ALT-PU-2022-1904-1
Package kernel-image-std-def updated to version 5.10.117-alt1 for branch p10 in task 300168.
Closed vulnerabilities
Published: 2022-04-07
BDU:2022-02112
Уязвимость реализации функции xs_xprt_free() системы удаленного вызова процедур Sun RPC (Open Network Computing Remote Procedure Call) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-04-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20220411 CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- [oss-security] 20220411 CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- [oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- [oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- [oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- [oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3b1bba7c7a5eb8a11513cf88427cb9d77bc60a
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3b1bba7c7a5eb8a11513cf88427cb9d77bc60a
- https://security.netapp.com/advisory/ntap-20220526-0002/
- https://security.netapp.com/advisory/ntap-20220526-0002/
- DSA-5161
- DSA-5161