var-202204-0432
Vulnerability from variot
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. Subversion of mod_dav_svn Exists in a vulnerability related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Apache Subversion is an open source version control system of the Apache Foundation. The system is compatible with the Concurrent Versions System (CVS). Apache Subversion has a resource management error vulnerability that stems from a use-after-free bug in mod_dav_svn. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: subversion:1.10 security update Advisory ID: RHSA-2022:2237-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2237 Issue date: 2022-05-12 CVE Names: CVE-2022-24070 ==================================================================== 1. Summary:
An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.
Security Fix(es):
- subversion: Subversion's mod_dav_svn is vulnerable to memory corruption (CVE-2022-24070)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.
- Package List:
Red Hat Enterprise Linux AppStream E4S (v. 8.1):
Source: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.src.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.src.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.src.rpm
aarch64: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm
noarch: subversion-javahl-1.10.2-3.module+el8.1.0+15169+c14f14c4.noarch.rpm
ppc64le: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm
s390x: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm
x86_64: libserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm libserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm libserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm mod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm mod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm subversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm utf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm utf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm utf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-24070 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. 9) - aarch64, ppc64le, s390x, x86_64
- ========================================================================== Ubuntu Security Notice USN-5372-1 April 12, 2022
subversion vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in Subversion.
Software Description: - subversion: Advanced version control system
Details:
Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. (CVE-2021-28544)
Thomas Wei\xdfschuh discovered that Subversion servers did not properly handle memory in certain configurations. A remote attacker could potentially use this issue to cause a denial of service or other unspecified impact. (CVE-2022-24070)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: libapache2-mod-svn 1.14.1-3ubuntu0.1 libsvn-java 1.14.1-3ubuntu0.1 libsvn-perl 1.14.1-3ubuntu0.1 libsvn1 1.14.1-3ubuntu0.1 python3-subversion 1.14.1-3ubuntu0.1 ruby-svn 1.14.1-3ubuntu0.1 subversion 1.14.1-3ubuntu0.1 subversion-tools 1.14.1-3ubuntu0.1
Ubuntu 20.04 LTS: libapache2-mod-svn 1.13.0-3ubuntu0.1 libsvn-java 1.13.0-3ubuntu0.1 libsvn-perl 1.13.0-3ubuntu0.1 libsvn1 1.13.0-3ubuntu0.1 python-subversion 1.13.0-3ubuntu0.1 ruby-svn 1.13.0-3ubuntu0.1 subversion 1.13.0-3ubuntu0.1 subversion-tools 1.13.0-3ubuntu0.1
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-07-20-2 macOS Monterey 12.5
macOS Monterey 12.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213345.
APFS Available for: macOS Monterey Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32832: Tommy Muir (@Muirey03)
AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management. CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro
Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32810: Mohamed Ghannam (@_simo36)
Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32840: Mohamed Ghannam (@_simo36)
Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks. CVE-2022-32845: Mohamed Ghannam (@_simo36)
AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: This issue was addressed with improved checks. CVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro
AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security CVE-2022-32852: Ye Zhang (@co0py_Cat) of Baidu Security CVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security
AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security
Audio Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820: an anonymous researcher
Audio Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32825: John Aakerblom (@jaakerblom)
Automation Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved checks. CVE-2022-32789: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Calendar Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: The issue was addressed with improved handling of caches. CVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security
CoreMedia Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)
CoreText Available for: macOS Monterey Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32839: STAR Labs (@starlabs_sg)
File System Events Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2022-32819: Joshua Mason of Mandiant
GPU Drivers Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: Multiple out-of-bounds write issues were addressed with improved bounds checking. CVE-2022-32793: an anonymous researcher
GPU Drivers Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-32821: John Aakerblom (@jaakerblom)
iCloud Photo Library Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2022-32849: Joshua Jones
ICU Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.
ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-32841: hjy79425575 ImageIO Available for: macOS Monterey Impact: Processing an image may lead to a denial-of-service Description: A null pointer dereference was addressed with improved validation. CVE-2022-32785: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2022-32811: ABC Research s.r.o
Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o.
