An update for kernel is now available for openEuler-20.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1837 Final 1.0 1.0 2022-08-16 Initial 2022-08-16 2022-08-16 openEuler SA Tool V1.0 2022-08-16 kernel security update An update for kernel is now available for openEuler-20.03-LTS-SP1. The Linux Kernel, the operating system core itself. Security Fix(es): n ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel.(CVE-2022-20141) An update for kernel is now available for openEuler-20.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High kernel https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1837 https://openeuler.org/en/security/cve/detail.html?id=CVE-2022-20141 https://nvd.nist.gov/vuln/detail/CVE-2022-20141 openEuler-20.03-LTS-SP1 kernel-devel-4.19.90-2107.4.0.0097.oe1.aarch64.rpm perf-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-debugsource-4.19.90-2107.4.0.0097.oe1.aarch64.rpm python2-perf-4.19.90-2107.4.0.0097.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm bpftool-4.19.90-2107.4.0.0097.oe1.aarch64.rpm python3-perf-4.19.90-2107.4.0.0097.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-source-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-tools-4.19.90-2107.4.0.0097.oe1.aarch64.rpm perf-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2107.4.0.0097.oe1.aarch64.rpm kernel-4.19.90-2107.4.0.0097.oe1.src.rpm perf-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm python3-perf-4.19.90-2107.4.0.0097.oe1.x86_64.rpm python2-perf-4.19.90-2107.4.0.0097.oe1.x86_64.rpm bpftool-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-devel-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-source-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-4.19.90-2107.4.0.0097.oe1.x86_64.rpm perf-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-debugsource-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2107.4.0.0097.oe1.x86_64.rpm kernel-tools-4.19.90-2107.4.0.0097.oe1.x86_64.rpm In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel 2022-08-16 CVE-2022-20141 openEuler-20.03-LTS-SP1 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2022-08-16 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1837