jiachao2130/csaf2cusa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0b84f3c661
csaf2cusa/cusas/k/kernel/kernel-5.10.0-60.54.0.82_openEuler-SA-2022-1893.json
Jia Chao 0b84f3c661 增加测试用的配置和目录 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-02 15:51:55 +08:00

14 lines
3.0 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"id": "openEuler-SA-2022-1893",
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1893",
"title": "An update for kernel is now available for openEuler-22.03-LTS",
"severity": "Important",
"description": "\r\n\r\nSecurity Fix(es):\r\n\r\nAn out-of-bounds read flaw was found in the Linux kernels TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.(CVE-2022-1462)\r\n\r\nDm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5(CVE-2022-2503)\r\n\r\nA race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.(CVE-2022-2959)\r\n\r\nA flaw was found in the kernels implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.\r\n\r\nReferences:\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d8e7007dc7c4d7c8366739bbcd3f5e51dcd470f(CVE-2022-2977)\r\n\r\nThe linux kernels driver for the \"ASIX AX88179_178A based USB 2.0/3.0 Gigabit Ethernet Devices\" contains multiple out-of-bounds reads and possible writes in the ax88179_rx_fixup() function. \r\n\r\n\nReferences:\r\n\r\nhttps://www.spinics.net/lists/stable/msg536418.html\r\n\r\nUpstream commit:\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581(CVE-2022-2964)\r\n\r\nA race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.(CVE-2022-3028)",
"cves": [
{
"id": "CVE-2022-3028",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3028",
"severity": "Moderate"
}
]
}
Reference in New Issue View Git Blame Copy Permalink