ALT-PU-2022-2148-1
Package kernel-image-mp updated to version 5.18.8-alt1 for branch sisyphus in task 302808.
Closed vulnerabilities
Published: 2022-12-23
BDU:2022-07480
Уязвимость функции smb2_write (fs/ksmbd/smb2pdu.c) модуля ksmbd ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Severity: HIGH (8.1)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
Published: 2022-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-1976
A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege escalation.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-12-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-47940
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.
Severity: HIGH (8.1)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
- http://www.openwall.com/lists/oss-security/2022/12/23/10
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://github.com/torvalds/linux/commit/158a66b245739e15858de42c0ba60fcf3de9b8e6
- http://www.openwall.com/lists/oss-security/2022/12/23/10
- https://github.com/torvalds/linux/commit/158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18