SUSE-SU-2022:1949-1

Опубликовано: 05 июн. 2022

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100_197_111 fixes several issues.

The following security issue was fixed:

CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199602).
Add missing module_mutex lock to module notifier for previous live patches (bsc#1199834).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP1

kernel-livepatch-4_12_14-150100_197_111-default-3-150100.2.2

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20221949-1/
Link for SUSE-SU-2022:1949-1
https://lists.suse.com/pipermail/sle-security-updates/2022-June/011240.html
E-Mail link for SUSE-SU-2022:1949-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1199602
SUSE Bug 1199602
https://bugzilla.suse.com/1199834
SUSE Bug 1199834
https://www.suse.com/security/cve/CVE-2022-30594/
SUSE CVE CVE-2022-30594 page

Описание

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-3-150100.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2022-30594.html
CVE-2022-30594
https://bugzilla.suse.com/1199505
SUSE Bug 1199505
https://bugzilla.suse.com/1199602
SUSE Bug 1199602
https://bugzilla.suse.com/1201549
SUSE Bug 1201549
https://bugzilla.suse.com/1204132
SUSE Bug 1204132

SUSE-SU-2022:1949-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP1

Ссылки

Уязвимость: CVE-2022-30594

Описание

Затронутые продукты

Ссылки