SUSE-SU-2022:3080-1

Опубликовано: 05 сент. 2022

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-150300_59_90 fixes one issue.

The following security issue was fixed:

CVE-2022-1116: Fixed integer overflow or wraparound vulnerability in io_uring, where a local attacker could have caused memory corruption and escalate privileges to root (bsc#1199648).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3

kernel-livepatch-5_3_18-150300_59_90-default-2-150300.2.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223080-1/
Link for SUSE-SU-2022:3080-1
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012082.html
E-Mail link for SUSE-SU-2022:3080-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1199648
SUSE Bug 1199648
https://www.suse.com/security/cve/CVE-2022-1116/
SUSE CVE CVE-2022-1116 page

Описание

Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-2-150300.2.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-1116.html
CVE-2022-1116
https://bugzilla.suse.com/1199647
SUSE Bug 1199647
https://bugzilla.suse.com/1199648
SUSE Bug 1199648
https://bugzilla.suse.com/1209225
SUSE Bug 1209225

SUSE-SU-2022:3080-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3

Ссылки

Уязвимость: CVE-2022-1116

Описание

Затронутые продукты

Ссылки