ALT-PU-2022-2069-1
Package kernel-image-centos updated to version 5.14.0.114-alt1.el9 for branch sisyphus in task 302236.
Closed vulnerabilities
Published: 2022-09-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-1729
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
Severity: HIGH (7.0)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704
- https://security.netapp.com/advisory/ntap-20230214-0006/
- https://security.netapp.com/advisory/ntap-20230214-0006/
- https://www.openwall.com/lists/oss-security/2022/05/20/2
- https://www.openwall.com/lists/oss-security/2022/05/20/2