Kernel Available for: macOS Monterey Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32813: Xinru Chi of Pangu Lab CVE-2022-32815: Xinru Chi of Pangu Lab
Kernel Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32817: Xinru Chi of Pangu Lab
Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32829: an anonymous researcher
Liblouis Available for: macOS Monterey Impact: An app may cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)
libxml2 Available for: macOS Monterey Impact: An app may be able to leak sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-32823
Multi-Touch Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved checks. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927)
Multi-Touch Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927)
PackageKit Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: An issue in the handling of environment variables was addressed with improved validation. CVE-2022-32786: Mickey Jin (@patch1t)
PackageKit Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved checks. CVE-2022-32800: Mickey Jin (@patch1t)
PluginKit Available for: macOS Monterey Impact: An app may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro
PS Normalizer Available for: macOS Monterey Impact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32843: Kai Lu of Zscaler's ThreatLabz
SMB Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32796: Sreejith Krishnan R (@skr0x1c0)
SMB Available for: macOS Monterey Impact: An app may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-32842: Sreejith Krishnan R (@skr0x1c0)
SMB Available for: macOS Monterey Impact: An app may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32798: Sreejith Krishnan R (@skr0x1c0)
SMB Available for: macOS Monterey Impact: A user in a privileged network position may be able to leak sensitive information Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32799: Sreejith Krishnan R (@skr0x1c0)
SMB Available for: macOS Monterey Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling. CVE-2022-32818: Sreejith Krishnan R (@skr0x1c0)
Software Update Available for: macOS Monterey Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network. CVE-2022-32857: Jeffrey Paul (sneak.berlin)
Spindump Available for: macOS Monterey Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed with improved file handling. CVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Spotlight Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks. CVE-2022-32801: Joshua Mason (@josh@jhu.edu)
subversion Available for: macOS Monterey Impact: Multiple issues in subversion Description: Multiple issues were addressed by updating subversion. CVE-2021-28544: Evgeny Kotkov, visualsvn.com CVE-2022-24070: Evgeny Kotkov, visualsvn.com CVE-2022-29046: Evgeny Kotkov, visualsvn.com CVE-2022-29048: Evgeny Kotkov, visualsvn.com
TCC Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: An access issue was addressed with improvements to the sandbox. CVE-2022-32834: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
WebKit Available for: macOS Monterey Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 239316 CVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.
WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 240720 CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative
WebRTC Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 242339 CVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team
Wi-Fi Available for: macOS Monterey Impact: An app may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2022-32837: Wang Yu of Cyberserval
Wi-Fi Available for: macOS Monterey Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks. CVE-2022-32847: Wang Yu of Cyberserval
Windows Server Available for: macOS Monterey Impact: An app may be able to capture a user’s screen Description: A logic issue was addressed with improved checks. CVE-2022-32848: Jeremy Legendre of MacEnhance
Additional recognition
802.1X We would like to acknowledge Shin Sun of National Taiwan University for their assistance.
AppleMobileFileIntegrity We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance.
Calendar We would like to acknowledge Joshua Jones for their assistance.
configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance.
DiskArbitration We would like to acknowledge Mike Cush for their assistance.
