top of page
Search
casseyjufkal
Aug 16, 202311 min read

Patchday: Updates for Windows 7 8.1 Server July 10, 2018 - A Comprehensive Guide



Updated 01/29/2018: Microsoft released KB4078130, that specifically disables Spectre variant 2 mitigations. Intel says this should resolve random reboots and blue screens on Intel-based Broadwell and Haswell processors. The patch will not be delivered via automatic windows update and must be installed manually. Download here




Patchday: Updates for Windows 7 8.1 Server July 10, 2018



Carefully read -note-windows-update-kb4056892/ and -gb/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution before attempting to install these patches on Windows Server 2016, 2012, or 2008 R2. Microsoft also provides a PowerShell module `Install-Module SpeculationControl` that automates some of the steps involved.


Affected Versions:Cisco Evolved Programmable Network Manager v1.2.0.0QID Detection Logic (Unauthenticated):The QID checks for the File Version of nbutil.exe ConsequenceThe vulnerability allows remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request. SolutionThe vendor has issued a fix for these vulnerabilities. Please refer to the vendor advisory CVE-2016-1291 which addresses this issue.Patches CVE-2016-1291CVE-2023-23601+QID: 940916AlmaLinux Security Update for thunderbird (ALSA-2023:0476)SeverityCritical4In DevelopmentQualys ID940916Vendor ReferenceALSA-2023:0476CVE ReferenceCVE-2023-23601, CVE-2022-46877, CVE-2023-23598, CVE-2023-23605, CVE-2023-23602, CVE-2023-23599, CVE-2022-46871, CVE-2023-23603CVSS ScoresBase 8.8 / Temporal 7.7DescriptionAlmaLinux has released a security update for thunderbird to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect confidentiality, integrity, and availability.SolutionRefer to AlmaLinux security advisory ALSA-2023:0476 for updates and patch information.Patches AlmaLinux ALSA-2023:0476CVE-2022-4283+QID: 672610EulerOS Security Update for xorg-x11-server (EulerOS-SA-2023-1344)SeverityCritical4In DevelopmentQualys ID672610Vendor ReferenceEulerOS-SA-2023-1344CVE ReferenceCVE-2022-4283, CVE-2022-3550, CVE-2022-3551, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343, CVE-2022-46344, CVE-2022-46340CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for xorg-x11-server to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1344 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1344CVE-2022-46340+QID: 672598EulerOS Security Update for tigervnc (EulerOS-SA-2023-1340)SeverityCritical4In DevelopmentQualys ID672598Vendor ReferenceEulerOS-SA-2023-1340CVE ReferenceCVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343, CVE-2022-46344, CVE-2022-4283CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for tigervnc to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1340 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1340CVE-2022-39260QID: 672591EulerOS Security Update for git (EulerOS-SA-2023-1314)SeverityCritical4In DevelopmentQualys ID672591Vendor ReferenceEulerOS-SA-2023-1314CVE ReferenceCVE-2022-39260CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for git to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1314 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1314CVE-2022-44638QID: 672588EulerOS Security Update for pixman (EulerOS-SA-2023-1333)SeverityCritical4In DevelopmentQualys ID672588Vendor ReferenceEulerOS-SA-2023-1333CVE ReferenceCVE-2022-44638CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for pixman to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1333 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1333CVE-2021-3670+QID: 672587EulerOS Security Update for samba (EulerOS-SA-2023-1336)SeverityCritical4In DevelopmentQualys ID672587Vendor ReferenceEulerOS-SA-2023-1336CVE ReferenceCVE-2021-3670, CVE-2022-42898CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for samba to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1336 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1336CVE-2022-42898QID: 672577EulerOS Security Update for krb5 (EulerOS-SA-2023-1321)SeverityCritical4In DevelopmentQualys ID672577Vendor ReferenceEulerOS-SA-2023-1321CVE ReferenceCVE-2022-42898CVSS ScoresBase 8.8 / Temporal 7.7DescriptionEulerOS has released a security update(s) for krb5 to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1321 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1321CVE-2022-42896+QID: 160447Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12109)SeverityCritical4Recently PublishedQualys ID160447Date PublishedFebruary 8, 2023Vendor ReferenceELSA-2023-12109CVE ReferenceCVE-2022-42896, CVE-2022-3564, CVE-2022-4662, CVE-2022-3524, CVE-2022-42895, CVE-2022-3628CVSS ScoresBase 8.8 / Temporal 7.7DescriptionOracle Enterprise Linux has released a security update for unbreakable enterprise kernel to fix the vulnerabilities.Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation allows an attacker to compromise the system.SolutionTo resolve this issue, upgrade to the latest packages which contain a patch.Refer to Oracle Enterprise Linux advisory below for updates and patch information:ELSA-2023-12109Patches Oracle Linux ELSA-2023-12109CVE-2023-0430QID: 940917AlmaLinux Security Update for thunderbird (ALSA-2023:0608)SeverityCritical4In DevelopmentQualys ID940917Vendor ReferenceALSA-2023:0608CVE ReferenceCVE-2023-0430CVSS ScoresBase 8.6 / Temporal 7.5DescriptionAlmaLinux has released a security update for thunderbird to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect confidentiality, integrity, and availability.SolutionRefer to AlmaLinux security advisory ALSA-2023:0608 for updates and patch information.Patches AlmaLinux ALSA-2023:0608CVE-2023-0430QID: 940914AlmaLinux Security Update for thunderbird (ALSA-2023:0606)SeverityCritical4In DevelopmentQualys ID940914Vendor ReferenceALSA-2023:0606CVE ReferenceCVE-2023-0430CVSS ScoresBase 8.6 / Temporal 7.5DescriptionAlmaLinux has released a security update for thunderbird to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect confidentiality, integrity, and availability.SolutionRefer to AlmaLinux security advisory ALSA-2023:0606 for updates and patch information.Patches AlmaLinux ALSA-2023:0606CVE-2023-25193QID: 905398Common Base Linux Mariner (CBL-Mariner) Security Update for qt5-qtbase (13231)SeverityCritical4Recently PublishedQualys ID905398Date PublishedFebruary 8, 2023Vendor ReferenceMariner_2.0_13231CVE ReferenceCVE-2023-25193CVSS ScoresBase 8.6 / Temporal 7.9DescriptionCBL-Mariner 2.0 is an internal Linux distribution for cloud infrastructure and edge products and services of Microsoft.CBL-Mariner has NOT released a security update for qt5-qtbase to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionPatch is NOT available for the package.


Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Chrome security advisory 110.0.5481.77 for updates and patch information.Patches Google Chrome 110.0.5481.77CVE-2023-0494QID: 241179Red Hat Update for tigervnc (RHSA-2023:0664)SeverityCritical4In DevelopmentQualys ID241179Vendor ReferenceRHSA-2023:0664CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionVirtual network computing (vnc) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the internet and from a wide variety of machine architectures. Tigervnc is a suite of vnc servers and clients...Security Fix(es): xorg-x11-server: deepcopypointerclasses use-after-free leads to privilege elevation (cve-2023-0494). Affected Products: Red Hat enterprise linux for x86_64 - extended update support 8.4 x86_64. Red hat enterprise linux server - aus 8.4 x86_64. Red hat enterprise linux for ibm z systems - extended update support 8.4 s390x. Red hat enterprise linux for power, little endian - extended update support 8.4 ppc64le. Red hat enterprise linux server - tus 8.4 x86_64. Red hat enterprise linux for arm 64 - extended update support 8.4 aarch64. Red hat enterprise linux server for power le - update services for sap solutions 8.4 ppc64le. Red hat enterprise linux for x86_64 - update services for sap solutions 8.4 x86_64.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0664 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0664CVE-2023-0494QID: 241178Red Hat Update for tigervnc (RHSA-2023:0662)SeverityCritical4In DevelopmentQualys ID241178Vendor ReferenceRHSA-2023:0662CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionVirtual network computing (vnc) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the internet and from a wide variety of machine architectures. Tigervnc is a suite of vnc servers and clients...Security Fix(es): xorg-x11-server: deepcopypointerclasses use-after-free leads to privilege elevation (cve-2023-0494). Affected Products: Red Hat enterprise linux for x86_64 8 x86_64. Red hat enterprise linux for ibm z systems 8 s390x. Red hat enterprise linux for power, little endian 8 ppc64le. Red hat enterprise linux for arm 64 8 aarch64.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0662 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0662CVE-2023-0494QID: 241177Red Hat Update for tigervnc (RHSA-2023:0663)SeverityCritical4In DevelopmentQualys ID241177Vendor ReferenceRHSA-2023:0663CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionVirtual network computing (vnc) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the internet and from a wide variety of machine architectures. Tigervnc is a suite of vnc servers and clients...Security Fix(es): xorg-x11-server: deepcopypointerclasses use-after-free leads to privilege elevation (cve-2023-0494). Affected Products: Red Hat enterprise linux for x86_64 - extended update support 8.6 x86_64. Red hat enterprise linux server - aus 8.6 x86_64. Red hat enterprise linux for ibm z systems - extended update support 8.6 s390x. Red hat enterprise linux for power, little endian - extended update support 8.6 ppc64le. Red hat enterprise linux server - tus 8.6 x86_64. Red hat enterprise linux for arm 64 - extended update support 8.6 aarch64. Red hat enterprise linux server for power le - update services for sap solutions 8.6 ppc64le. Red hat enterprise linux for x86_64 - update services for sap solutions 8.6 x86_64.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0663 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0663CVE-2023-0494QID: 241176Red Hat Update for tigervnc (RHSA-2023:0622)SeverityCritical4Recently PublishedQualys ID241176Date PublishedFebruary 8, 2023Vendor ReferenceRHSA-2023:0622CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionVirtual network computing (vnc) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the internet and from a wide variety of machine architectures. Tigervnc is a suite of vnc servers and clients...Security Fix(es): xorg-x11-server: deepcopypointerclasses use-after-free leads to privilege elevation (cve-2023-0494). Affected Products: Red Hat enterprise linux for x86_64 9 x86_64. Red hat enterprise linux for ibm z systems 9 s390x. Red hat enterprise linux for power, little endian 9 ppc64le. Red hat enterprise linux for arm 64 9 aarch64.