Package kernel-image-un-def updated to version 4.19.229-alt0.M80P.1 for branch p8 in task 295225.

Published: 2022-01-20

BDU:2022-00737

Уязвимость функции cgroup_release_agent_write (kernel/cgroup/cgroup-v1.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии в системе или вызвать отказ в обслуживании

Severity: HIGH (7.8) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2022-0492

Published: 2022-02-10

BDU:2022-02564

Уязвимость реализации сетевого протокола TIPC операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2022-0435

Published: 2022-03-25
Modified: 2024-11-21

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2022-03-03
Modified: 2024-11-21

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.0

Package kernel-image-un-def update in p8 on 2022-02-16

ALT-PU-2022-1306-1

Closed vulnerabilities

BDU:2022-00737

BDU:2022-02564

CVE-2022-0435

CVE-2022-0492