14 lines
1.7 KiB
JSON
14 lines
1.7 KiB
JSON
{
|
||
"id": "openEuler-SA-2023-1228",
|
||
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1228",
|
||
"title": "An update for kernel is now available for openEuler-22.03-LTS",
|
||
"severity": "High",
|
||
"description": "The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nA use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea(CVE-2023-1611)\r\n\r\nA flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.(CVE-2023-1670)\r\n\r\nA use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.(CVE-2023-1859)\n\nA race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.(CVE-2023-1582)\n\nA double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.(CVE-2022-4744)",
|
||
"cves": [
|
||
{
|
||
"id": "CVE-2022-4744",
|
||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4744",
|
||
"severity": "Medium"
|
||
}
|
||
]
|
||
} |