Описание
Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_153 fixes one issue.
The following security issue was fixed:
- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
Список пакетов
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_180-94_153-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_180-94_153-default-3-2.1
Ссылки
- Link for SUSE-SU-2022:1036-1
- E-Mail link for SUSE-SU-2022:1036-1
- SUSE Security Ratings
- SUSE Bug 1195908
- SUSE CVE CVE-2022-0492 page
Описание
A vulnerability was found in the Linux kernel's cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_153-default-3-2.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_153-default-3-2.1
Ссылки
- CVE-2022-0492
- SUSE Bug 1195543
- SUSE Bug 1195908
- SUSE Bug 1196612
- SUSE Bug 1196776
- SUSE Bug 1198615
- SUSE Bug 1199255
- SUSE Bug 1199615
- SUSE Bug 1200084