14 lines
1.7 KiB
JSON
14 lines
1.7 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-1927",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1927",
|
|
"title": "An update for kernel is now available for openEuler-22.03-LTS",
|
|
"severity": "High",
|
|
"description": "The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nAn issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur.(CVE-2022-39842)\n\nAn issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.(CVE-2022-39190)\n\nAn issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.(CVE-2022-39189)\n\nFound Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn t check the value of pixclock , so it may cause a divide by zero error.(CVE-2022-3061)\n\nAn issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.(CVE-2022-2663)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-2663",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2663",
|
|
"severity": "Medium"
|
|
}
|
|
]
|
|
} |