Branch sisyphus update bulletin.

Package kernel-image-centos updated to version 5.14.0.133-alt1.el9 for branch sisyphus in task 304025.

Published: 2022-04-07

BDU:2022-02112

Уязвимость реализации функции xs_xprt_free() системы удаленного вызова процедур Sun RPC (Open Network Computing Remote Procedure Call) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-28893

Published: 2022-02-14

BDU:2022-02443

Уязвимость подсистемы прямого доступа к памяти DMA (Direct memory access) ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

CVE-2022-0854

Published: 2022-06-14

BDU:2022-03532

Уязвимость общих буферов системы ввода-вывода с отображением памяти (MMIO) процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (6.1) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

References:

Published: 2022-06-14

BDU:2022-03600

Уязвимость набора средств разработки Intel Software Guard Extensions SDK, микропрограммного обеспечения Intel SGX DCAP, SGX PSW, PSW связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

CVE-2022-21166

Published: 2022-06-14

BDU:2022-05155

Уязвимость системы ввода-вывода с отображением памяти (MMIO) процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (5.6) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2022-03-23
Modified: 2024-11-21

CVE-2022-0854

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Published: 2022-06-15
Modified: 2024-11-21

CVE-2022-21123

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Published: 2022-06-15
Modified: 2024-11-21

CVE-2022-21125

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Published: 2022-06-16
Modified: 2024-11-21

CVE-2022-21166

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

Published: 2022-04-11
Modified: 2024-11-21

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Package kernel-source-lkrg updated to version 0.9.3.0.41.gitcbd4198-alt1 for branch sisyphus in task 304010.

Kernel panic for 5.15.47-alt1

Package kernel-modules-lkrg-centos updated to version 0.9.3.0.41.gitcbd4198-alt1.331264.e133.1.el9 for branch sisyphus in task 304010.

Kernel panic for 5.15.47-alt1

Package kernel-modules-lkrg-ovz-el7 updated to version 0.9.3.0.41.gitcbd4198-alt1.199168.4.1160.62.1.vz7.187.6 for branch sisyphus in task 304010.

Kernel panic for 5.15.47-alt1

Package kernel-modules-lkrg-std-def updated to version 0.9.3.0.41.gitcbd4198-alt1.331575.1 for branch sisyphus in task 304010.

Kernel panic for 5.15.47-alt1

Package kernel-modules-lkrg-un-def updated to version 0.9.3.0.41.gitcbd4198-alt1.332300.1 for branch sisyphus in task 304010.

Kernel panic for 5.15.47-alt1

Version: 2.1.0

Branch sisyphus update on 2022-07-21

ALT-BU-2022-5563-1

ALT-PU-2022-2278-1

Closed vulnerabilities

BDU:2022-02112

BDU:2022-02443

BDU:2022-03532

BDU:2022-03600

BDU:2022-05155

CVE-2022-0854

CVE-2022-21123

CVE-2022-21125

CVE-2022-21166

CVE-2022-28893

ALT-PU-2022-2279-1

Closed bugs

Bug #43005

ALT-PU-2022-2280-1

Closed bugs

Bug #43005

ALT-PU-2022-2281-1

Closed bugs

Bug #43005

ALT-PU-2022-2282-1

Closed bugs

Bug #43005

ALT-PU-2022-2283-1

Closed bugs

Bug #43005