Уязвимость компонента ethtool ядра операционной системы Linux, позволяющая нарушителю повысить привилегии в системе

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be performed, which might end up in unwanted or undefined behaviours[1]. Do not allow ethtool operations after a net device starts its unregistration. This patch targets the netlink part as the ioctl one isn't affected: the reference to the net device is taken and the operation is executed within an rtnl lock section and the net device won't be found after unregister. [1] For example adding Tx queues after unregister ends up in NULL pointer exceptions and UaFs, such as: BUG: KASAN: use-after-free in kobject_get+0x14/0x90 Read of size 1 at addr ffff88801961248c by task ethtool/755 CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.1...

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be performed, which might end up in unwanted or undefined behaviours[1]. Do not allow ethtool operations after a net device starts its unregistration. This patch targets the netlink part as the ioctl one isn't affected: the reference to the net device is taken and the operation is executed within an rtnl lock section and the net device won't be found after unregister. [1] For example adding Tx queues after unregister ends up in NULL pointer exceptions and UaFs, such as: BUG: KASAN: use-after-free in kobject_get+0x14/0x90 Read of size 1 at addr ffff88801961248c by task ethtool/755 CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.1...

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be performed, which might end up in unwanted or undefined behaviours[1]. Do not allow ethtool operations after a net device starts its unregistration. This patch targets the netlink part as the ioctl one isn't affected: the reference to the net device is taken and the operation is executed within an rtnl lock section and the net device won't be found after unregister. [1] For example adding Tx queues after unregister ends up in NULL pointer exceptions and UaFs, such as: BUG: KASAN: use-after-free in kobject_get+0x14/0x90 Read of size 1 at addr ffff88801961248c by task ethtool/755 CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778 Hardware name: QEMU Standard PC

In the Linux kernel, the following vulnerability has been resolved: e ...

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 18 for SLE 15 SP5)

Множественные уязвимости kernel-lt

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)