Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. — CVE-2022-25634

Zusammenfassung

Sicherheitshinweis CVE-2022-25634. Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. Hersteller: Microsoft. Quelle: MSRC. Risiko: high. CVSS 7.5. Details in der offiziellen Quelle.

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

• Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
• Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
• Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
• Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Zur offiziellen Quelle

Mehr dazu

• .A flaw was found in the CAN BCM networking protocol in the Linux kernel where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. CVE-2021-3609
• .NET and Visual Studio Denial of Service Vulnerability CVE-2022-24464
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-4190
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-44531
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2022-21824
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2022-0729
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2022-24407
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2022-23308
• A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. CVE-2021-43666
• A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. CVE-2021-3640
• A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality. CVE-2021-3698
• A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. CVE-2022-0811