SUSE-SU-2022:2443-1

Опубликовано: 19 июл. 2022

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122_124 fixes one issue.

The following security issue was fixed:

CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

kgraft-patch-4_12_14-122_124-default-2-2.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222443-1/
Link for SUSE-SU-2022:2443-1
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011597.html
E-Mail link for SUSE-SU-2022:2443-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1200608
SUSE Bug 1200608
https://www.suse.com/security/cve/CVE-2022-20154/
SUSE CVE CVE-2022-20154 page

Описание

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-2-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-20154.html
CVE-2022-20154
https://bugzilla.suse.com/1200599
SUSE Bug 1200599
https://bugzilla.suse.com/1200608
SUSE Bug 1200608
https://bugzilla.suse.com/1224298
SUSE Bug 1224298
https://bugzilla.suse.com/1224878
SUSE Bug 1224878

SUSE-SU-2022:2443-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

Ссылки

Уязвимость: CVE-2022-20154

Описание

Затронутые продукты

Ссылки