Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9425

Опубликовано: 24 мая 2022
Источник: oracle-oval
Платформа: Oracle Linux 7
Платформа: Oracle Linux 8

Описание

ELSA-2022-9425: Unbreakable Enterprise kernel security update (IMPORTANT)

[5.4.17-2136.307.3.4]

  • io_uring: always use original task when preparing req identity (Jens Axboe) [Orabug: 34186552] {CVE-2022-1786}

[5.4.17-2136.307.3.3]

  • debug: Lock down kgdb (Stephen Brennan) [Orabug: 34152699] {CVE-2022-21499}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

5.4.17-2136.307.3.4.el7uek

kernel-uek-debug

5.4.17-2136.307.3.4.el7uek

kernel-uek-debug-devel

5.4.17-2136.307.3.4.el7uek

kernel-uek-devel

5.4.17-2136.307.3.4.el7uek

kernel-uek-doc

5.4.17-2136.307.3.4.el7uek

kernel-uek-tools

5.4.17-2136.307.3.4.el7uek

kernel-uek-tools-libs

5.4.17-2136.307.3.4.el7uek

perf

5.4.17-2136.307.3.4.el7uek

python-perf

5.4.17-2136.307.3.4.el7uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.307.3.4.el7uek

kernel-uek-debug

5.4.17-2136.307.3.4.el7uek

kernel-uek-debug-devel

5.4.17-2136.307.3.4.el7uek

kernel-uek-devel

5.4.17-2136.307.3.4.el7uek

kernel-uek-doc

5.4.17-2136.307.3.4.el7uek

kernel-uek-tools

5.4.17-2136.307.3.4.el7uek

Oracle Linux 8

Oracle Linux aarch64

kernel-uek

5.4.17-2136.307.3.4.el8uek

kernel-uek-debug

5.4.17-2136.307.3.4.el8uek

kernel-uek-debug-devel

5.4.17-2136.307.3.4.el8uek

kernel-uek-devel

5.4.17-2136.307.3.4.el8uek

kernel-uek-doc

5.4.17-2136.307.3.4.el8uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.307.3.4.el8uek

kernel-uek-debug

5.4.17-2136.307.3.4.el8uek

kernel-uek-debug-devel

5.4.17-2136.307.3.4.el8uek

kernel-uek-devel

5.4.17-2136.307.3.4.el8uek

kernel-uek-doc

5.4.17-2136.307.3.4.el8uek

Связанные CVE

CVE-2022-21499
CVE-2022-1786

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2022-9426

oracle-oval
больше 3 лет назад

ELSA-2022-9426: Unbreakable Enterprise kernel-container security update (IMPORTANT)

ubuntu логотип

CVE-2022-1786

CVSS3: 7.8
ubuntu
больше 3 лет назад

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

redhat логотип

CVE-2022-1786

CVSS3: 7
redhat
больше 3 лет назад

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

nvd логотип

CVE-2022-1786

CVSS3: 7.8
nvd
больше 3 лет назад

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

msrc логотип

CVE-2022-1786

CVSS3: 7.8
msrc
больше 3 лет назад

Описание отсутствует