CVE-2022-1662 - Convert2RHEL Playbook Exposes Red Hat Subscription Passwords in Process List
Convert2RHEL is a tool developed by Red Hat to make it easier for organizations to convert existing Linux systems (such as CentOS or Oracle Linux)
CVE-2022-33915 The Amazon AWS Log4j hotpatch package is affected by a race condition that could lead to a local privilege escalation.
In most cases, the hotpatch will run successfully. However, if the process exec()s a SUID binary and the process has not been observed, the
CVE-2022-32158 Deployment servers in versions 8.1.10.1, 8.2.6.1, and 9.0 allow clients to deploy forwarder bundles to each other.
This vulnerability was fixed in version 8.1.10.1, 8.2.6.1, and 9.0.
CVE-2022-32159
This vulnerability was fixed in version 8.
CVE-2022-21499 - KGDB/KDB Lockdown Vulnerability — How Serial Ports Can Open Your Kernel
In June 2022, a subtle but serious flaw was found in Linux’s kernel debugging tools, KGDB and KDB. At first glance, it may seem
CVE-2022-1434 The OpenSSL 3.0 RC4-MD5 ciphersuite uses AAD as the MAC key, which is trivially predictable.
used. Due to the non-deterministic nature of IBM's implementation of the RC4-MD5 cipher, an attacker could potentially exploit this issue to generate traffic
Episode
00:00:00
00:00:00