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0622 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0622CVE-2023-0494QID: 241169Red Hat Update for tigervnc (RHSA-2023:0623)SeverityCritical4Recently PublishedQualys ID241169Date PublishedFebruary 8, 2023Vendor ReferenceRHSA-2023:0623CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionVirtual network computing (vnc) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the internet and from a wide variety of machine architectures. Tigervnc is a suite of vnc servers and clients...Security Fix(es): xorg-x11-server: deepcopypointerclasses use-after-free leads to privilege elevation (cve-2023-0494). Affected Products: Red Hat enterprise linux for x86_64 - extended update support 9.0 x86_64. Red hat enterprise linux for ibm z systems - extended update support 9.0 s390x. Red hat enterprise linux for power, little endian - extended update support 9.0 ppc64le. Red hat enterprise linux for arm 64 - extended update support 9.0 aarch64. Red hat enterprise linux server for power le - update services for sap solutions 9.0 ppc64le. Red hat enterprise linux for x86_64 - update services for sap solutions 9.0 x86_64. Red hat enterprise linux server for arm 64 - 4 years of updates 9.0 aarch64. Red hat enterprise linux server for ibm z systems - 4 years of updates 9.0 s390x.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0623 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0623CVE-2023-0215+QID: 199151Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5845-1)SeverityCritical4Recently PublishedQualys ID199151Date PublishedFebruary 8, 2023Vendor ReferenceUSN-5845-1CVE ReferenceCVE-2023-0215, CVE-2023-0286CVSS ScoresBase 8.6 / Temporal 7.5DescriptionUbuntu has released a security update for openssl to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5845-1 for updates and patch information.Patches Ubuntu Linux USN-5845-1CVE-2023-0401+QID: 199150Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5844-1)SeverityCritical4In DevelopmentQualys ID199150Vendor ReferenceUSN-5844-1CVE ReferenceCVE-2023-0401, CVE-2023-0286, CVE-2023-0217, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2022-4203, CVE-2023-0216CVSS ScoresBase 8.6 / Temporal 7.5DescriptionUbuntu has released a security update for openssl to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5844-1 for updates and patch information.Patches Ubuntu Linux USN-5844-1CVE-2023-0494QID: 199149Ubuntu Security Notification for X.Org X Server Vulnerability (USN-5846-1)SeverityCritical4Recently PublishedQualys ID199149Date PublishedFebruary 8, 2023Vendor ReferenceUSN-5846-1CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionUbuntu has released a security update for x.org to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5846-1 for updates and patch information.Patches Ubuntu Linux USN-5846-1CVE-2023-0494QID: 181545Debian Security Update for xorg-server (DSA 5342-1)SeverityCritical4Recently PublishedQualys ID181545Date PublishedFebruary 8, 2023Vendor ReferenceDSA 5342-1CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionDebian has released a security update for xorg-server to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DSA 5342-1 for updates and patch information.Patches Debian DSA 5342-1CVE-2023-0494QID: 160451Oracle Enterprise Linux Security Update for tigervnc (ELSA-2023-0622)SeverityCritical4In DevelopmentQualys ID160451Vendor ReferenceELSA-2023-0622CVE ReferenceCVE-2023-0494CVSS ScoresBase 8.6 / Temporal 7.5DescriptionOracle Enterprise Linux has released a security update for tigervnc to fix the vulnerabilities.Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation allows an attacker to compromise the system.SolutionTo resolve this issue, upgrade to the latest packages which contain a patch.Refer to Oracle Enterprise Linux advisory below for updates and patch information:ELSA-2023-0622Patches Oracle Linux ELSA-2023-0622CVE-2023-0430QID: 160449Oracle Enterprise Linux Security Update for thunderbird (ELSA-2023-0606)SeverityCritical4Recently PublishedQualys ID160449Date PublishedFebruary 8, 2023Vendor ReferenceELSA-2023-0606CVE ReferenceCVE-2023-0430CVSS ScoresBase 8.6 / Temporal 7.5DescriptionOracle Enterprise Linux has released a security update for thunderbird to fix the vulnerabilities.Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation allows an attacker to compromise the system.SolutionTo resolve this issue, upgrade to the latest packages which contain a patch.Refer to Oracle Enterprise Linux advisory below for updates and patch information:ELSA-2023-0606Patches Oracle Linux ELSA-2023-0606CVE-2021-43766+QID: 672585EulerOS Security Update for postgresql-10.5 (EulerOS-SA-2023-1346)SeverityCritical4In DevelopmentQualys ID672585Vendor ReferenceEulerOS-SA-2023-1346CVE ReferenceCVE-2021-43766, CVE-2021-43767CVSS ScoresBase 8.1 / Temporal 7.1DescriptionEulerOS has released a security update(s) for postgresql-10.5 to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to EulerOS security advisory EulerOS-SA-2023-1346 for updates and patch information.Patches EulerOS 2\\.0 SP8 EulerOS-SA-2023-1346CVE-2022-38023QID: 241172Red Hat Update for samba (RHSA-2023:0637)SeverityCritical4Recently PublishedQualys ID241172Date PublishedFebruary 8, 2023Vendor ReferenceRHSA-2023:0637CVE ReferenceCVE-2022-38023CVSS ScoresBase 8.1 / Temporal 7.1DescriptionSamba is an open-source implementation of the server message block (smb) protocol and the related common internet file system (cifs) protocol, which allow pc-compatible machines to share files, printers, and various information...Security Fix(es): samba: rc4/hmac-md5 netlogon secure channel is weak and should be avoided (cve-2022-38023). Affected Products: Red Hat enterprise linux for x86_64 - extended update support 8.4 x86_64. Red hat enterprise linux server - aus 8.4 x86_64. Red hat enterprise linux for ibm z systems - extended update support 8.4 s390x. Red hat enterprise linux for power, little endian - extended update support 8.4 ppc64le. Red hat enterprise linux server - tus 8.4 x86_64. Red hat enterprise linux for arm 64 - extended update support 8.4 aarch64. Red hat enterprise linux server for power le - update services for sap solutions 8.4 ppc64le. Red hat enterprise linux for x86_64 - update services for sap solutions 8.4 x86_64. Red hat codeready linux builder for x86_64 - extended update support 8.4 x86_64. Red hat codeready linux builder for power, little endian - extended update support 8.4 ppc64le. Red hat codeready linux builder for ibm z systems - extended update support 8.4 s390x. Red hat codeready linux builder for arm 64 - extended update support 8.4 aarch64.. Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Red Hat security advisory RHSA-2023:0637 for updates and patch information.Patches Red Hat Enterprise Linux RHSA-2023:0637CVE-2023-0266QID: 905397Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13229)SeverityCritical4Recently PublishedQualys ID905397Date PublishedFebruary 8, 2023Vendor ReferenceMariner_2.0_13229CVE ReferenceCVE-2023-0266CVSS ScoresBase 7.8 / Temporal 7.1DescriptionCBL-Mariner 2.0 is an internal Linux distribution for cloud infrastructure and edge products and services of Microsoft.CBL-Mariner has NOT released a security update for kernel to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionPatch is NOT available for the package.


2ff7e9595c


0 views0 comments

Recent Posts

See All

Comments

bottom of page