Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9423

Опубликовано: 24 мая 2022
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2022-9423: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.14.35-2047.513.2.2]

  • debug: Lock down kgdb (Stephen Brennan) [Orabug: 34152700] {CVE-2022-21499}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

4.14.35-2047.513.2.2.el7uek

kernel-uek-debug

4.14.35-2047.513.2.2.el7uek

kernel-uek-debug-devel

4.14.35-2047.513.2.2.el7uek

kernel-uek-devel

4.14.35-2047.513.2.2.el7uek

kernel-uek-headers

4.14.35-2047.513.2.2.el7uek

kernel-uek-tools

4.14.35-2047.513.2.2.el7uek

kernel-uek-tools-libs

4.14.35-2047.513.2.2.el7uek

kernel-uek-tools-libs-devel

4.14.35-2047.513.2.2.el7uek

perf

4.14.35-2047.513.2.2.el7uek

python-perf

4.14.35-2047.513.2.2.el7uek

Oracle Linux x86_64

kernel-uek

4.14.35-2047.513.2.2.el7uek

kernel-uek-debug

4.14.35-2047.513.2.2.el7uek

kernel-uek-debug-devel

4.14.35-2047.513.2.2.el7uek

kernel-uek-devel

4.14.35-2047.513.2.2.el7uek

kernel-uek-doc

4.14.35-2047.513.2.2.el7uek

kernel-uek-tools

4.14.35-2047.513.2.2.el7uek

Связанные CVE

CVE-2022-21499

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-21499

CVSS3: 6.7
ubuntu
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

redhat логотип

CVE-2022-21499

CVSS3: 6.7
redhat
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

nvd логотип

CVE-2022-21499

CVSS3: 6.7
nvd
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

debian логотип

CVE-2022-21499

CVSS3: 6.7
debian
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus sh ...

github логотип

GHSA-rcmc-qxj3-63p4

CVSS3: 6.5
github
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).