Описание
ELSA-2022-9422: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.62.3.1]
- debug: Lock down kgdb (Stephen Brennan) [Orabug: 34152701] {CVE-2022-21499}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.62.3.1.el6uek
kernel-uek-debug
4.1.12-124.62.3.1.el6uek
kernel-uek-debug-devel
4.1.12-124.62.3.1.el6uek
kernel-uek-devel
4.1.12-124.62.3.1.el6uek
kernel-uek-doc
4.1.12-124.62.3.1.el6uek
kernel-uek-firmware
4.1.12-124.62.3.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.62.3.1.el7uek
kernel-uek-debug
4.1.12-124.62.3.1.el7uek
kernel-uek-debug-devel
4.1.12-124.62.3.1.el7uek
kernel-uek-devel
4.1.12-124.62.3.1.el7uek
kernel-uek-doc
4.1.12-124.62.3.1.el7uek
kernel-uek-firmware
4.1.12-124.62.3.1.el7uek
Связанные CVE
Связанные уязвимости
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus sh ...
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).