ALT-PU-2022-2679-1

Package update kernel-image-centos in branch sisyphus

Version5.14.0.168-alt1.el9

Published2022-09-27

Max severityHIGH

Severity:

Closed issues (4)

HIGH7.0

Уязвимость реализации функции ip_check_mc_rcu() компонента Inet Sockets ядра операционных систем Android, позволяющая нарушителю повысить свои привилегии

Published: 2022-08-04Modified: 2024-06-19

CVSS 3.xHIGH 7.0

CVSS:3.x/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:L/AC:H/Au:S/C:C/I:C/A:C

References

CVE-2022-20141

MEDIUM5.5

Уязвимость ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2022-12-22Modified: 2023-12-26

CVSS 3.xMEDIUM 5.5

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:C

References

CVE-2022-3077

HIGH7.0

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel

Published: 2022-06-15Modified: 2024-11-21

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

MEDIUM5.5

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.

Published: 2022-09-09Modified: 2025-06-27

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References