Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:2438-1

Опубликовано: 19 июл. 2022
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122_116 fixes several issues.

The following security issues were fixed:

  • CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
  • CVE-2022-21499: Reinforced the kernel lockdown feature, until now it's been trivial to break out of it with kgdb or kdb (bsc#1199426).
  • CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_93-default-6-2.3
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_91-default-14-2.3
kgraft-patch-4_12_14-122_98-default-12-2.3
kgraft-patch-4_12_14-122_116-default-5-2.3

Ссылки

Описание

A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-6-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_116-default-5-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_91-default-14-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_98-default-12-2.3
Ссылки

Описание

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-6-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_116-default-5-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_91-default-14-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_98-default-12-2.3
Ссылки

Описание

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_93-default-6-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_116-default-5-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_91-default-14-2.3
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_98-default-12-2.3
Ссылки