Описание
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400_22 fixes several issues.
The following security issues were fixed:
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830)
- CVE-2022-33743: Fixed a Denial of Service related to XDP (bsc#1200763).
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).
- CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that could be used by a local attacker to escalate privileges (bnc#1201171).
- CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP4
Ссылки
- Link for SUSE-SU-2022:2854-1
- E-Mail link for SUSE-SU-2022:2854-1
- SUSE Security Ratings
- SUSE Bug 1199606
- SUSE Bug 1201080
- SUSE Bug 1201222
- SUSE Bug 1201517
- SUSE Bug 1201629
- SUSE Bug 1201656
- SUSE Bug 1201657
- SUSE CVE CVE-2022-1679 page
- SUSE CVE CVE-2022-1734 page
- SUSE CVE CVE-2022-26490 page
- SUSE CVE CVE-2022-28389 page
- SUSE CVE CVE-2022-28390 page
- SUSE CVE CVE-2022-33743 page
- SUSE CVE CVE-2022-34918 page
Описание
A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Затронутые продукты
Ссылки
- CVE-2022-1679
- SUSE Bug 1199487
- SUSE Bug 1201080
- SUSE Bug 1201832
- SUSE Bug 1204132
- SUSE Bug 1212316
Описание
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
Затронутые продукты
Ссылки
- CVE-2022-1734
- SUSE Bug 1199605
- SUSE Bug 1199606
- SUSE Bug 1201832
Описание
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
Затронутые продукты
Ссылки
- CVE-2022-26490
- SUSE Bug 1196830
- SUSE Bug 1201656
- SUSE Bug 1201969
- SUSE Bug 1211495
Описание
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
Затронутые продукты
Ссылки
- CVE-2022-28389
- SUSE Bug 1198033
- SUSE Bug 1201657
Описание
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
Затронутые продукты
Ссылки
- CVE-2022-28390
- SUSE Bug 1198031
- SUSE Bug 1201517
- SUSE Bug 1207969
Описание
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
Затронутые продукты
Ссылки
- CVE-2022-33743
- SUSE Bug 1200763
- SUSE Bug 1201629
Описание
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
Затронутые продукты
Ссылки
- CVE-2022-34918
- SUSE Bug 1201171
- SUSE Bug 1201177
- SUSE Bug 1201222