ALT-BU-2022-4252-1
Branch p10 update bulletin.
Package kernel-image-rt updated to version 5.10.104-alt1.rt63 for branch p10 in task 296497.
Closed vulnerabilities
BDU:2022-01166
Уязвимость функций copy_page_to_iter_pipe и push_pipe ядра операционной системы Linux, позволяющая нарушителю перезаписать содержимое страничного кэша произвольных файлов
BDU:2022-02968
Уязвимость функции rtrs_clt_dev_release (drivers/infiniband/ulp/rtrs/rtrs-clt.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-05848
Уязвимость драйвера ядра операционной системы Linux для устройств USB 2.0/3.0 Gigabit Ethernet на базе ASIX AX88179_178A, позволяющая нарушителю получить потенциально конфиденциальную информацию
Modified: 2025-04-08
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
- http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html
- http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2060795
- https://bugzilla.redhat.com/show_bug.cgi?id=2060795
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
- https://dirtypipe.cm4all.com/
- https://dirtypipe.cm4all.com/
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015
- https://security.netapp.com/advisory/ntap-20220325-0005/
- https://security.netapp.com/advisory/ntap-20220325-0005/
- https://www.suse.com/support/kb/doc/?id=000020603
- https://www.suse.com/support/kb/doc/?id=000020603
Modified: 2024-11-21
CVE-2022-29156
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12
- https://github.com/torvalds/linux/commit/8700af2cc18c919b2a83e74e0479038fd113c15d
- https://github.com/torvalds/linux/commit/8700af2cc18c919b2a83e74e0479038fd113c15d
- https://security.netapp.com/advisory/ntap-20220602-0002/
- https://security.netapp.com/advisory/ntap-20220602-0002/
Modified: 2024-11-21
CVE-2022-2964
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
Closed bugs
add 41_custom
/etc/grub.d/30_uefi-firmware does not work with zero
EFI variables are not supported on this system
Package firefox-esr updated to version 91.6.1-alt1 for branch p10 in task 296362.
Closed vulnerabilities
BDU:2022-01146
Уязвимость параметра XSLT браузеров Mozilla Firefox и Focus, позволяющая нарушителю выполнить произвольный код
BDU:2022-01147
Уязвимость программного интерфейса обработки 3D-графики и вычислений WebGPU браузеров Mozilla Firefox и Focus, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-06
CVE-2022-26485
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Modified: 2025-03-22
CVE-2022-26486
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.