CentOS 7 update for kernel



Published: 2022-08-15
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2018-13405
CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CWE-ID CWE-264
CWE-200
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
CentOS
Operating systems & Components / Operating system

Vendor CentOS Project

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Security restrictions bypass

EUVDB-ID: #VU13631

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-13405

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to create arbitrary files on the target system.

The vulnerability exists due to the inode_init_owner function, as defined in the fs/inode.c source code file, allows the creation of arbitrary files in set-group identification (SGID) directories. A local attacker can create arbitrary files with unintended group ownership.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7


CPE2.3 External links

http://lists.centos.org/pipermail/centos-announce/2022-August/073632.html


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU64364

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21123

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.


Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7


CPE2.3 External links

http://lists.centos.org/pipermail/centos-announce/2022-August/073632.html


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Information disclosure

EUVDB-ID: #VU64365

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21125

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.



Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7


CPE2.3 External links

http://lists.centos.org/pipermail/centos-announce/2022-August/073632.html


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Information disclosure

EUVDB-ID: #VU64366

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21166

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7


CPE2.3 External links

http://lists.centos.org/pipermail/centos-announce/2022-August/073632.html


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###