macOS Monterey 12.5 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYiL4ACgkQeC9qKD1p rhhjpQ//TQX1ihtXRIjFpPOViMy6IxuLE1CsKFxq5MweXelbPB/UdeUl/zL5G54b /Lx2XYKoWj6u27FCO0BHxBqtYbAd6sfx70VLCk5W6gyk/yCi0n3zh7BvRvWB/Ugh 6NuHB39a1kbbjLLoQPbW0L6egdrCfqP/+ZujqjKl7xI58nda9jMHJC1ns87KQoDn Er5SAGf7M2ErGNzOFqvXjpJYvGsrKJyfqNxp99H/sPlzu7URX9Gq3f3n1o55IUUa mcxlBPDfUmDQPjdSqw/BprQkDOvp0fzmTy+phB0fkgmvVJ8EmEJAoilL4SyH4uW9 V1GD9rtjUKh7G/gSFAo7y0HBDQoM+E9hA+4PPlH2o1nUOAl6BRWUka6jf4yaqrpr pfo1K2hPQj1g4MMZFCDWkJ+7V1+1GTQ9WlagL5gB3QaKefiSG4cTnL06Y8zn38TD TY3JrdqUI7Pzugu+FuHs7P168yNIGXTscb1ptrVlaVBaVuyICmEcKX4HS+I5o30q WqCOaRoaa6WRqBwNEy7zVAExjSPt7t8ZWt85avWSt+rLxNGiVkPrpHu4fE+V2IAV fz1VA4S/w69h9uJHXdcG+QfvNxX+zj/vljF6DK3dyQ957Mqfyr2y9ojSbdf6vo4n DJFXNxbEk35loy/kDDidC1C1sFKY+JeQF7ZBi0/QOyuSdSdJrSg= =ibIr -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "subversion",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.10.0"
},
{
"model": "subversion",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.10.8"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "subversion",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.14.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "subversion",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.14.0"
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "subversion",
"scope": null,
"trust": 0.8,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "167455"
},
{
"db": "PACKETSTORM",
"id": "167158"
},
{
"db": "PACKETSTORM",
"id": "167165"
},
{
"db": "PACKETSTORM",
"id": "167374"
},
{
"db": "PACKETSTORM",
"id": "167244"
}
],
"trust": 0.5
},
"cve": "CVE-2022-24070",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-24070",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-413621",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-24070",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-24070",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-24070",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-24070",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2957",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-413621",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-24070",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Subversion\u0027s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. Subversion of mod_dav_svn Exists in a vulnerability related to the use of freed memory.Service operation interruption (DoS) It may be in a state. Apache Subversion is an open source version control system of the Apache Foundation. The system is compatible with the Concurrent Versions System (CVS). Apache Subversion has a resource management error vulnerability that stems from a use-after-free bug in mod_dav_svn. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: subversion:1.10 security update\nAdvisory ID: RHSA-2022:2237-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:2237\nIssue date: 2022-05-12\nCVE Names: CVE-2022-24070\n====================================================================\n1. Summary:\n\nAn update for the subversion:1.10 module is now available for Red Hat\nEnterprise Linux 8.1 Update Services for SAP Solutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nSubversion (SVN) is a concurrent version control system which enables one\nor more users to collaborate in developing and maintaining a hierarchy of\nfiles and directories while keeping a history of all changes. \n\nSecurity Fix(es):\n\n* subversion: Subversion\u0027s mod_dav_svn is vulnerable to memory corruption\n(CVE-2022-24070)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, for the update to take effect, you\nmust restart the httpd daemon, if you are using mod_dav_svn, and the\nsvnserve daemon, if you are serving Subversion repositories via the svn://\nprotocol. \n\n5. Package List:\n\nRed Hat Enterprise Linux AppStream E4S (v. 8.1):\n\nSource:\nlibserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.src.rpm\nsubversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.src.rpm\nutf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.src.rpm\n\naarch64:\nlibserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\nlibserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\nlibserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\nmod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nmod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nsubversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.aarch64.rpm\nutf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\nutf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\nutf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.aarch64.rpm\n\nnoarch:\nsubversion-javahl-1.10.2-3.module+el8.1.0+15169+c14f14c4.noarch.rpm\n\nppc64le:\nlibserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\nlibserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\nlibserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\nmod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nmod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nsubversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.ppc64le.rpm\nutf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\nutf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