2022-09-09
ALT-BU-2022-6100-1
Branch p8 update bulletin.
Package kernel-image-un-def updated to version 4.19.257-alt0.M80P.1 for branch p8 in task 306331.
Closed vulnerabilities
Published: 2022-08-05
BDU:2022-07365
Уязвимость подсистемы XFRM ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или оказать другое воздействие на систему
Severity: HIGH (7.0)
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-3028
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
Severity: HIGH (7.0)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5
- https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- [debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update
- [debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update
- [debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update
- FEDORA-2022-6835ddb6d8
- FEDORA-2022-6835ddb6d8
- FEDORA-2022-35c14ba5bb
- FEDORA-2022-35c14ba5bb
- FEDORA-2022-ccb0138bb6
- FEDORA-2022-ccb0138bb6
- https://lore.kernel.org/all/YtoWqEkKzvimzWS5%40gondor.apana.org.au/T/
- https://lore.kernel.org/all/YtoWqEkKzvimzWS5%40gondor.apana.org.au/T/
- https://security.netapp.com/advisory/ntap-20230214-0004/
- https://security.netapp.com/advisory/ntap-20230214-0004/