Main Vulnerability Database SB2022022606

SB2022022606 - openEuler update for kernel

Published: February 26, 2022 Updated: December 13, 2024

Security Bulletin ID SB2022022606

Severity

High

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-0492)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logic error within the cgroup_release_agent_write() function in kernel/cgroup/cgroup-v1.c. A local user can use the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation.

2) Missing initialization of resource (CVE-ID: CVE-2022-24448)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to missing initialization of resource within the fs/nfs/dir.c in the Linux kernel. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.

3) Stack-based buffer overflow (CVE-ID: CVE-2022-0435)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the Linux kernel networking module for the Transparent Inter-Process Communication (TIPC) protocol. A remote unauthenticated attacker can send specially crafted traffic to the system, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that the TIPC bearer is set up.

4) Memory leak (CVE-ID: CVE-2022-24959)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the yam_siocdevprivate() function in drivers/net/hamradio/yam.c. A local user can perform a denial of service attack.

5) Release of invalid pointer or reference (CVE-ID: CVE-2022-24958)

The vulnerability allows remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to release of illegal memory vulnerability in the drivers/usb/gadget/legacy/inode.c. A remote attacker can send specially crafted data and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1539

Vulnerable Software

openEuler: 20.03 LTS SP1 - 20.03 LTS SP3
bpftool-debuginfo: before 4.19.90-2202.3.0.0138
kernel-tools-devel: before 4.19.90-2202.3.0.0138
kernel-devel: before 4.19.90-2202.3.0.0138
python3-perf: before 4.19.90-2202.3.0.0138
bpftool: before 4.19.90-2202.3.0.0138
kernel-debuginfo: before 4.19.90-2202.3.0.0138
python3-perf-debuginfo: before 4.19.90-2202.3.0.0138
perf: before 4.19.90-2202.3.0.0138
perf-debuginfo: before 4.19.90-2202.3.0.0138
kernel-source: before 4.19.90-2202.3.0.0138
python2-perf-debuginfo: before 4.19.90-2202.3.0.0138
python2-perf: before 4.19.90-2202.3.0.0138
kernel-tools: before 4.19.90-2202.3.0.0138
kernel-debugsource: before 4.19.90-2202.3.0.0138
kernel-tools-debuginfo: before 4.19.90-2202.3.0.0138
kernel: before 4.19.90-2202.3.0.0138

SB2022022606 - openEuler update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human