\nutf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.ppc64le.rpm\n\ns390x:\nlibserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm\nlibserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm\nlibserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.s390x.rpm\nmod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nmod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nsubversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.s390x.rpm\nutf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm\nutf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm\nutf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.s390x.rpm\n\nx86_64:\nlibserf-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\nlibserf-debuginfo-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\nlibserf-debugsource-1.3.9-9.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\nmod_dav_svn-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nmod_dav_svn-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-debugsource-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-devel-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-devel-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-gnome-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-gnome-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-libs-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-libs-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-perl-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-perl-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-tools-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nsubversion-tools-debuginfo-1.10.2-3.module+el8.1.0+15169+c14f14c4.x86_64.rpm\nutf8proc-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\nutf8proc-debuginfo-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\nutf8proc-debugsource-2.1.1-5.module+el8.1.0+9889+0a9c19c4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-24070\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. 9) - aarch64, ppc64le, s390x, x86_64\n\n3. ==========================================================================\nUbuntu Security Notice USN-5372-1\nApril 12, 2022\n\nsubversion vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Subversion. \n\nSoftware Description:\n- subversion: Advanced version control system\n\nDetails:\n\nEvgeny Kotkov discovered that Subversion servers did not properly follow\npath-based authorization rules in certain cases. An attacker could\npotentially use this issue to retrieve information about private paths. \n(CVE-2021-28544)\n\nThomas Wei\\xdfschuh discovered that Subversion servers did not properly handle\nmemory in certain configurations. A remote attacker could potentially use\nthis issue to cause a denial of service or other unspecified impact. \n(CVE-2022-24070)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n libapache2-mod-svn 1.14.1-3ubuntu0.1\n libsvn-java 1.14.1-3ubuntu0.1\n libsvn-perl 1.14.1-3ubuntu0.1\n libsvn1 1.14.1-3ubuntu0.1\n python3-subversion 1.14.1-3ubuntu0.1\n ruby-svn 1.14.1-3ubuntu0.1\n subversion 1.14.1-3ubuntu0.1\n subversion-tools 1.14.1-3ubuntu0.1\n\nUbuntu 20.04 LTS:\n libapache2-mod-svn 1.13.0-3ubuntu0.1\n libsvn-java 1.13.0-3ubuntu0.1\n libsvn-perl 1.13.0-3ubuntu0.1\n libsvn1 1.13.0-3ubuntu0.1\n python-subversion 1.13.0-3ubuntu0.1\n ruby-svn 1.13.0-3ubuntu0.1\n subversion 1.13.0-3ubuntu0.1\n subversion-tools 1.13.0-3ubuntu0.1\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-07-20-2 macOS Monterey 12.5\n\nmacOS Monterey 12.5 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213345. \n\nAPFS\nAvailable for: macOS Monterey\nImpact: An app with root privileges may be able to execute arbitrary\ncode with kernel privileges\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32832: Tommy Muir (@Muirey03)\n\nAppleMobileFileIntegrity\nAvailable for: macOS Monterey\nImpact: An app may be able to gain root privileges\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\nApple Neural Engine\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32810: Mohamed Ghannam (@_simo36)\n\nApple Neural Engine\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: This issue was addressed with improved checks. \nCVE-2022-32840: Mohamed Ghannam (@_simo36)\n\nApple Neural Engine\nAvailable for: macOS Monterey\nImpact: An app may be able to break out of its sandbox\nDescription: This issue was addressed with improved checks. \nCVE-2022-32845: Mohamed Ghannam (@_simo36)\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected termination or disclosure of process memory\nDescription: This issue was addressed with improved checks. \nCVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu\nSecurity, Mickey Jin (@patch1t) of Trend Micro\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected termination or disclosure of process memory\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security\nCVE-2022-32852: Ye Zhang (@co0py_Cat) of Baidu Security\nCVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected termination or disclosure of process memory\nDescription: An out-of-bounds read issue was addressed with improved\nbounds