Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:1223-1

Опубликовано: 14 апр. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-150300_59_46 fixes several issues.

The following security issues were fixed:

  • CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
  • CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)
  • CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#1195065)

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-24_83-default-8-150200.2.1
kernel-livepatch-5_3_18-24_53_4-default-12-150200.2.1
kernel-livepatch-5_3_18-24_64-default-14-150200.2.1
kernel-livepatch-5_3_18-24_75-default-11-150200.2.1
kernel-livepatch-5_3_18-24_93-default-7-150200.2.1
kernel-livepatch-5_3_18-24_99-default-5-150200.2.1
kernel-livepatch-5_3_18-24_96-default-6-150200.2.1
kernel-livepatch-5_3_18-24_61-default-14-150200.2.1
kernel-livepatch-5_3_18-24_67-default-12-150200.2.1
kernel-livepatch-5_3_18-24_70-default-12-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-150300_59_43-default-5-150300.2.1
kernel-livepatch-5_3_18-59_37-default-6-150300.2.1
kernel-livepatch-5_3_18-59_13-default-12-150300.2.1
kernel-livepatch-5_3_18-57-default-14-150200.3.1
kernel-livepatch-5_3_18-59_10-default-12-150300.2.1
kernel-livepatch-5_3_18-59_19-default-10-150300.2.1
kernel-livepatch-5_3_18-59_24-default-8-150300.2.1
kernel-livepatch-5_3_18-59_34-default-7-150300.2.1
kernel-livepatch-5_3_18-59_27-default-8-150300.2.1
kernel-livepatch-5_3_18-59_40-default-6-150300.2.1
kernel-livepatch-5_3_18-150300_59_46-default-5-150300.2.1

Ссылки

Описание

In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-12-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_61-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_64-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_67-default-12-150200.2.1
Ссылки

Описание

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-12-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_61-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_64-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_67-default-12-150200.2.1
Ссылки

Описание

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_53_4-default-12-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_61-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_64-default-14-150200.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_67-default-12-150200.2.1
Ссылки