Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:187413
[Rus]
Version
1
Class
patch
ALTXid
403965
Language
English
Severity
High
Title
USN-5582-1 -- Linux kernel (Azure CVM) vulnerabilities
Description
Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918)
Family
unix
Platform
Linux Mint 20.x
Ubuntu 20.04
Product
linux-azure-fde
Reference
VENDOR: USN-5582-1
VENDOR: USN-5582-1
Id:
USN-5582-1
Reference:
https://ubuntu.com/security/notices/USN-5582-1
CVE: CVE-2022-34918
CVE: CVE-2022-34918
Id:
CVE-2022-34918
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34918
Comment
: An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
843 (Access of Resource Using Incompatible Type ('Type Confusion'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6 (MISC)
https://www.openwall.com/lists/oss-security/2022/07/02/3 (MISC)
[oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init (MLIST)
https://www.randorisec.fr/crack-linux-firewall/ (MISC)
DSA-5191 (DEBIAN)
[oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init (MLIST)
https://security.netapp.com/advisory/ntap-20220826-0004/ (CONFIRM)
http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html (MISC)
http://packetstormsecurity.com/files/168543/Netfilter-nft_set_elem_init-Heap-Overflow-Privilege-Escalation.html (MISC)
https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452%40randorisec.fr/T/#u ()
CVE: CVE-2022-2588
CVE: CVE-2022-2588
Id:
CVE-2022-2588
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588
Comment
: It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
415 (Double Free)
References:
https://ubuntu.com/security/notices/USN-5565-1 ()
https://ubuntu.com/security/notices/USN-5562-1 ()
https://www.openwall.com/lists/oss-security/2022/08/09/6 ()
https://ubuntu.com/security/notices/USN-5582-1 ()
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588 ()
https://ubuntu.com/security/notices/USN-5564-1 ()
https://ubuntu.com/security/notices/USN-5566-1 ()
https://www.zerodayinitiative.com/advisories/ZDI-22-1117/ ()
https://ubuntu.com/security/notices/USN-5588-1 ()
https://ubuntu.com/security/notices/USN-5560-1 ()
https://github.com/Markakd/CVE-2022-2588 ()
https://ubuntu.com/security/notices/USN-5567-1 ()
https://ubuntu.com/security/notices/USN-5560-2 ()
https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u ()
https://ubuntu.com/security/notices/USN-5557-1 ()
CVE: CVE-2022-2586
CVE: CVE-2022-2586
Id:
CVE-2022-2586
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586
Comment
: It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://ubuntu.com/security/notices/USN-5564-1 ()
https://ubuntu.com/security/notices/USN-5560-2 ()
https://ubuntu.com/security/notices/USN-5582-1 ()
https://ubuntu.com/security/notices/USN-5567-1 ()
https://ubuntu.com/security/notices/USN-5560-1 ()
https://ubuntu.com/security/notices/USN-5566-1 ()
https://www.openwall.com/lists/oss-security/2022/08/09/5 ()
https://ubuntu.com/security/notices/USN-5565-1 ()
https://www.zerodayinitiative.com/advisories/ZDI-22-1118/ ()
https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t ()
https://ubuntu.com/security/notices/USN-5562-1 ()
https://ubuntu.com/security/notices/USN-5557-1 ()
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 ()
CVE: CVE-2022-0494
CVE: CVE-2022-0494
Id:
CVE-2022-0494
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0494
Comment
: A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:N/A:N
CVSSv3 Score:
4.4
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE:
908 ()
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2039448 (MISC)
DSA-5161 (DEBIAN)
[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update (MLIST)
DSA-5173 (DEBIAN)
https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/ ()
CVE: CVE-2022-1048
CVE: CVE-2022-1048
Id:
CVE-2022-1048
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1048
Comment
: A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSSv2 Score:
6.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2066706 (MISC)
DSA-5127 (DEBIAN)
https://security.netapp.com/advisory/ntap-20220629-0001/ (CONFIRM)
DSA-5173 (DEBIAN)
https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3 ()
CVE: CVE-2022-1652
CVE: CVE-2022-1652
Id:
CVE-2022-1652
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1652
Comment
: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://francozappa.github.io/about-bias/ (MISC)
https://kb.cert.org/vuls/id/647177/ (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=1832397 (MISC)
DSA-5173 (DEBIAN)
https://security.netapp.com/advisory/ntap-20220722-0002/ (CONFIRM)
CVE: CVE-2022-1679
CVE: CVE-2022-1679
Id:
CVE-2022-1679
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1679
Comment
: A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://security.netapp.com/advisory/ntap-20220629-0007/ (CONFIRM)
[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update (MLIST)
[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update (MLIST)
https://lore.kernel.org/lkml/87ilqc7jv9.fsf%40kernel.org/t/ ()
CVE: CVE-2022-1734
CVE: CVE-2022-1734
Id:
CVE-2022-1734
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1734
Comment
: A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
CVSSv2 Score:
4.4
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098 (MISC)
[oss-security] 20220605 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module (MLIST)
[oss-security] 20220609 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module (MLIST)
[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update (MLIST)
DSA-5173 (DEBIAN)
https://security.netapp.com/advisory/ntap-20220707-0007/ (CONFIRM)
CVE: CVE-2022-1974
CVE: CVE-2022-1974
Id:
CVE-2022-1974
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1974
Comment
: A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
CVSSv3 Score:
4.1
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE:
367 (Time-of-check Time-of-use (TOCTOU) Race Condition)
References:
https://github.com/torvalds/linux/commit/da5c0f119203ad9728920456a0f52a6d850c01cd (MISC)
CVE: CVE-2022-1975
CVE: CVE-2022-1975
Id:
CVE-2022-1975
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1975
Comment
: There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
https://github.com/torvalds/linux/commit/4071bf121d59944d5cd2238de0642f3d7995a997 (MISC)
CVE: CVE-2022-28893
CVE: CVE-2022-28893
Id:
CVE-2022-28893
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28893
Comment
: The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3b1bba7c7a5eb8a11513cf88427cb9d77bc60a (MISC)
[oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem (MLIST)
[oss-security] 20220411 CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem (MLIST)
[oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem (MLIST)
https://security.netapp.com/advisory/ntap-20220526-0002/ (CONFIRM)
DSA-5161 (DEBIAN)
Content available only for registered users!
ovaldb@altx-soft.com