Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0270-1

Опубликовано: 01 фев. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-59_27 fixes several issues.

The following security issues were fixed:

  • CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517).
  • CVE-2021-4028: Fixed use-after-free in RDMA listen() that could lead to DoS or privilege escalation by a local attacker (bsc#1193167).
  • CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-59_24-default-4-150300.2.2
kernel-livepatch-5_3_18-59_27-default-4-150300.2.2

Ссылки

Описание

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_24-default-4-150300.2.2
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-4-150300.2.2
Ссылки

Описание

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_24-default-4-150300.2.2
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-4-150300.2.2
Ссылки

Описание

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_24-default-4-150300.2.2
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-4-150300.2.2
Ссылки
Уязвимость SUSE-SU-2022:0270-1