ALT Linux Team

Branch sisyphus update on 2022-05-31

2022-05-31

ALT-BU-2022-5096-1

Branch sisyphus update bulletin.

ALT-PU-2022-1960-1

Package repraptor updated to version 0.3.8-alt2 for branch sisyphus in task 300897.

Closed bugs

Bug #42871

Невозможно запустить RepRaptor через меню приложений.

ALT-PU-2022-1968-1

Package qt5-base updated to version 5.15.2-alt15 for branch sisyphus in task 300911.

Closed bugs

Bug #42524

Ошибка при обработке события от тачскрина при закрытии меню

ALT-PU-2022-1971-1

Package kernel-image-mp updated to version 5.17.12-alt1 for branch sisyphus in task 300953.

Closed vulnerabilities

Published: 2022-05-18

BDU:2022-03921

Уязвимость ядра операционной системы Linux, связанная с недостаточной энтропией, позволяющая нарушителю идентифицировать клиентов

Severity: MEDIUM (5.3) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2022-06-02

BDU:2022-04244

Уязвимость функции bad_flp_intr ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-06-02
Modified: 2024-11-21

CVE-2022-1652

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-06-06
Modified: 2024-11-21

CVE-2022-32296

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top