Уязвимость ELSA-2022-9612

CVE-2022-21505

CVSS3: 6.7

ubuntu

6 месяцев назад

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21505

CVSS3: 6.7

redhat

почти 3 года назад

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21505

CVSS3: 6.7

nvd

6 месяцев назад

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-21505

CVSS3: 6.7

debian

6 месяцев назад

In the linux kernel, if IMA appraisal is used with the "ima_appraise=l ...

ELSA-2022-9609

oracle-oval

почти 3 года назад

ELSA-2022-9609: Unbreakable Enterprise kernel security update (IMPORTANT)

exploitDog

ELSA-2022-9612

Описание

Обновленные пакеты

Связанные CVE

Ссылки на источники

Связанные уязвимости