checking. \nCVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security\n\nAudio\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-32820: an anonymous researcher\n\nAudio\nAvailable for: macOS Monterey\nImpact: An app may be able to disclose kernel memory\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\nAutomation\nAvailable for: macOS Monterey\nImpact: An app may be able to bypass Privacy preferences\nDescription: A logic issue was addressed with improved checks. \nCVE-2022-32789: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\nCalendar\nAvailable for: macOS Monterey\nImpact: An app may be able to access sensitive user information\nDescription: The issue was addressed with improved handling of\ncaches. \nCVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security\n\nCoreMedia\nAvailable for: macOS Monterey\nImpact: An app may be able to disclose kernel memory\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom\n(@jaakerblom)\n\nCoreText\nAvailable for: macOS Monterey\nImpact: A remote user may cause an unexpected app termination or\narbitrary code execution\nDescription: The issue was addressed with improved bounds checks. \nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\nFile System Events\nAvailable for: macOS Monterey\nImpact: An app may be able to gain root privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-32819: Joshua Mason of Mandiant\n\nGPU Drivers\nAvailable for: macOS Monterey\nImpact: An app may be able to disclose kernel memory\nDescription: Multiple out-of-bounds write issues were addressed with\nimproved bounds checking. \nCVE-2022-32793: an anonymous researcher\n\nGPU Drivers\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-32821: John Aakerblom (@jaakerblom)\n\niCloud Photo Library\nAvailable for: macOS Monterey\nImpact: An app may be able to access sensitive user information\nDescription: An information disclosure issue was addressed by\nremoving the vulnerable code. \nCVE-2022-32849: Joshua Jones\n\nICU\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs\n\u0026 DNSLab, Korea Univ. \n\nImageIO\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted image may result in\ndisclosure of process memory\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32841: hjy79425575\nImageIO\nAvailable for: macOS Monterey\nImpact: Processing an image may lead to a denial-of-service\nDescription: A null pointer dereference was addressed with improved\nvalidation. \nCVE-2022-32785: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\nIntel Graphics Driver\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2022-32811: ABC Research s.r.o\n\nIntel Graphics Driver\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o. \n\nKernel\nAvailable for: macOS Monterey\nImpact: An app with root privileges may be able to execute arbitrary\ncode with kernel privileges\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32813: Xinru Chi of Pangu Lab\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\nKernel\nAvailable for: macOS Monterey\nImpact: An app may be able to disclose kernel memory\nDescription: An out-of-bounds read issue was addressed with improved\nbounds checking. \nCVE-2022-32817: Xinru Chi of Pangu Lab\n\nKernel\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: This issue was addressed with improved checks. \nCVE-2022-32829: an anonymous researcher\n\nLiblouis\nAvailable for: macOS Monterey\nImpact: An app may cause unexpected app termination or arbitrary code\nexecution\nDescription: This issue was addressed with improved checks. \nCVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China\n(nipc.org.cn)\n\nlibxml2\nAvailable for: macOS Monterey\nImpact: An app may be able to leak sensitive user information\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2022-32823\n\nMulti-Touch\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: A type confusion issue was addressed with improved\nchecks. \nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\nMulti-Touch\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: A type confusion issue was addressed with improved state\nhandling. \nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\nPackageKit\nAvailable for: macOS Monterey\nImpact: An app may be able to modify protected parts of the file\nsystem\nDescription: An issue in the handling of environment variables was\naddressed with improved validation. \nCVE-2022-32786: Mickey Jin (@patch1t)\n\nPackageKit\nAvailable for: macOS Monterey\nImpact: An app may be able to modify protected parts of the file\nsystem\nDescription: This issue was addressed with improved checks. \nCVE-2022-32800: Mickey Jin (@patch1t)\n\nPluginKit\nAvailable for: macOS Monterey\nImpact: An app may be able to read arbitrary files\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro\n\nPS Normalizer\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted Postscript file may result\nin unexpected app termination or disclosure of process memory\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-32843: Kai Lu of Zscaler\u0027s ThreatLabz\n\nSMB\nAvailable for: macOS Monterey\nImpact: An app may be able to execute arbitrary code with kernel\nprivileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-32796: