ALT-PU-2023-1025-1

Package update kernel-image-std-def in branch p8

Version4.9.337-alt0.M80P.1

Published2023-01-10

Max severityHIGH

Severity:

Closed issues (4)

HIGH7.8

Уязвимость функции l2cap_config_req (net/bluetooth/l2cap_core.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код

Published: 2022-12-12Modified: 2025-08-19

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2022-45934

HIGH7.0

Уязвимость функций gru_set_context_option(), gru_fault() и gru_handle_user_call_os() драйвера SGI GRU ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Published: 2023-01-25Modified: 2024-09-30

CVSS 3.xHIGH 7.0

CVSS:3.x/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:L/AC:H/Au:S/C:C/I:C/A:C

References

CVE-2022-3424

HIGH7.8

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Published: 2023-03-06Modified: 2025-03-06

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

HIGH7.8

An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

Published: 2022-11-27Modified: 2025-04-29

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References