Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0418-1

Опубликовано: 16 фев. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-59_37 fixes several issues.

The following security issues were fixed:

  • CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag (bsc#1194533).
  • CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195308).
  • CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers when users call close() and fget() simultaneouslyand can potentially trigger a race condition (bnc#1194460).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_68-default-15-2.2
kgraft-patch-4_12_14-95_71-default-14-2.2
kgraft-patch-4_12_14-95_74-default-11-2.2
kgraft-patch-4_12_14-95_77-default-10-2.2
kgraft-patch-4_12_14-95_80-default-8-2.2
kgraft-patch-4_12_14-95_83-default-3-2.2
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_63-default-14-2.2
kgraft-patch-4_12_14-122_66-default-12-2.2
kgraft-patch-4_12_14-122_71-default-11-2.2
kgraft-patch-4_12_14-122_74-default-9-2.2
kgraft-patch-4_12_14-122_77-default-9-2.2
kgraft-patch-4_12_14-122_80-default-8-2.2
kgraft-patch-4_12_14-122_83-default-7-2.2
kgraft-patch-4_12_14-122_88-default-5-2.2
kgraft-patch-4_12_14-122_91-default-5-2.2
kgraft-patch-4_12_14-122_98-default-3-2.2
kgraft-patch-4_12_14-122_103-default-3-2.2
kgraft-patch-4_12_14-122_106-default-2-2.2
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_66-default-15-2.2
kernel-livepatch-4_12_14-150_69-default-14-2.2
kernel-livepatch-4_12_14-150_72-default-11-2.2
kernel-livepatch-4_12_14-150_75-default-8-2.2
kernel-livepatch-4_12_14-150_78-default-3-2.2
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_83-default-15-2.2
kernel-livepatch-4_12_14-197_86-default-14-2.2
kernel-livepatch-4_12_14-197_89-default-11-2.2
kernel-livepatch-4_12_14-197_92-default-10-2.2
kernel-livepatch-4_12_14-197_99-default-8-2.2
kernel-livepatch-4_12_14-197_102-default-3-2.2
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-24_61-default-11-2.2
kernel-livepatch-5_3_18-24_64-default-11-2.2
kernel-livepatch-5_3_18-24_67-default-9-2.2
kernel-livepatch-5_3_18-24_53_4-default-9-2.2
kernel-livepatch-5_3_18-24_70-default-9-2.2
kernel-livepatch-5_3_18-24_75-default-8-2.2
kernel-livepatch-5_3_18-24_78-default-7-2.2
kernel-livepatch-5_3_18-24_83-default-5-2.2
kernel-livepatch-5_3_18-24_86-default-5-2.2
kernel-livepatch-5_3_18-24_93-default-4-2.2
kernel-livepatch-5_3_18-24_96-default-3-2.2
SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-57-default-11-3.2
kernel-livepatch-5_3_18-59_13-default-9-150300.2.2
kernel-livepatch-5_3_18-59_16-default-8-150300.2.2
kernel-livepatch-5_3_18-59_19-default-7-150300.2.2
kernel-livepatch-5_3_18-59_34-default-4-150300.2.2
kernel-livepatch-5_3_18-59_37-default-3-150300.2.2

Ссылки

Описание

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-15-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_71-default-14-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_74-default-11-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-10-2.2
Ссылки

Описание

A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-15-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_71-default-14-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_74-default-11-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-10-2.2
Ссылки

Описание

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_68-default-15-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_71-default-14-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_74-default-11-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-10-2.2
Ссылки
Уязвимость SUSE-SU-2022:0418-1