Sreejith Krishnan R (@skr0x1c0)\n\nSMB\nAvailable for: macOS Monterey\nImpact: An app may be able to gain elevated privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-32842: Sreejith Krishnan R (@skr0x1c0)\n\nSMB\nAvailable for: macOS Monterey\nImpact: An app may be able to gain elevated privileges\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-32798: Sreejith Krishnan R (@skr0x1c0)\n\nSMB\nAvailable for: macOS Monterey\nImpact: A user in a privileged network position may be able to leak\nsensitive information\nDescription: An out-of-bounds read issue was addressed with improved\nbounds checking. \nCVE-2022-32799: Sreejith Krishnan R (@skr0x1c0)\n\nSMB\nAvailable for: macOS Monterey\nImpact: An app may be able to leak sensitive kernel state\nDescription: The issue was addressed with improved memory handling. \nCVE-2022-32818: Sreejith Krishnan R (@skr0x1c0)\n\nSoftware Update\nAvailable for: macOS Monterey\nImpact: A user in a privileged network position can track a user\u2019s\nactivity\nDescription: This issue was addressed by using HTTPS when sending\ninformation over the network. \nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\nSpindump\nAvailable for: macOS Monterey\nImpact: An app may be able to overwrite arbitrary files\nDescription: This issue was addressed with improved file handling. \nCVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\nSpotlight\nAvailable for: macOS Monterey\nImpact: An app may be able to gain root privileges\nDescription: This issue was addressed with improved checks. \nCVE-2022-32801: Joshua Mason (@josh@jhu.edu)\n\nsubversion\nAvailable for: macOS Monterey\nImpact: Multiple issues in subversion\nDescription: Multiple issues were addressed by updating subversion. \nCVE-2021-28544: Evgeny Kotkov, visualsvn.com\nCVE-2022-24070: Evgeny Kotkov, visualsvn.com\nCVE-2022-29046: Evgeny Kotkov, visualsvn.com\nCVE-2022-29048: Evgeny Kotkov, visualsvn.com\n\nTCC\nAvailable for: macOS Monterey\nImpact: An app may be able to access sensitive user information\nDescription: An access issue was addressed with improvements to the\nsandbox. \nCVE-2022-32834: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nWebKit\nAvailable for: macOS Monterey\nImpact: Visiting a website that frames malicious content may lead to\nUI spoofing\nDescription: The issue was addressed with improved UI handling. \nWebKit Bugzilla: 239316\nCVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs\n\u0026 DNSLab, Korea Univ. \n\nWebKit\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nWebKit Bugzilla: 240720\nCVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero\nDay Initiative\n\nWebRTC\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution. \nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 242339\nCVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team\n\nWi-Fi\nAvailable for: macOS Monterey\nImpact: An app may be able to cause unexpected system termination or\nwrite kernel memory\nDescription: This issue was addressed with improved checks. \nCVE-2022-32837: Wang Yu of Cyberserval\n\nWi-Fi\nAvailable for: macOS Monterey\nImpact: A remote user may be able to cause unexpected system\ntermination or corrupt kernel memory\nDescription: This issue was addressed with improved checks. \nCVE-2022-32847: Wang Yu of Cyberserval\n\nWindows Server\nAvailable for: macOS Monterey\nImpact: An app may be able to capture a user\u2019s screen\nDescription: A logic issue was addressed with improved checks. \nCVE-2022-32848: Jeremy Legendre of MacEnhance\n\nAdditional recognition\n\n802.1X\nWe would like to acknowledge Shin Sun of National Taiwan University\nfor their assistance. \n\nAppleMobileFileIntegrity\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a\n(@_r3ggi) of SecuRing for their assistance. \n\nCalendar\nWe would like to acknowledge Joshua Jones for their assistance. \n\nconfigd\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a\n(@_r3ggi) of SecuRing for their assistance. \n\nDiskArbitration\nWe would like to acknowledge Mike Cush for their assistance. \n\nmacOS Monterey 12.5 may be obtained from the Mac App Store or Apple\u0027s\nSoftware Downloads web site: https://support.apple.com/downloads/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYiL4ACgkQeC9qKD1p\nrhhjpQ//TQX1ihtXRIjFpPOViMy6IxuLE1CsKFxq5MweXelbPB/UdeUl/zL5G54b\n/Lx2XYKoWj6u27FCO0BHxBqtYbAd6sfx70VLCk5W6gyk/yCi0n3zh7BvRvWB/Ugh\n6NuHB39a1kbbjLLoQPbW0L6egdrCfqP/+ZujqjKl7xI58nda9jMHJC1ns87KQoDn\nEr5SAGf7M2ErGNzOFqvXjpJYvGsrKJyfqNxp99H/sPlzu7URX9Gq3f3n1o55IUUa\nmcxlBPDfUmDQPjdSqw/BprQkDOvp0fzmTy+phB0fkgmvVJ8EmEJAoilL4SyH4uW9\nV1GD9rtjUKh7G/gSFAo7y0HBDQoM+E9hA+4PPlH2o1nUOAl6BRWUka6jf4yaqrpr\npfo1K2hPQj1g4MMZFCDWkJ+7V1+1GTQ9WlagL5gB3QaKefiSG4cTnL06Y8zn38TD\nTY3JrdqUI7Pzugu+FuHs7P168yNIGXTscb1ptrVlaVBaVuyICmEcKX4HS+I5o30q\nWqCOaRoaa6WRqBwNEy7zVAExjSPt7t8ZWt85avWSt+rLxNGiVkPrpHu4fE+V2IAV\nfz1VA4S/w69h9uJHXdcG+QfvNxX+zj/vljF6DK3dyQ957Mqfyr2y9ojSbdf6vo4n\nDJFXNxbEk35loy/kDDidC1C1sFKY+JeQF7ZBi0/QOyuSdSdJrSg=\n=ibIr\n-----END PGP SIGNATURE-----\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "PACKETSTORM",
"id": "167455"
},
{
"db": "PACKETSTORM",
"id": "167158"
},
{
"db": "PACKETSTORM",
"id": "167165"
