Описание
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-197_99 fixes one issue.
The following security issue was fixed:
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_80-default-15-2.2
kgraft-patch-4_12_14-95_88-default-6-2.2
kgraft-patch-4_12_14-95_96-default-4-2.2
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_106-default-9-2.2
kgraft-patch-4_12_14-122_110-default-7-2.2
kgraft-patch-4_12_14-122_116-default-4-2.2
kgraft-patch-4_12_14-122_80-default-16-2.2
kgraft-patch-4_12_14-122_83-default-15-2.2
kgraft-patch-4_12_14-122_88-default-13-2.2
kgraft-patch-4_12_14-122_98-default-11-2.2
kgraft-patch-4_12_14-122_103-default-11-2.2
kgraft-patch-4_12_14-122_113-default-6-2.2
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_105-default-6-150100.2.2
kernel-livepatch-4_12_14-197_108-default-5-150100.2.2
kernel-livepatch-4_12_14-150100_197_111-default-4-150100.2.2
kernel-livepatch-4_12_14-197_99-default-15-150100.2.2
Ссылки
- Link for SUSE-SU-2022:2206-1
- E-Mail link for SUSE-SU-2022:2206-1
- SUSE Security Ratings
- SUSE Bug 1199606
- SUSE CVE CVE-2022-1734 page
Описание
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_80-default-15-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_88-default-6-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_96-default-4-2.2
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_103-default-11-2.2
Ссылки
- CVE-2022-1734
- SUSE Bug 1199605
- SUSE Bug 1199606
- SUSE Bug 1201832