This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
FortiGuard Labs is aware of a new remote command execution vulnerability affecting F5 BIG-IP clients. Exploiting this vulnerability will allow an attacker to completely take over an affected device. What are the Technical Details of this Vulnerability?According to the F5 security advisory, this vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.Because this vulnerability does not require any sophistication to exploit, and the fact that in-the-wild exploitation are reported to have been observed and proof-of-concept (PoC) codes are publicly available, it is highly recommended that organizations affected by this latest vulnerability apply all patches immediately.What Versions Are Affected?Reported versions affected by CVE-2022-1388 are:BIG-IP versions 16.1.2 through 13.1.0 (versions under 13.1.0 are affected but will not be fixed)How Serious of an Issue is This?HIGH. CVE-2022-1388 has a CVSS score of 9.8. US-CERT (CISA) has also issued an alert for this issue. For further information, please refer to F5 Releases Security Advisories Addressing Multiple Vulnerabilities in the APPENDIX.How Widespread is this Attack?Global. Malicious scans by attackers are currently underway looking for vulnerable unpatched appliances, regardless of location. Proof-of-concept codes (POC) are available and the vulnerability is reported to have been actively exploited in the wild.What is the Status of Coverage?Customers running current (IPS) definitions are protected by:F5.BIG-IP.iControl.REST.Authentication.BypassFortiGuard Labs is continuously monitoring this vulnerability and we will update this Threat Signal once more information becomes available.Are There Any Reports of Nation State Activity Actively Exploiting CVE-2022-1388?Yes, the vulnerability is reported to have been actively exploited in the wild.Any Other Suggested Mitigation?According to F5, it is recommended to apply all available patches from the May 2022 update immediately. If patching is not possible at this time, F5 recommends blocking all access to the iControl REST interface of your BIG-IP system through self IP addresses. Mitigation details can be found in the article titled – “K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388” in the APPENDIX section.The potential for damage to daily operations, reputation, and unwanted release of data, the disruption of business operations, etc. is apparent, and because of this it is important to keep all AV and IPS signatures up to date. It is also important to ensure that all known vendor vulnerabilities within an organization are addressed once available, and updated on a regular basis to protect against attackers establishing a foothold within a network.
USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately
that update was incomplete and could introduce a regression. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the postinst maintainer script in Cron unsafely
handled file permissions during package install or update operations.
An attacker could possibly use this issue to perform a privilege
escalation attack. (CVE-2017-9525)
Florian Weimer discovered that Cron incorrectly handled certain memory
operations during crontab file creation. An attacker could possibly use
this issue to cause a denial of service. (CVE-2019-9704)
It was discovered that Cron incorrectly handled user input during crontab
file creation. An attacker could possibly use this issue to cause a denial
of service. (CVE-2019-9705)
It was discovered that Cron contained a use-after-free vulnerability in
its force_rescan_user function. An attacker could possibly use this issue
to cause a denial of service. (CVE-2019-9706)
python3-lxml-4.2.5-5.el7
Add patch to fix pass through of certain crafted script content and SVG embedded scripts via HTML Cleaner in lxml.html (#2032569)
microcode_ctl-2.1-51.fc36
Update to upstream 2.1-36. 20220510
Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-97-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode at
revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) at revision 0x41c;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) at revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode at revision 0x41c;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-bf-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-bf-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode at revision 0x1f;
Update of 06-37-09/0x0f (VLV D0) microcode from revision 0x90c up
to 0x90d;
Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode from revision
0xec up to 0xf0;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015c
up to 0x100015d;
Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from
revision 0x2006c0a up to 0x2006d05;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400320a
up to 0x4003302;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x500320a up to 0x5003302;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002402
up to 0x7002501;
Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x46 up
to 0x48;
Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode from
revision 0xec up to 0xf0;
Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x36 up
to 0x38;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000331
up to 0xd000363;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x38 up
to 0x3a;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x1c up
to 0x1e;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa8
up to 0xb0;
Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x2d up
to 0x31;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0x9a up to 0xa4;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x22 up
to 0x26;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x3c up
to 0x3e;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xec
up to 0xf0;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision
0xec up to 0xf0;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from
revision 0xec up to 0xf0;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xec up
to 0xf0;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode from revision 0xec up to 0xf0;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x15 up
to 0x16;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x2400001f
up to 0x24000023;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from
revision 0xec up to 0xf0;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xec
up to 0xf0;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0xec up to 0xf0;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xec up
to 0xf0;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xec
up to 0xf0;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xee
up to 0xf0;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xea
up to 0xf0;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xec up to 0xf0;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x50 up
to 0x53.
