All errata/sisyphus/ALT-PU-2022-3411-1
ALT-PU-2022-3411-1

Package update kernel-image-centos in branch sisyphus

Version5.14.0.226-alt1.el9
Task#312282
Published2022-12-23
Max severityHIGH
Severity:

Closed issues (5)

BDU:2022-07074
HIGH8.8

Уязвимость функций l2cap_connect и l2cap_le_connect_req (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код

Published: 2022-12-02Modified: 2025-08-19
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 8.3
CVSS:2.0/AV:A/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2023-00659
MEDIUM6.6

Уязвимость драйвера Broadcom Full MAC Wi-Fi (drivers/net/wireless/broadcom/brcm80211/brcmfmac) ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Published: 2023-02-10Modified: 2024-09-30
CVSS 3.xMEDIUM 6.6
CVSS:3.x/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C
References
CVE-2022-21505
MEDIUM6.7

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Published: 2024-12-24Modified: 2025-06-18
CVSS 3.xMEDIUM 6.7
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References
CVE-2022-3628
MEDIUM6.6

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.

Published: 2023-01-12Modified: 2025-04-08
CVSS 3.xMEDIUM 6.6
CVSS:3.x/CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
CVE-2022-42896
HIGH8.8

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url

Published: 2022-11-23Modified: 2024-11-21
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References