Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU62601
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26490
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the st21nfca_connectivity_event_received() function in drivers/nfc/st21nfca/se.c in Linux kernel. A local user can run a specially crafted program to trigger buffer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS
kernel-tools: before 5.10.0-60.51.0.79
kernel-tools-devel: before 5.10.0-60.51.0.79
kernel-devel: before 5.10.0-60.51.0.79
kernel-source: before 5.10.0-60.51.0.79
kernel-headers: before 5.10.0-60.51.0.79
bpftool: before 5.10.0-60.51.0.79
python3-perf-debuginfo: before 5.10.0-60.51.0.79
kernel-tools-debuginfo: before 5.10.0-60.51.0.79
kernel-debugsource: before 5.10.0-60.51.0.79
perf: before 5.10.0-60.51.0.79
bpftool-debuginfo: before 5.10.0-60.51.0.79
kernel-debuginfo: before 5.10.0-60.51.0.79
perf-debuginfo: before 5.10.0-60.51.0.79
python3-perf: before 5.10.0-60.51.0.79
kernel: before 5.10.0-60.51.0.79
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1845
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU66808
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36123
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Linux kernel lacks a certain clear operation for the block starting symbol (.bss). A local user on the Xen PV guest OS can perform a denial of service attack or escalate privileges on the guest OS.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS
kernel-tools: before 5.10.0-60.51.0.79
kernel-tools-devel: before 5.10.0-60.51.0.79
kernel-devel: before 5.10.0-60.51.0.79
kernel-source: before 5.10.0-60.51.0.79
kernel-headers: before 5.10.0-60.51.0.79
bpftool: before 5.10.0-60.51.0.79
python3-perf-debuginfo: before 5.10.0-60.51.0.79
kernel-tools-debuginfo: before 5.10.0-60.51.0.79
kernel-debugsource: before 5.10.0-60.51.0.79
perf: before 5.10.0-60.51.0.79
bpftool-debuginfo: before 5.10.0-60.51.0.79
kernel-debuginfo: before 5.10.0-60.51.0.79
perf-debuginfo: before 5.10.0-60.51.0.79
python3-perf: before 5.10.0-60.51.0.79
kernel: before 5.10.0-60.51.0.79
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1845
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU66397
Risk: Low
CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2022-2588
CWE-ID:
CWE-415 - Double Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The
vulnerability exists due to a double free error within the network packet scheduler implementation
in the route4_change() function in Linux kernel when removing all references to a route filter
before freeing it. A local user can run a specially crafted program to
crash the kernel or execute arbitrary code.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS
kernel-tools: before 5.10.0-60.51.0.79
kernel-tools-devel: before 5.10.0-60.51.0.79
kernel-devel: before 5.10.0-60.51.0.79
kernel-source: before 5.10.0-60.51.0.79
kernel-headers: before 5.10.0-60.51.0.79
bpftool: before 5.10.0-60.51.0.79
python3-perf-debuginfo: before 5.10.0-60.51.0.79
kernel-tools-debuginfo: before 5.10.0-60.51.0.79
kernel-debugsource: before 5.10.0-60.51.0.79
perf: before 5.10.0-60.51.0.79
bpftool-debuginfo: before 5.10.0-60.51.0.79
kernel-debuginfo: before 5.10.0-60.51.0.79
perf-debuginfo: before 5.10.0-60.51.0.79
python3-perf: before 5.10.0-60.51.0.79
kernel: before 5.10.0-60.51.0.79
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1845
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
EUVDB-ID: #VU66394
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-2585
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack or escalate privileges on the system.
The vulnerability exists due to improper management of internal resources in POSIX CPU timers when handling death of a process. A local user can crash the kernel or execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS
kernel-tools: before 5.10.0-60.51.0.79
kernel-tools-devel: before 5.10.0-60.51.0.79
kernel-devel: before 5.10.0-60.51.0.79
kernel-source: before 5.10.0-60.51.0.79
kernel-headers: before 5.10.0-60.51.0.79
bpftool: before 5.10.0-60.51.0.79
python3-perf-debuginfo: before 5.10.0-60.51.0.79
kernel-tools-debuginfo: before 5.10.0-60.51.0.79
kernel-debugsource: before 5.10.0-60.51.0.79
perf: before 5.10.0-60.51.0.79
bpftool-debuginfo: before 5.10.0-60.51.0.79
kernel-debuginfo: before 5.10.0-60.51.0.79
perf-debuginfo: before 5.10.0-60.51.0.79
python3-perf: before 5.10.0-60.51.0.79
kernel: before 5.10.0-60.51.0.79
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1845
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.