Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:198686
[Rus]
Version
2
Class
patch
ALTXid
417386
Language
English
Severity
High
Title
SUSE-SU-2022:4585-1 -- Security update for the Linux Kernel
Description
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
Family
unix
Platform
openSUSE Leap 15.4
Product
Linux Kernel
Reference
VENDOR: SUSE-SU-2022:4585-1
VENDOR: SUSE-SU-2022:4585-1
Id:
SUSE-SU-2022:4585-1
Reference:
https://www.suse.com/support/update/announcement/2022/SUSE-SU-20224585-1/
CVE: CVE-2022-2602
CVE: CVE-2022-2602
Id:
CVE-2022-2602
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602
Comment
: io_uring UAF, Unix SCM garbage collection
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://ubuntu.com/security/notices/USN-5692-1 ()
https://ubuntu.com/security/notices/USN-5752-1 ()
https://ubuntu.com/security/notices/USN-5693-1 ()
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602 ()
https://ubuntu.com/security/notices/USN-5691-1 ()
https://ubuntu.com/security/notices/USN-5700-1 ()
http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html ()
CVE: CVE-2022-3176
CVE: CVE-2022-3176
Id:
CVE-2022-3176
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3176
Comment
: There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://kernel.dance/#fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (MISC)
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=linux-5.4.y&id=fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (MISC)
DSA-5257 (DEBIAN)
[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update (MLIST)
https://security.netapp.com/advisory/ntap-20230216-0003/ (CONFIRM)
CVE: CVE-2022-3566
CVE: CVE-2022-3566
Id:
CVE-2022-3566
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3566
Comment
: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.
CVSSv3 Score:
7.1
Attack vector:
ADJACENT_NETWORK
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 (MISC)
https://vuldb.com/?id.211089 (MISC)
CVE: CVE-2022-3567
CVE: CVE-2022-3567
Id:
CVE-2022-3567
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3567
Comment
: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.
CVSSv3 Score:
6.4
Attack vector:
ADJACENT_NETWORK
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
LOW
Integrity impact:
LOW
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://vuldb.com/?id.211090 (MISC)
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=364f997b5cfe1db0d63a390fe7c801fa2b3115f6 (MISC)
CVE: CVE-2022-3635
CVE: CVE-2022-3635
Id:
CVE-2022-3635
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3635
Comment
: A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
N/A (N/A)
N/A (N/A)
[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update (MLIST)
CVE: CVE-2022-3643
CVE: CVE-2022-3643
Id:
CVE-2022-3643
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3643
Comment
: Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.
CVSSv3 Score:
6.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
CHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CWE:
74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'))
References:
https://xenbits.xenproject.org/xsa/advisory-423.txt (MISC)
[oss-security] 20221207 Xen Security Advisory 423 v2 (CVE-2022-3643) - Guests can trigger NIC interface reset/abort/crash via netback (MLIST)
[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update (MLIST)
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html ()
CVE: CVE-2022-3707
CVE: CVE-2022-3707
Id:
CVE-2022-3707
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3707
Comment
: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
415 (Double Free)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2137979 (MISC)
[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/ ()
CVE: CVE-2022-3903
CVE: CVE-2022-3903
Id:
CVE-2022-3903
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3903
Comment
: An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.
