ALT-BU-2022-7076-1
Branch p10 update bulletin.
Package kernel-image-un-def updated to version 5.15.78-alt1 for branch p10 in task 309824.
Closed vulnerabilities
BDU:2022-07074
Уязвимость функций l2cap_connect и l2cap_le_connect_req (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2022-42896
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
Package firmware-intel-ucode updated to version 18-alt1.20220510 for branch p10 in task 309799.
Closed vulnerabilities
BDU:2020-05481
Уязвимость драйвера для процессоров Intel(R) ядра операционной системы Linux, связанная с недостатками контроля доступа, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2020-05482
Уязвимость интерфейса RAPL процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2021-05803
Уязвимость микропрограммного обеспечения BIOS/UEFI процессоров Intel, позволяющая нарушителю повысить свои привилегии и получить несанкционированный доступ к защищаемой информации
BDU:2022-03898
Уязвимость микропрограммного обеспечения процессоров Intel, связанная с неверным управлением генерацией кода, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2022-05683
Уязвимость микрокода процессоров Intel Microcode, связанная с недостаточным использованием потоков, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-05690
Уязвимость микрокода процессоров Intel Intel Microcode, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
BDU:2022-05788
Уязвимость микрокода процессоров Intel Microcode, связанная с ошибками инициализации памяти, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-21
CVE-2020-8694
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389
Modified: 2024-11-21
CVE-2020-8695
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- [debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update
- [debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update
- FEDORA-2020-2c8824c6b1
- FEDORA-2020-2c8824c6b1
- FEDORA-2020-1afbe7ba2d
- FEDORA-2020-1afbe7ba2d
- FEDORA-2020-14fda1bf85
- FEDORA-2020-14fda1bf85
- FEDORA-2020-d5941ea479
- FEDORA-2020-d5941ea479
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389
Modified: 2025-05-05
CVE-2021-0127
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.
Modified: 2025-05-05
CVE-2021-0145
Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Modified: 2024-11-21
CVE-2021-0146
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Modified: 2025-05-05
CVE-2021-33120
Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.
Modified: 2025-05-05
CVE-2022-21151
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- https://security.netapp.com/advisory/ntap-20220826-0003/
- https://security.netapp.com/advisory/ntap-20220826-0003/
- DSA-5178
- DSA-5178
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html
Closed bugs
Package kernel-image-std-def updated to version 5.10.154-alt1 for branch p10 in task 309825.
Closed vulnerabilities
BDU:2022-06550
Уязвимость функции l2cap_conn_del() (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код
BDU:2022-07074
Уязвимость функций l2cap_connect и l2cap_le_connect_req (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2022-3640
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979
- [debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update
- [debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update
- [debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update
- [debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update
- FEDORA-2022-65a0a3504a
- FEDORA-2022-65a0a3504a
- FEDORA-2022-64ab9153c0
- FEDORA-2022-64ab9153c0
- FEDORA-2022-7aadaadebc
- FEDORA-2022-7aadaadebc
- https://vuldb.com/?id.211944
- https://vuldb.com/?id.211944
Modified: 2024-11-21
CVE-2022-42896
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url