2021-45 - Apple, Adobe, Canonical, Red Hat, Cisco, Microsoft, GitHub Published on November 15, 2021

Advisory Week

Week 45, 2021

Apple Security Advisory

iCloud for Windows 13 Security Content

Adobe Security Bulletins and Advisories

Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-111 Security Update Available for Adobe InCopy | APSB21-05 APSB21-110 Adobe Security Bulletin APSB21-87

Ubuntu Security Notices

USN-5146-1: Thunderbird vulnerabilities USN-5145-1: PostgreSQL vulnerabilities USN-5144-1: OpenEXR vulnerability USN-5142-1: Samba vulnerabilities USN-5141-1: Firejail vulnerability LSN-0082-1: Kernel Live Patch Security Notice USN-5137-2: Linux kernel vulnerabilities USN-5139-1: Linux kernel (OEM 5.10) vulnerabilities USN-5140-1: Linux kernel (OEM 5.14) vulnerabilities USN-5138-1: python-py vulnerability USN-5137-1: Linux kernel vulnerabilities USN-5136-1: Linux kernel vulnerabilities USN-5130-1: Linux kernel vulnerabilities USN-5134-1: Docker vulnerability USN-5135-1: Linux kernel vulnerability

Red Hat Security Advisory

(RHSA-2021:4532) Important: OpenJDK 17.0.1 security update for Portable Linux Builds (RHSA-2021:4531) Important: OpenJDK 17.0.1 security update for Windows Builds (RHSA-2021:4623) Important: freerdp security update (RHSA-2021:4621) Important: freerdp security update (RHSA-2021:4622) Important: freerdp security update (RHSA-2021:4620) Important: freerdp security update (RHSA-2021:4619) Important: freerdp security update (RHSA-2021:4118) Moderate: OpenShift Container Platform 4.9.6 packages and security update (RHSA-2021:4618) Important: Red Hat Advanced Cluster Management 2.4 images and security updates (RHSA-2021:4614) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update (RHSA-2021:4613) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update (RHSA-2021:3959) Moderate: Red Hat build of Eclipse Vert.x 4.1.5 security update (RHSA-2021:4590) Moderate: rust-toolset:rhel8 security update (RHSA-2021:4598) Moderate: annobin security update (RHSA-2021:4596) Moderate: binutils security update (RHSA-2021:4602) Moderate: binutils security update (RHSA-2021:4607) Important: firefox security update (RHSA-2021:4601) Moderate: binutils security update (RHSA-2021:4600) Moderate: annobin security update (RHSA-2021:4595) Moderate: binutils security update (RHSA-2021:4599) Moderate: annobin security update (RHSA-2021:4597) Important: kpatch-patch security update (RHSA-2021:4594) Moderate: gcc-toolset-11-binutils security update (RHSA-2021:4593) Moderate: annobin security update (RHSA-2021:4587) Moderate: gcc security update (RHSA-2021:4592) Moderate: gcc-toolset-10-annobin security update (RHSA-2021:4589) Moderate: gcc-toolset-10-annobin security update (RHSA-2021:4588) Moderate: gcc-toolset-10-binutils security update (RHSA-2021:4586) Moderate: gcc-toolset-11-gcc security update (RHSA-2021:4585) Moderate: gcc-toolset-10-gcc security update (RHSA-2021:4386) Low: gcc security and bug fix update (RHSA-2021:4358) Moderate: glibc security, bug fix, and enhancement update (RHSA-2021:4519) Moderate: autotrace security update (RHSA-2021:4517) Moderate: vim security update (RHSA-2021:4139) Moderate: resource-agents security, bug fix, and enhancement update (RHSA-2021:4140) Moderate: kernel-rt security and bug fix update

Cisco Security Advisory

Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability

Microsoft Security

Azure RTOS Information Disclosure Vulnerability Azure RTOS Information Disclosure Vulnerability Microsoft Exchange Server Remote Code Execution Vulnerability Microsoft Exchange Server Spoofing Vulnerability Microsoft Defender Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability Microsoft Excel Security Feature Bypass Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability Windows Hello Security Feature Bypass Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Windows Hyper-V Denial of Service Vulnerability NTFS Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Azure Sphere Information Disclosure Vulnerability Azure Sphere Information Disclosure Vulnerability Azure Sphere Information Disclosure Vulnerability FSLogix Information Disclosure Vulnerability NTFS Elevation of Privilege Vulnerability Windows Denial of Service Vulnerability Microsoft Edge (Chrome based) Spoofing on IE Mode Microsoft Excel Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Protocol Client Information Disclosure Vulnerability 3D Viewer Remote Code Execution Vulnerability 3D Viewer Remote Code Execution Vulnerability Visual Studio Code Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Azure RTOS Elevation of Privilege Vulnerability Azure RTOS Elevation of Privilege Vulnerability Azure RTOS Elevation of Privilege Vulnerability Azure RTOS Information Disclosure Vulnerability Azure Sphere Tampering Vulnerability Windows Feedback Hub Elevation of Privilege Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability Microsoft Windows Media Foundation Remote Code Execution Vulnerability Microsoft COM for Windows Remote Code Execution Vulnerability Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Windows Installer Elevation of Privilege Vulnerability Windows NTFS Remote Code Execution Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Power BI Report Server Spoofing Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Microsoft Access Remote Code Execution Vulnerability NTFS Elevation of Privilege Vulnerability Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow Microsoft Exchange Server Spoofing Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Desktop Bridge Elevation of Privilege Vulnerability