Addresses CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151
Update to upstream 2.1-35. 20220419
Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x24 up to 0x28.
microcode_ctl-2.1-47.3.fc35
Update to upstream 2.1-36. 20220510
Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-97-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode at
revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) at revision 0x41c;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) at revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode at revision 0x41c;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-bf-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-bf-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode at revision 0x1f;
Update of 06-37-09/0x0f (VLV D0) microcode from revision 0x90c up
to 0x90d;
Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode from revision
0xec up to 0xf0;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015c
up to 0x100015d;
Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from
revision 0x2006c0a up to 0x2006d05;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400320a
up to 0x4003302;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x500320a up to 0x5003302;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002402
up to 0x7002501;
Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x46 up
to 0x48;
Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode from
revision 0xec up to 0xf0;
Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x36 up
to 0x38;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000331
up to 0xd000363;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x38 up
to 0x3a;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x1c up
to 0x1e;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa8
up to 0xb0;
Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x2d up
to 0x31;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0x9a up to 0xa4;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x22 up
to 0x26;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x3c up
to 0x3e;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xec
up to 0xf0;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision
0xec up to 0xf0;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from
revision 0xec up to 0xf0;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xec up
to 0xf0;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode from revision 0xec up to 0xf0;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x15 up
to 0x16;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x2400001f
up to 0x24000023;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from
revision 0xec up to 0xf0;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xec
up to 0xf0;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0xec up to 0xf0;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xec up
to 0xf0;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xec
up to 0xf0;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xee
up to 0xf0;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xea
up to 0xf0;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xec up to 0xf0;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x50 up
to 0x53.
Addresses CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151
Update to upstream 2.1-35. 20220419
Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x24 up to 0x28.
microcode_ctl-2.1-46.3.fc34
Update to upstream 2.1-36. 20220510
Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-97-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-97-05)
at revision 0x1f;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode at
revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) at revision 0x41c;
Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) at revision 0x41c;
Addition of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode at revision 0x41c;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode (in intel-ucode/06-bf-02)
at revision 0x1f;
Addition of 06-97-02/0x03 (ADL-HX C0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) at revision 0x1f;
Addition of 06-bf-02/0x03 (ADL C0) microcode (in intel-ucode/06-bf-05)
at revision 0x1f;
Addition of 06-bf-05/0x03 (ADL C0) microcode at revision 0x1f;
Update of 06-37-09/0x0f (VLV D0) microcode from revision 0x90c up
to 0x90d;
Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode from revision
0xec up to 0xf0;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015c
up to 0x100015d;
Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from
revision 0x2006c0a up to 0x2006d05;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400320a
up to 0x4003302;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x500320a up to 0x5003302;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002402
up to 0x7002501;
Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x46 up
to 0x48;
Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode from
revision 0xec up to 0xf0;
Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x36 up
to 0x38;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000331
up to 0xd000363;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x38 up
to 0x3a;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x1c up
to 0x1e;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa8
up to 0xb0;
Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x2d up
to 0x31;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0x9a up to 0xa4;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x22 up
to 0x26;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x3c up
to 0x3e;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xec
up to 0xf0;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision
0xec up to 0xf0;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from
revision 0xec up to 0xf0;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xec up
to 0xf0;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode from revision 0xec up to 0xf0;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x15 up
to 0x16;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x2400001f
up to 0x24000023;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from
revision 0xec up to 0xf0;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xec
up to 0xf0;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision
0xec up to 0xf0;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0xec up to 0xf0;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xec up
to 0xf0;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xec
up to 0xf0;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xee
up to 0xf0;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xea
up to 0xf0;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xec up to 0xf0;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x50 up
to 0x53.
Addresses CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151
Update to upstream 2.1-35. 20220419
Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x24 up to 0x28.
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.
Multiple vulnerabilities have been discovered in Google Chrome and Chrome OS, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Chrome OS is a proprietary Linux-based operating system designed by Google. It is derived from the open-source Chromium OS and uses the Google Chrome web browser as its principal user interface. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the application.
