exploitDog

SUSE-SU-2022:2866-1

Опубликовано: 22 авг. 2022

Источник: suse-cvrf

Описание

Security update for systemd-presets-common-SUSE

This update for systemd-presets-common-SUSE fixes the following issues:

CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524).

The following non-security bugs were fixed:

Modify branding-preset-states to fix systemd-presets-common-SUSE not enabling new user systemd service preset configuration just as it handles system service presets. By passing an (optional) second parameter 'user', the save/apply-changes commands now work with user services instead of system ones (bsc#1200485)
Add the wireplumber user service preset to enable it by default in SLE15-SP4 where it replaced pipewire-media-session, but keep pipewire-media-session preset so we don't have to branch the systemd-presets-common-SUSE package for SP4 (bsc#1200485)

Список пакетов

Container bci/bci-init:15.3

systemd-presets-common-SUSE-15-150100.8.17.1

Container bci/bci-init:15.4

systemd-presets-common-SUSE-15-150100.8.17.1

Container caasp/v4/cilium:1.6.6

systemd-presets-common-SUSE-15-150100.8.17.1

Container ses/7.1/ceph/haproxy:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container ses/7.1/ceph/keepalived:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container ses/7.1/cephcsi/cephcsi:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container ses/7.1/rook/ceph:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/manager/4.3/proxy-httpd:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/pcp:5

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/postgres:12

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/postgres:13

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/postgres:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container suse/sle-micro-rancher/5.2:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Container trento/trento-db:latest

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP1-SAPCAL-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP1-SAPCAL-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP1-SAPCAL-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-HPC-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-HPC-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP2-SAP-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-CHOST-BYOS-Aliyun

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-CHOST-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-CHOST-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-CHOST-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-HPC-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-HPC-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-HPC-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-1-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-1-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-2-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-Micro-5-2-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAP-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAP-BYOS-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAP-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAPCAL-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAPCAL-EC2-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP3-SAPCAL-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Azure-Basic

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Azure-Standard

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS-Aliyun

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-EC2-ECS-HVM

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-HPC-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Hardened-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Hardened-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Hardened-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Hardened-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAP-Hardened-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAPCAL

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAPCAL-Azure

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAPCAL-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SAPCAL-GCE

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

systemd-presets-common-SUSE-15-150100.8.17.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

systemd-presets-common-SUSE-15-150100.8.17.1

SUSE Linux Enterprise Micro 5.1

systemd-presets-common-SUSE-15-150100.8.17.1

SUSE Linux Enterprise Micro 5.2

systemd-presets-common-SUSE-15-150100.8.17.1

SUSE Linux Enterprise Module for Basesystem 15 SP3

systemd-presets-common-SUSE-15-150100.8.17.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

systemd-presets-common-SUSE-15-150100.8.17.1

openSUSE Leap 15.3

systemd-presets-common-SUSE-15-150100.8.17.1

openSUSE Leap 15.4

systemd-presets-common-SUSE-15-150100.8.17.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222866-1/
Link for SUSE-SU-2022:2866-1
https://lists.suse.com/pipermail/sle-security-updates/2022-August/011963.html
E-Mail link for SUSE-SU-2022:2866-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1199524
SUSE Bug 1199524
https://bugzilla.suse.com/1200485
SUSE Bug 1200485
https://www.suse.com/security/cve/CVE-2022-1706/
SUSE CVE CVE-2022-1706 page

Описание

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config.

Затронутые продукты

Container bci/bci-init:15.3:systemd-presets-common-SUSE-15-150100.8.17.1

Container bci/bci-init:15.4:systemd-presets-common-SUSE-15-150100.8.17.1

Container caasp/v4/cilium:1.6.6:systemd-presets-common-SUSE-15-150100.8.17.1

Container ses/7.1/ceph/haproxy:latest:systemd-presets-common-SUSE-15-150100.8.17.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-1706.html
CVE-2022-1706
https://bugzilla.suse.com/1199524
SUSE Bug 1199524

Уязвимость SUSE-SU-2022:2866-1