Описание
Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-150300_59_90 fixes several issues.
The following security issues were fixed:
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device. (bsc#1204125)
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP3
kernel-livepatch-5_3_18-150300_59_90-default-5-150300.2.1
Ссылки
- Link for SUSE-SU-2022:4034-1
- E-Mail link for SUSE-SU-2022:4034-1
- SUSE Security Ratings
- SUSE Bug 1203613
- SUSE Bug 1204170
- SUSE Bug 1204289
- SUSE CVE CVE-2022-2588 page
- SUSE CVE CVE-2022-42703 page
- SUSE CVE CVE-2022-42722 page
Описание
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-5-150300.2.1
Ссылки
- CVE-2022-2588
- SUSE Bug 1202096
- SUSE Bug 1203613
- SUSE Bug 1204183
- SUSE Bug 1209225
Описание
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-5-150300.2.1
Ссылки
- CVE-2022-42703
- SUSE Bug 1204168
- SUSE Bug 1204170
- SUSE Bug 1206463
- SUSE Bug 1208044
- SUSE Bug 1209225
Описание
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-5-150300.2.1
Ссылки
- CVE-2022-42722
- SUSE Bug 1204125
- SUSE Bug 1204289
- SUSE Bug 1209225