ALT-BU-2022-4173-1
Branch c9f1 update bulletin.
Package kernel-image-std-def updated to version 5.4.181-alt0.c9f for branch c9f1 in task 295948.
Closed vulnerabilities
BDU:2022-00737
Уязвимость функции cgroup_release_agent_write (kernel/cgroup/cgroup-v1.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии в системе или вызвать отказ в обслуживании
BDU:2022-02564
Уязвимость реализации сетевого протокола TIPC операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
BDU:2022-05848
Уязвимость драйвера ядра операционной системы Linux для устройств USB 2.0/3.0 Gigabit Ethernet на базе ASIX AX88179_178A, позволяющая нарушителю получить потенциально конфиденциальную информацию
Modified: 2024-11-21
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
- https://bugzilla.redhat.com/show_bug.cgi?id=2048738
- https://bugzilla.redhat.com/show_bug.cgi?id=2048738
- https://security.netapp.com/advisory/ntap-20220602-0001/
- https://security.netapp.com/advisory/ntap-20220602-0001/
- https://www.openwall.com/lists/oss-security/2022/02/10/1
- https://www.openwall.com/lists/oss-security/2022/02/10/1
Modified: 2024-11-21
CVE-2022-0492
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
- http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
- http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
- http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
- http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
- http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html
- http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2051505
- https://bugzilla.redhat.com/show_bug.cgi?id=2051505
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- https://security.netapp.com/advisory/ntap-20220419-0002/
- https://security.netapp.com/advisory/ntap-20220419-0002/
- DSA-5095
- DSA-5095
- DSA-5096
- DSA-5096
Modified: 2024-11-21
CVE-2022-2938
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848
- https://security.netapp.com/advisory/ntap-20221223-0002/
- https://security.netapp.com/advisory/ntap-20221223-0002/
Modified: 2024-11-21
CVE-2022-2964
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.