Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:1329-1

Опубликовано: 25 апр. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 28 for SLE 15)

This update for the Linux Kernel 4.12.14-150_86 fixes several issues.

The following security issues were fixed:

  • CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197335)
  • CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bsc#1197344)
  • CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free (bsc#1197211).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_77-default-14-2.1
kgraft-patch-4_12_14-95_83-default-7-2.1
kgraft-patch-4_12_14-95_88-default-4-2.1
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_75-default-12-150000.2.1
kernel-livepatch-4_12_14-150_83-default-4-150000.2.1
kernel-livepatch-4_12_14-150_72-default-15-150000.2.1
kernel-livepatch-4_12_14-150_78-default-7-150000.2.1
kernel-livepatch-4_12_14-150_86-default-3-150000.2.1

Ссылки

Описание

Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-14-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_83-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_88-default-4-2.1
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_72-default-15-150000.2.1
Ссылки

Описание

A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-14-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_83-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_88-default-4-2.1
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_72-default-15-150000.2.1
Ссылки

Описание

A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_77-default-14-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_83-default-7-2.1
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_88-default-4-2.1
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_72-default-15-150000.2.1
Ссылки