openEuler update for kernel



Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2022-1048
CVE-2022-1158
CVE-2022-21499
CWE-ID CWE-416
CWE-787
CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
 openEuler
Operating systems & Components / Operating system

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

python2-perf-debuginfo
Operating systems & Components / Operating system package or component

python2-perf
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU63428

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1048

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to a use-after-free error in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. A local user can execute arbitrary code with elevated privileges and perform a denial-of-service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.2.0.0154

kernel-tools-debuginfo: before 4.19.90-2206.2.0.0154

python3-perf: before 4.19.90-2206.2.0.0154

bpftool-debuginfo: before 4.19.90-2206.2.0.0154

kernel-tools: before 4.19.90-2206.2.0.0154

perf-debuginfo: before 4.19.90-2206.2.0.0154

perf: before 4.19.90-2206.2.0.0154

python3-perf-debuginfo: before 4.19.90-2206.2.0.0154

kernel-source: before 4.19.90-2206.2.0.0154

kernel-tools-devel: before 4.19.90-2206.2.0.0154

bpftool: before 4.19.90-2206.2.0.0154

kernel-debuginfo: before 4.19.90-2206.2.0.0154

kernel-devel: before 4.19.90-2206.2.0.0154

python2-perf-debuginfo: before 4.19.90-2206.2.0.0154

python2-perf: before 4.19.90-2206.2.0.0154

kernel: before 4.19.90-2206.2.0.0154

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1727


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU63166

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-1158

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due the KVM implementation in Linux kernel does not properly perform guest page table updates in some situations. A remote user on the guest operating system can trigger memory corruption and perform a denial of service attack against the host OS.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.2.0.0154

kernel-tools-debuginfo: before 4.19.90-2206.2.0.0154

python3-perf: before 4.19.90-2206.2.0.0154

bpftool-debuginfo: before 4.19.90-2206.2.0.0154

kernel-tools: before 4.19.90-2206.2.0.0154

perf-debuginfo: before 4.19.90-2206.2.0.0154

perf: before 4.19.90-2206.2.0.0154

python3-perf-debuginfo: before 4.19.90-2206.2.0.0154

kernel-source: before 4.19.90-2206.2.0.0154

kernel-tools-devel: before 4.19.90-2206.2.0.0154

bpftool: before 4.19.90-2206.2.0.0154

kernel-debuginfo: before 4.19.90-2206.2.0.0154

kernel-devel: before 4.19.90-2206.2.0.0154

python2-perf-debuginfo: before 4.19.90-2206.2.0.0154

python2-perf: before 4.19.90-2206.2.0.0154

kernel: before 4.19.90-2206.2.0.0154

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1727


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU63961

Risk: Low

CVSSv4.0: 5.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-21499

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to improper access restrictions to the kernel debugger when booted in secure boot environments. A local privileged user can bypass UEFI Secure Boot restrictions.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS

kernel-debugsource: before 4.19.90-2206.2.0.0154

kernel-tools-debuginfo: before 4.19.90-2206.2.0.0154

python3-perf: before 4.19.90-2206.2.0.0154

bpftool-debuginfo: before 4.19.90-2206.2.0.0154

kernel-tools: before 4.19.90-2206.2.0.0154

perf-debuginfo: before 4.19.90-2206.2.0.0154

perf: before 4.19.90-2206.2.0.0154

python3-perf-debuginfo: before 4.19.90-2206.2.0.0154

kernel-source: before 4.19.90-2206.2.0.0154

kernel-tools-devel: before 4.19.90-2206.2.0.0154

bpftool: before 4.19.90-2206.2.0.0154

kernel-debuginfo: before 4.19.90-2206.2.0.0154

kernel-devel: before 4.19.90-2206.2.0.0154

python2-perf-debuginfo: before 4.19.90-2206.2.0.0154

python2-perf: before 4.19.90-2206.2.0.0154

kernel: before 4.19.90-2206.2.0.0154

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1727


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###