},
{
"db": "PACKETSTORM",
"id": "167374"
},
{
"db": "PACKETSTORM",
"id": "166704"
},
{
"db": "PACKETSTORM",
"id": "167787"
},
{
"db": "PACKETSTORM",
"id": "167244"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-24070",
"trust": 4.1
},
{
"db": "PACKETSTORM",
"id": "167374",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167165",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167244",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167455",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167787",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167280",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167159",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166704",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022041263",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051234",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051741",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022052711",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060923",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072101",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022041402",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022052804",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1641",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2525",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2639",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3559",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1596",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2345",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2848",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2377",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "167158",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167126",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2022-38524",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-413621",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-24070",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "PACKETSTORM",
"id": "167455"
},
{
"db": "PACKETSTORM",
"id": "167158"
},
{
"db": "PACKETSTORM",
"id": "167165"
},
{
"db": "PACKETSTORM",
"id": "167374"
},
{
"db": "PACKETSTORM",
"id": "166704"
},
{
"db": "PACKETSTORM",
"id": "167787"
},
{
"db": "PACKETSTORM",
"id": "167244"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"id": "VAR-202204-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-413621"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T21:28:17.148000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT213345",
"trust": 0.8,
"url": "https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife"
},
{
"title": "Apache Subversion Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=190233"
},
{
"title": "Ubuntu Security Notice: USN-5372-1: Subversion vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5372-1"
},
{
"title": "Ubuntu Security Notice: USN-5450-1: Subversion vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5450-1"
},
{
"title": "Red Hat: Important: subversion:1.14 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224722 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion:1.10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222236 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion:1.10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222234 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion:1.14 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224941 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224591 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion:1.10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222237 - Security Advisory"
},
{
"title": "Red Hat: Important: subversion:1.10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222222 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-5119-1 subversion -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=92807168ef39b4ee91e68837b0467938"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-24070"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-076"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-149",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-149"
},
{
"title": "Apple: macOS Monterey 12.5",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=c765c13fa342a7957a4e91e6dc3d34f4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5119"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213345"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/jul/18"
},
{
"trust": 1.8,
"url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=65861"
},
{
"trust": 1.8,
"url": "https://cwiki.apache.org/confluence/display/httpd/modulelife"
},
{
"trust": 1.8,