Github Security Advisories

[GHSA-g9wh-3vrx-r7hg] OctoRPKI crashes when processing GZIP bomb returned via malicious repository [GHSA-g5gj-9ggf-9vmq] Infinite certificate chain depth results in OctoRPKI running forever [GHSA-8cvr-4rrf-f244] Infinite open connection causes OctoRPKI to hang forever [GHSA-5mxh-2qfv-4g7j] NUL character in ROA causes OctoRPKI to crash [GHSA-cqh2-vc2f-q4fh] Arbitrary filepath traversal via URI injection [GHSA-w6ww-fmfx-2x22] Misconfigured IP address field in ROA leads to OctoRPKI crash [GHSA-57wx-m983-2f88] Incomplete validation in boosted trees code [GHSA-cq76-mxrc-vchh] Crash in `tf.math.segment_*` operations [GHSA-m539-j985-hcr8] Crash in `max_pool3d` when size argument is 0 or negative [GHSA-prcg-wp5q-rv7p] Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes [GHSA-2p25-55c9-h58q] Overflow/crash in `tf.tile` when tiling tensor is large [GHSA-5hx2-qx8j-qjqm] Overflow/crash in `tf.image.resize` when size is large [GHSA-gh8h-7j2j-qv4f] Incomplete validation in `tf.summary.create_file_writer` [GHSA-j86v-p27c-73fm] Unitialized access in `EinsumHelper::ParseEquation` [GHSA-xrqm-fpgr-6hhx] Overflow/crash in `tf.range` [GHSA-7pxj-m4jf-r6h2] Missing validation during checkpoint loading [GHSA-786j-5qwq-r36x] Segfault while copying constant resource tensor [GHSA-49rx-x2rw-pc6f] Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops [GHSA-pgcq-h79j-2f69] Incomplete validation of shapes in multiple TF ops [GHSA-7v94-64hj-m82h] FPE in `ParallelConcat` [GHSA-6hpv-v2rx-c5g6] FPE in convolutions with zero size filters [GHSA-m342-ff57-4jcc] Heap OOB read in `tf.raw_ops.SparseCountSparseOutput` [GHSA-cvgx-3v3q-m36c] Heap OOB in shape inference for `QuantizeV2` [GHSA-fr77-rrx3-cp7g] Heap OOB read in `tf.ragged.cross` [GHSA-h67m-xg8f-fxcf] Deadlock in mutually recursive `tf.function` objects [GHSA-vwhq-49r4-gj9v] Reference binding to `nullptr` in `tf.ragged.cross` [GHSA-x3v8-c8qx-3j3r] Null pointer exception in `DeserializeSparse` [GHSA-3ff2-r28g-w7h9] Heap buffer overflow in `Transpose` [GHSA-5crj-c72x-m7gq] Null pointer exception when `Exit` node is not preceded by `Enter` op [GHSA-9crf-c6qr-r273] Integer division by 0 in `tf.raw_ops.AllToAll` [GHSA-4f99-p9c2-3j8x] Undefined behavior via `nullptr` reference binding in sparse matrix multiplication [GHSA-gpfh-jvf9-7wg5] Use after free / memory leak in `CollectiveReduceV2` [GHSA-cqv6-3phm-hcwx] Access to invalid memory during shape inference in `Cudnn*` ops [GHSA-cpf4-wx82-gxp6] Segfault due to negative splits in `SplitV` [GHSA-f54p-f6jp-4rhr] Heap OOB in `FusedBatchNorm` kernels [GHSA-rg3m-hqc5-344v] `SparseFillEmptyRows` heap OOB [GHSA-7r94-xv9v-63jw] A use of uninitialized value vulnerability in Tensorflow [GHSA-374m-jm66-3vj8] Heap OOB in `SparseBinCount` [GHSA-j8c8-67vp-6mx7] Arbitrary memory read in `ImmutableConst` [GHSA-wx8q-rgfr-cf6v] Insufficient Granularity of Access Control in github.com/google/exposure-notifications-verification-server [GHSA-3rcw-9p9x-582v] Code injection in `saved_model_cli` [GHSA-j6wp-3859-vxfg] OIDC claims not updated from Identity Provider in Pomerium [GHSA-gp2f-254m-rh32] Unauthorized access to data in @sap-cloud-sdk/core [GHSA-jcjx-c3j3-44pr] Insufficient Session Expiration in @cyyynthia/tokenize [GHSA-3v56-q6r6-4gcw] Insecure Inherited Permissions in neoan3-apps/template [GHSA-35m5-8cvj-8783] Improper hashing in enrocrypt [GHSA-26cm-qrc6-mfgj] Improper Neutralization of Special Elements used in an LDAP Query in stevenweathers/thunderdome-planning-poker [GHSA-3j9m-hcv9-rpj8] XSS vulnerability allowing arbitrary JavaScript execution [GHSA-p6rw-44q7-3fw4] Stored XSS in Jupyter nbdime [GHSA-qm7x-rc44-rrqw] Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server) [GHSA-x4r7-m2q9-69c8] GraphiQL introspection schema template injection attack [GHSA-cw7p-q79f-m2v7] incomplete JupyterHub logout with simultaneous JupyterLab sessions [GHSA-862g-9h5m-m3qv] coreos-installer < 0.10.0 writes world-readable Ignition config to installed system