Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0978-1

Опубликовано: 29 мар. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-59_16 fixes several issues.

The following security issues were fixed:

  • CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).
  • CVE-2021-4001: Fixed a race condition when the EBPF map is frozen (bsc#1192990).
  • CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
  • CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-59_5-default-11-150300.2.1
kernel-livepatch-5_3_18-59_10-default-11-150300.2.1
kernel-livepatch-5_3_18-57-default-13-150200.3.1
kernel-livepatch-5_3_18-59_13-default-11-150300.2.1
kernel-livepatch-5_3_18-59_16-default-10-150300.2.1

Ссылки

Описание

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-57-default-13-150200.3.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_13-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-10-150300.2.1
Ссылки

Описание

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-57-default-13-150200.3.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_13-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-10-150300.2.1
Ссылки

Описание

A vulnerability was found in the Linux kernel's cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-57-default-13-150200.3.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_13-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-10-150300.2.1
Ссылки

Описание

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-57-default-13-150200.3.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_10-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_13-default-11-150300.2.1
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_16-default-10-150300.2.1
Ссылки
Уязвимость SUSE-SU-2022:0978-1