"url": "https://issues.apache.org/jira/browse/svn-4880"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24070"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yjpmcwcgwbn3qwcdvilwqwpc75rr67lt/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/pz4arnglmgybkydx2b7drbnmf6eh3a6r/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24070"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yjpmcwcgwbn3qwcdvilwqwpc75rr67lt/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/pz4arnglmgybkydx2b7drbnmf6eh3a6r/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2525"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3559"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-24070/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022052804"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1596"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2848"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167165/red-hat-security-advisory-2022-2236-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060923"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht213345"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167244/red-hat-security-advisory-2022-4722-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167374/red-hat-security-advisory-2022-4591-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167280/ubuntu-security-notice-usn-5450-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167455/red-hat-security-advisory-2022-4941-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2377"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051741"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022052711"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apache-subversion-memory-corruption-via-mod-dav-svn-38023"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1641"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167787/apple-security-advisory-2022-07-20-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022041263"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2639"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072101"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167159/red-hat-security-advisory-2022-2234-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022041402"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166704/ubuntu-security-notice-usn-5372-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051234"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2345"
},
{
"trust": 0.5,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5372-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28544"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4941"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2237"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2236"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4591"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/subversion/1.14.1-3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/subversion/1.13.0-3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2294"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213345."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32786"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29046"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29048"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32785"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32787"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4722"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "PACKETSTORM",
"id": "167455"
},
{
"db": "PACKETSTORM",
"id": "167158"
},
{
"db": "PACKETSTORM",
"id": "167165"
},
{
"db": "PACKETSTORM",
"id": "167374"
},
{
"db": "PACKETSTORM",
"id": "166704"
},
{
"db": "PACKETSTORM",
"id": "167787"
},
{
"db": "PACKETSTORM",
"id": "167244"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-413621"
},
{
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"db": "PACKETSTORM",
"id": "167455"
},
{
"db": "PACKETSTORM",
"id": "167158"
},
{
"db": "PACKETSTORM",
"id": "167165"
},
{
"db": "PACKETSTORM",
"id": "167374"
},
{
"db": "PACKETSTORM",
"id": "166704"
},
{
"db": "PACKETSTORM",
"id": "167787"
},
{
"db": "PACKETSTORM",
"id": "167244"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULHUB",
"id": "VHN-413621"
},
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"date": "2023-08-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"date": "2022-06-09T16:10:49",
"db": "PACKETSTORM",
"id": "167455"
},
{
"date": "2022-05-12T16:35:35",
"db": "PACKETSTORM",
"id": "167158"
},
{
"date": "2022-05-13T16:05:30",
"db": "PACKETSTORM",
"id": "167165"
},
{
"date": "2022-06-03T15:34:36",
"db": "PACKETSTORM",
"id": "167374"
},
{
"date": "2022-04-13T15:00:52",
"db": "PACKETSTORM",
"id": "166704"
},
{
"date": "2022-07-22T16:22:49",
"db": "PACKETSTORM",
"id": "167787"
},
{
"date": "2022-05-24T17:34:17",
"db": "PACKETSTORM",
"id": "167244"
},
{
"date": "2022-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"date": "2022-04-12T18:15:09.137000",
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-413621"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-24070"
},
{
"date": "2023-08-07T01:41:00",
"db": "JVNDB",
"id": "JVNDB-2022-009515"
},
{
"date": "2022-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2957"
},
{
"date": "2024-11-21T06:49:45.943000",
"db": "NVD",
"id": "CVE-2022-24070"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "166704"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Subversion\u00a0 of \u00a0mod_dav_svn\u00a0 Vulnerability in using free memory in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-009515"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2957"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.