Описание
Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_91 fixes one issue.
The following security issue was fixed:
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_93-default-5-2.2
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_91-default-13-2.2
Ссылки
- Link for SUSE-SU-2022:2194-1
- E-Mail link for SUSE-SU-2022:2194-1
- SUSE Security Ratings
- SUSE Bug 1199606
- SUSE CVE CVE-2022-1734 page
Описание
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-5-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_91-default-13-2.2
Ссылки
- CVE-2022-1734
- SUSE Bug 1199605
- SUSE Bug 1199606
- SUSE Bug 1201832