Описание
ELSA-2022-9495: kernel security update (IMPORTANT)
[3.10.0-1160.66.1.0.2.el7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
bpftool
3.10.0-1160.66.1.0.2.el7
kernel
3.10.0-1160.66.1.0.2.el7
kernel-abi-whitelists
3.10.0-1160.66.1.0.2.el7
kernel-debug
3.10.0-1160.66.1.0.2.el7
kernel-debug-devel
3.10.0-1160.66.1.0.2.el7
kernel-devel
3.10.0-1160.66.1.0.2.el7
kernel-doc
3.10.0-1160.66.1.0.2.el7
kernel-headers
3.10.0-1160.66.1.0.2.el7
kernel-tools
3.10.0-1160.66.1.0.2.el7
kernel-tools-libs
3.10.0-1160.66.1.0.2.el7
kernel-tools-libs-devel
3.10.0-1160.66.1.0.2.el7
perf
3.10.0-1160.66.1.0.2.el7
python-perf
3.10.0-1160.66.1.0.2.el7
Связанные CVE
Связанные уязвимости
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
KGDB and KDB allow read and write access to kernel memory, and thus sh ...
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).