openEuler update for kernel



Published: 2022-06-10
Risk Low
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-1204
CVE-2022-30594
CVE-2022-1836
CVE-2022-1789
CVE-2021-33135
CVE-2022-1729
CVE-2022-33981
CWE-ID CWE-416
CWE-276
CWE-476
CWE-400
CWE-362
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		openEuler
Operating systems & Components / Operating system

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

python2-perf-debuginfo
Operating systems & Components / Operating system package or component

python2-perf
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU63791

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1204

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel’s Amateur Radio AX.25 protocol functionality when user connects with the protocol. A local user can trigger use-after-free error to perform a denial of service attack or escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incorrect default permissions

EUVDB-ID: #VU63631

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-30594

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to mishandling seccomp permissions. A local user can bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU64087

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1836

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use-after-free error in the drivers/block/floppy.c in the floppy driver module in the Linux kernel when working with raw_cmd_ioctl and seek_interrupt. A local user can trigger use-after-free to escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU64261

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1789

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference in kvm_mmu_invpcid_gva. A local attacker can trigger vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU63535

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33135

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Race condition

EUVDB-ID: #VU64156

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1729

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within sys_perf_event_open() in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU64944

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-33981

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service attack.

The vulnerability exists due to a use-after-free error in drivers/block/floppy.c in the Linux kernel when deallocating raw_cmd in the raw_cmd_ioctl function(). A local user can trigger use-after-free and perform denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.1.0.0153

kernel-tools-debuginfo: before 4.19.90-2206.1.0.0153

python3-perf: before 4.19.90-2206.1.0.0153

bpftool-debuginfo: before 4.19.90-2206.1.0.0153

kernel-tools: before 4.19.90-2206.1.0.0153

perf-debuginfo: before 4.19.90-2206.1.0.0153

perf: before 4.19.90-2206.1.0.0153

python3-perf-debuginfo: before 4.19.90-2206.1.0.0153

kernel-source: before 4.19.90-2206.1.0.0153

kernel-tools-devel: before 4.19.90-2206.1.0.0153

bpftool: before 4.19.90-2206.1.0.0153

kernel-debuginfo: before 4.19.90-2206.1.0.0153

kernel-devel: before 4.19.90-2206.1.0.0153

python2-perf-debuginfo: before 4.19.90-2206.1.0.0153

python2-perf: before 4.19.90-2206.1.0.0153

kernel: before 4.19.90-2206.1.0.0153

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1705


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###