SUSE-SU-2022:2276-1

Опубликовано: 05 июл. 2022

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-197_102 fixes one issue.

The following security issue was fixed:

CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP1

kernel-livepatch-4_12_14-197_102-default-10-150100.2.2

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222276-1/
Link for SUSE-SU-2022:2276-1
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011407.html
E-Mail link for SUSE-SU-2022:2276-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1199606
SUSE Bug 1199606
https://www.suse.com/security/cve/CVE-2022-1734/
SUSE CVE CVE-2022-1734 page

Описание

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_102-default-10-150100.2.2

Ссылки

https://www.suse.com/security/cve/CVE-2022-1734.html
CVE-2022-1734
https://bugzilla.suse.com/1199605
SUSE Bug 1199605
https://bugzilla.suse.com/1199606
SUSE Bug 1199606
https://bugzilla.suse.com/1201832
SUSE Bug 1201832

SUSE-SU-2022:2276-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP1

Ссылки

Уязвимость: CVE-2022-1734

Описание

Затронутые продукты

Ссылки