CVSSv3 Score:
4.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
843 (Access of Resource Using Incompatible Type ('Type Confusion'))
References:
https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com/ ()
https://lore.kernel.org/all/E1obysd-009Grw-He%40www.linuxtv.org/ ()
CVE: CVE-2022-4095
CVE: CVE-2022-4095
Id:
CVE-2022-4095
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4095
Comment
: A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73 (MISC)
https://security.netapp.com/advisory/ntap-20230420-0005/ (CONFIRM)
CVE: CVE-2022-4129
CVE: CVE-2022-4129
Id:
CVE-2022-4129
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4129
Comment
: A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
667 (Improper Locking)
References:
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7X5SPXMXXFANDASPCKER2JIQO2F3UHCP/ (MISC)
https://lore.kernel.org/all/20221114191619.124659-1-jakub%40cloudflare.com/t (MISC)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AM5KFIE6JNZXHBA5A2KYDZAT3MEX2B67/ (MISC)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOKXNIM2R4FQCDRQV67UMAY6EBC72QFG/ (MISC)
https://lore.kernel.org/netdev/20221121085426.21315-1-jakub%40cloudflare.com/t (MISC)
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html (MISC)
CVE: CVE-2022-4139
CVE: CVE-2022-4139
Id:
CVE-2022-4139
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4139
Comment
: An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
401 (Improper Release of Memory Before Removing Last Reference ('Memory Leak'))
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2147572 (MISC)
https://www.openwall.com/lists/oss-security/2022/11/30/1 (MISC)
https://security.netapp.com/advisory/ntap-20230309-0004/ (CONFIRM)
CVE: CVE-2022-41850
CVE: CVE-2022-41850
Id:
CVE-2022-41850
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41850
Comment
: roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
CVSSv3 Score:
4.7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update (MLIST)
https://lore.kernel.org/all/20220904193115.GA28134%40ubuntu/t/#u ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cacdb14b1c8d3804a3a7d31773bc7569837b71a4 ()
CVE: CVE-2022-41858
CVE: CVE-2022-41858
Id:
CVE-2022-41858
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41858
Comment
: A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
CVSSv3 Score:
7.1
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 (MISC)
https://security.netapp.com/advisory/ntap-20230223-0006/ (CONFIRM)
CVE: CVE-2022-42328
CVE: CVE-2022-42328
Id:
CVE-2022-42328
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42328
Comment
: Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
667 (Improper Locking)
References:
https://xenbits.xenproject.org/xsa/advisory-424.txt (MISC)
[oss-security] 20221208 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[oss-security] 20221208 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[oss-security] 20221209 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update (MLIST)
CVE: CVE-2022-42329
CVE: CVE-2022-42329
Id:
CVE-2022-42329
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42329
Comment
: Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
667 (Improper Locking)
References:
https://xenbits.xenproject.org/xsa/advisory-424.txt (MISC)
[oss-security] 20221208 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[oss-security] 20221208 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[oss-security] 20221209 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver (MLIST)
[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update (MLIST)
CVE: CVE-2022-42895
CVE: CVE-2022-42895
Id:
CVE-2022-42895
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42895
Comment
: There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url
CVSSv3 Score:
6.5
Attack vector:
ADJACENT_NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE:
824 (Access of Uninitialized Pointer)
References:
https://kernel.dance/#b1a2cd50c0357f243b7435a732b4e62ba3157a2e (MISC)
https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e (MISC)
CVE: CVE-2022-42896
CVE: CVE-2022-42896
Id:
CVE-2022-42896
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42896
Comment
: There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
CVSSv3 Score:
8.8
Attack vector:
ADJACENT_NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://kernel.dance/#711f8c3fb3db61897080468586b970c87c61d9e4 (MISC)
https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 (MISC)
CVE: CVE-2022-4378
CVE: CVE-2022-4378
Id:
CVE-2022-4378
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4378
Comment
: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://seclists.org/oss-sec/2022/q4/178 (MISC)
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-c-strings.patch (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=2152548 (MISC)
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-avoid-integer-type-confusion-in-get_proc_long.patch (MISC)
http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html (MISC)
CVE: CVE-2022-43945
CVE: CVE-2022-43945
Id:
CVE-2022-43945
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43945
Comment
: The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSSv3 Score:
7.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE:
770 (Allocation of Resources Without Limits or Throttling)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8 (MISC)
https://security.netapp.com/advisory/ntap-20221215-0006/ (CONFIRM)
http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html (MISC)
CVE: CVE-2022-45869
CVE: CVE-2022-45869
Id:
CVE-2022-45869
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45869
Comment
: A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=47b0c2e4c220f2251fd8dcfbb44479819c715e15 (MISC)
CVE: CVE-2022-45888
CVE: CVE-2022-45888
Id:
CVE-2022-45888
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45888
Comment
: An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
CVSSv3 Score:
6.4
Attack vector:
PHYSICAL
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://security.netapp.com/advisory/ntap-20230113-0006/ (CONFIRM)
https://lore.kernel.org/all/20221022175404.GA375335%40ubuntu/ ()
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=282a4b71816b6076029017a7bab3a9dcee12a920 ()
CVE: CVE-2022-45934
CVE: CVE-2022-45934
Id:
CVE-2022-45934
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45934
Comment
: An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
190 (Integer Overflow or Wraparound)
References:
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d (MISC)
https://security.netapp.com/advisory/ntap-20230113-0008/ (CONFIRM)
DSA-5324 (DEBIAN)
[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update (MLIST)
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (MLIST)
FEDORA-2022-90162a1d88 ()
Content available only for registered users!
ovaldb@altx-soft.com