SB2022120929 - openEuler 20.03 LTS SP3 update for kernel
Published: December 9, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Integer overflow (CVE-ID: CVE-2022-45934)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the l2cap_config_req() function in net/bluetooth/l2cap_core.c in Linux kernel. A local user can pass specially crafted L2CAP_CONF_REQ packets to the device, trigger an integer overflow and execute arbitrary code with elevated privileges.
2) NULL pointer dereference (CVE-ID: CVE-2022-41858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the sl_tx_timeout() function in drivers/net/slip in Linux kernel. A local user can perform a denial of service (DoS) attack.
3) Double Free (CVE-ID: CVE-2022-4095)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the cmd_hdl_filter() function in drivers/staging/rtl8712/rtl8712_cmd.c. A local user can trigger a double free error and execute arbitrary code with escalated privileges.
Remediation
Install update from vendor's website.