Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0660-1

Опубликовано: 02 мар. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-59_10 fixes several issues.

The following security issues were fixed:

  • CVE-2022-0516: Fixed KVM s390 return error on SIDA memop on normal guest (bsc#1195947).
  • CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc (bsc#1194463).
  • CVE-2021-22600: Fixed double free bug in packet_set_ring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bsc#1195307).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-59_37-default-4-150300.2.1
kernel-livepatch-5_3_18-59_27-default-6-150300.2.1
kernel-livepatch-5_3_18-59_16-default-9-150300.2.1
kernel-livepatch-5_3_18-59_10-default-10-150300.2.1

Ссылки

Описание

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-10-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-9-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-6-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_37-default-4-150300.2.1
Ссылки

Описание

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-10-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-9-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-6-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_37-default-4-150300.2.1
Ссылки

Описание

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-10-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-9-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_27-default-6-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_37-default-4-150300.2.1
Ссылки