Описание
Security update for the Linux Kernel (Live Patch 30 for SLE 15)
This update for the Linux Kernel 4.12.14-150000_150_92 fixes several issues.
The following security issues were fixed:
-
CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could have led to a use-after-free (bnc#1201429).
-
CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
-
CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).
-
CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
-
CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
-
Fixed incorrect handling of empty arguments array in execve() (bsc#1200571).
Список пакетов
SUSE Linux Enterprise Live Patching 15
Ссылки
- Link for SUSE-SU-2022:4129-1
- E-Mail link for SUSE-SU-2022:4129-1
- SUSE Security Ratings
- SUSE Bug 1201742
- SUSE Bug 1201752
- SUSE Bug 1202087
- SUSE Bug 1203613
- SUSE Bug 1204170
- SUSE Bug 1204381
- SUSE CVE CVE-2020-36557 page
- SUSE CVE CVE-2020-36558 page
- SUSE CVE CVE-2021-33655 page
- SUSE CVE CVE-2022-2588 page
- SUSE CVE CVE-2022-42703 page
Описание
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
Затронутые продукты
Ссылки
- CVE-2020-36557
- SUSE Bug 1201429
- SUSE Bug 1201742
- SUSE Bug 1202874
- SUSE Bug 1205313
Описание
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
Затронутые продукты
Ссылки
- CVE-2020-36558
- SUSE Bug 1200910
- SUSE Bug 1201752
- SUSE Bug 1205313
Описание
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
Затронутые продукты
Ссылки
- CVE-2021-33655
- SUSE Bug 1201635
- SUSE Bug 1202087
- SUSE Bug 1205313
- SUSE Bug 1212291
Описание
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Затронутые продукты
Ссылки
- CVE-2022-2588
- SUSE Bug 1202096
- SUSE Bug 1203613
- SUSE Bug 1204183
- SUSE Bug 1209225
Описание
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
Затронутые продукты
Ссылки
- CVE-2022-42703
- SUSE Bug 1204168
- SUSE Bug 1204170
- SUSE Bug 1206463
- SUSE Bug 1208044
- SUSE Bug 1209225