Описание
Security update for the Linux Kernel (Live Patch 44 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_161 fixes one issue.
The following security issue was fixed:
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_77-default-17-2.2
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_180-94_147-default-14-2.2
kgraft-patch-4_4_180-94_150-default-10-2.2
kgraft-patch-4_4_180-94_153-default-6-2.2
kgraft-patch-4_4_180-94_156-default-5-2.2
kgraft-patch-4_4_180-94_161-default-4-2.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_180-94_147-default-14-2.2
kgraft-patch-4_4_180-94_150-default-10-2.2
kgraft-patch-4_4_180-94_153-default-6-2.2
kgraft-patch-4_4_180-94_156-default-5-2.2
kgraft-patch-4_4_180-94_161-default-4-2.2
Ссылки
- Link for SUSE-SU-2022:2281-1
- E-Mail link for SUSE-SU-2022:2281-1
- SUSE Security Ratings
- SUSE Bug 1199606
- SUSE CVE CVE-2022-1734 page
Описание
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_77-default-17-2.2
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_147-default-14-2.2
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-10-2.2
SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_153-default-6-2.2
Ссылки
- CVE-2022-1734
- SUSE Bug 1199605
- SUSE Bug 1199606
- SUSE Bug 1201832