Описание
Security update for the Linux Kernel (Live Patch 27 for SLE 15)
This update for the Linux Kernel 4.12.14-150_83 fixes one issue.
The following security issue was fixed:
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
Список пакетов
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_75-default-15-150000.2.2
kernel-livepatch-4_12_14-150_78-default-10-150000.2.2
kernel-livepatch-4_12_14-150_86-default-5-150000.2.2
kernel-livepatch-4_12_14-150000_150_89-default-4-150000.2.2
kernel-livepatch-4_12_14-150_83-default-6-150000.2.2
Ссылки
- Link for SUSE-SU-2022:2220-1
- E-Mail link for SUSE-SU-2022:2220-1
- SUSE Security Ratings
- SUSE Bug 1199606
- SUSE CVE CVE-2022-1734 page
Описание
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_89-default-4-150000.2.2
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_75-default-15-150000.2.2
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_78-default-10-150000.2.2
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_83-default-6-150000.2.2
Ссылки
- CVE-2022-1734
- SUSE Bug 1199605
- SUSE Bug 1199606
- SUSE Bug 1201832