzilla.redhat.com/show_bug.cgi?id=2069459

https://bugzilla.redhat.com/show_bug.cgi?id=2069640

https://bugzilla.redhat.com/show_bug.cgi?id=2070176

https://bugzilla.redhat.com/show_bug.cgi?id=2070177

https://bugzilla.redhat.com/show_bug.cgi?id=2070242

https://bugzilla.redhat.com/show_bug.cgi?id=2070272

https://bugzilla.redhat.com/show_bug.cgi?id=2070620

https://bugzilla.redhat.com/show_bug.cgi?id=2072447

https://bugzilla.redhat.com/show_bug.cgi?id=2072459

https://bugzilla.redhat.com/show_bug.cgi?id=2072530

https://bugzilla.redhat.com/show_bug.cgi?id=2073039

https://bugzilla.redhat.com/show_bug.cgi?id=2073124

https://bugzilla.redhat.com/show_bug.cgi?id=2073194

https://bugzilla.redhat.com/show_bug.cgi?id=2073307

https://bugzilla.redhat.com/show_bug.cgi?id=2073313

https://bugzilla.redhat.com/show_bug.cgi?id=2073421

https://bugzilla.redhat.com/show_bug.cgi?id=2073468

https://bugzilla.redhat.com/show_bug.cgi?id=2073469

https://bugzilla.redhat.com/show_bug.cgi?id=2073470

https://bugzilla.redhat.com/show_bug.cgi?id=2075434

https://bugzilla.redhat.com/show_bug.cgi?id=2075519

https://bugzilla.redhat.com/show_bug.cgi?id=2075528

https://bugzilla.redhat.com/show_bug.cgi?id=2076372

https://bugzilla.redhat.com/show_bug.cgi?id=2076684

https://bugzilla.redhat.com/show_bug.cgi?id=2076987

https://bugzilla.redhat.com/show_bug.cgi?id=2077850

https://bugzilla.redhat.com/show_bug.cgi?id=2078983

https://bugzilla.redhat.com/show_bug.cgi?id=2079357

https://bugzilla.redhat.com/show_bug.cgi?id=2080909

https://bugzilla.redhat.com/show_bug.cgi?id=2081280

https://bugzilla.redhat.com/show_bug.cgi?id=2081459

https://bugzilla.redhat.com/show_bug.cgi?id=2082076

https://bugzilla.redhat.com/show_bug.cgi?id=2082241

https://bugzilla.redhat.com/show_bug.cgi?id=2082505

https://bugzilla.redhat.com/show_bug.cgi?id=2082560

https://bugzilla.redhat.com/show_bug.cgi?id=2083532

https://bugzilla.redhat.com/show_bug.cgi?id=2084106

https://bugzilla.redhat.com/show_bug.cgi?id=2084624

https://bugzilla.redhat.com/show_bug.cgi?id=2085446

https://bugzilla.redhat.com/show_bug.cgi?id=2085528

https://bugzilla.redhat.com/show_bug.cgi?id=2086101

https://bugzilla.redhat.com/show_bug.cgi?id=2086683

https://bugzilla.redhat.com/show_bug.cgi?id=2086948

https://bugzilla.redhat.com/show_bug.cgi?id=2087727

https://bugzilla.redhat.com/show_bug.cgi?id=2089361

https://bugzilla.redhat.com/show_bug.cgi?id=2089794

https://bugzilla.redhat.com/show_bug.cgi?id=2089796

https://bugzilla.redhat.com/show_bug.cgi?id=2089812

https://bugzilla.redhat.com/show_bug.cgi?id=2089928

https://bugzilla.redhat.com/show_bug.cgi?id=2090740

https://bugzilla.redhat.com/show_bug.cgi?id=2090820

https://bugzilla.redhat.com/show_bug.cgi?id=2093679

https://bugzilla.redhat.com/show_bug.cgi?id=2094255

https://bugzilla.redhat.com/show_bug.cgi?id=2094280

https://bugzilla.redhat.com/show_bug.cgi?id=2094454

https://bugzilla.redhat.com/show_bug.cgi?id=2095598

https://bugzilla.redhat.com/show_bug.cgi?id=2095599

https://bugzilla.redhat.com/show_bug.cgi?id=2096198

https://bugzilla.redhat.com/show_bug.cgi?id=2096921

Plugin Details

Severity: Critical

ID: 184590

File Name: rocky_linux_RLSA-2022-5498.nasl

Version: 1.0

Type: local

Published: 11/6/2023

Updated: 11/6/2023

Supported Sensors: Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2021-3584

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2022-28347

Vulnerability Information

CPE: p-cpe:/a:rocky:linux:libdb-sql-debuginfo, p-cpe:/a:rocky:linux:libdb-debugsource, p-cpe:/a:rocky:linux:libdb-cxx-debuginfo, p-cpe:/a:rocky:linux:libdb-debuginfo, p-cpe:/a:rocky:linux:libdb-cxx, p-cpe:/a:rocky:linux:libdb-utils-debuginfo, p-cpe:/a:rocky:linux:libdb-sql-devel-debuginfo, cpe:/o:rocky:linux:8

Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/5/2022

Vulnerability Publication Date: 2/8/2021

Reference Information

CVE: CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550, CVE-2021-43797, CVE-2021-43818, CVE-2021-44420, CVE-2021-44568, CVE-2021-45115, CVE-2021-45116, CVE-2021-45452, CVE-2022-22818, CVE-2022-23633, CVE-2022-23634, CVE-2022-23833, CVE-2022-23837, CVE-2022-28346, CVE-2022-28347