ALT-BU-2022-5518-1
Branch sisyphus update bulletin.
Package kernel-image-rt updated to version 5.10.131-alt1.rt72 for branch sisyphus in task 303830.
Closed vulnerabilities
BDU:2022-04733
Уязвимость функция nft_set_elem_init файла net/netfilter/nf_tables_api.c компонента User Namespace Handler ядра операционной системы Linux, позволяющая нарушителю получить root доступ
BDU:2022-05829
Уязвимость ioctl cmd PIO_FONT ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями
Modified: 2025-04-02
CVE-2021-33656
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
- [oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(<5.10.127)
- [oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(<5.10.127)
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656&packageName=kernel
- https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656&packageName=kernel
Modified: 2024-11-21
CVE-2022-34918
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html
- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html
- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html
- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html
- [oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452%40randorisec.fr/T/#u
- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452%40randorisec.fr/T/#u
- https://security.netapp.com/advisory/ntap-20220826-0004/
- https://security.netapp.com/advisory/ntap-20220826-0004/
- DSA-5191
- DSA-5191
- https://www.openwall.com/lists/oss-security/2022/07/02/3
- https://www.openwall.com/lists/oss-security/2022/07/02/3
- https://www.randorisec.fr/crack-linux-firewall/
- https://www.randorisec.fr/crack-linux-firewall/
Modified: 2024-11-21
CVE-2022-3577
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.
- https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git/commit/?h=char-misc-next&id=9d64d2405f7d30d49818f6682acd0392348f0fdb
- https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git/commit/?h=char-misc-next&id=9d64d2405f7d30d49818f6682acd0392348f0fdb
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=945a9a8e448b65bec055d37eba58f711b39f66f0
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=945a9a8e448b65bec055d37eba58f711b39f66f0
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc4ef9d5724973193bfa5ebed181dba6de3a56db
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc4ef9d5724973193bfa5ebed181dba6de3a56db
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-36148
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c.
Package powershell updated to version 7.2.5-alt1 for branch sisyphus in task 303853.
Closed vulnerabilities
BDU:2022-03282
Уязвимость интерпретатора команд PowerShell, связанная с недостатками разграничения доступа, позволяющая нарушителю выполнить произвольный код
BDU:2022-05512
Уязвимость средства разработки программного обеспечения Microsoft Visual Studio и программной платформы Microsoft.NET Framework, связанная c некорректной зачисткой или освобождением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-01-02
CVE-2022-23267
.NET and Visual Studio Denial of Service Vulnerability
Modified: 2024-11-21
CVE-2022-26788
PowerShell Elevation of Privilege Vulnerability
Package python3-module-bottle updated to version 0.12.21-alt1 for branch sisyphus in task 303867.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-31799
Bottle before 0.12.20 mishandles errors during early request binding.
- https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c
- https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c
- https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00
- https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00
- https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20
- https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20
- [debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update
- [debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update
- FEDORA-2022-c1e107f37f
- FEDORA-2022-c1e107f37f
- FEDORA-2022-cc9a173168
- FEDORA-2022-cc9a173168
- DSA-5159
- DSA-5159
Package kernel-image-std-kvm updated to version 5.10.130-alt1 for branch sisyphus in task 303882.
Closed vulnerabilities
BDU:2022-04733
Уязвимость функция nft_set_elem_init файла net/netfilter/nf_tables_api.c компонента User Namespace Handler ядра операционной системы Linux, позволяющая нарушителю получить root доступ
Modified: 2024-11-21
CVE-2022-34918
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html
- http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html
- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html
- http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html
- [oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- [oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452%40randorisec.fr/T/#u
- https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452%40randorisec.fr/T/#u
- https://security.netapp.com/advisory/ntap-20220826-0004/
- https://security.netapp.com/advisory/ntap-20220826-0004/
- DSA-5191
- DSA-5191
- https://www.openwall.com/lists/oss-security/2022/07/02/3
- https://www.openwall.com/lists/oss-security/2022/07/02/3
- https://www.randorisec.fr/crack-linux-firewall/
- https://www.randorisec.fr/crack-linux-firewall/