An update for kernel is now available for openEuler-22.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1910 Final 1.0 1.0 2022-09-09 Initial 2022-09-09 2022-09-09 openEuler SA Tool V1.0 2022-09-09 kernel security update An update for kernel is now available for openEuler-22.03-LTS. The Linux Kernel, the operating system core itself. Security Fix(es): A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.(CVE-2022-2938) A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.(CVE-2022-2586) An update for kernel is now available for openEuler-22.03-LTS. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High kernel https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1910 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-2938 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-2586 https://nvd.nist.gov/vuln/detail/CVE-2022-2938 https://nvd.nist.gov/vuln/detail/CVE-2022-2586 openEuler-22.03-LTS kernel-devel-5.10.0-60.54.0.82.oe2203.aarch64.rpm bpftool-5.10.0-60.54.0.82.oe2203.aarch64.rpm python3-perf-5.10.0-60.54.0.82.oe2203.aarch64.rpm perf-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-headers-5.10.0-60.54.0.82.oe2203.aarch64.rpm python3-perf-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-tools-devel-5.10.0-60.54.0.82.oe2203.aarch64.rpm perf-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-debugsource-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-tools-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-source-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-tools-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm bpftool-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm kernel-5.10.0-60.54.0.82.oe2203.src.rpm python3-perf-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-debugsource-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-tools-5.10.0-60.54.0.82.oe2203.x86_64.rpm python3-perf-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-source-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-tools-devel-5.10.0-60.54.0.82.oe2203.x86_64.rpm bpftool-5.10.0-60.54.0.82.oe2203.x86_64.rpm perf-5.10.0-60.54.0.82.oe2203.x86_64.rpm bpftool-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-devel-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-tools-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm kernel-headers-5.10.0-60.54.0.82.oe2203.x86_64.rpm perf-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm A flaw was found in the Linux kernel s implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. 2022-09-09 CVE-2022-2938 openEuler-22.03-LTS High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2022-09-09 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1910 A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. 2022-09-09 CVE-2022-2586 openEuler-22.03-LTS Medium 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H kernel security update 2022-09-09 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1910