Main Vulnerability Database SB2023042160

SB2023042160 - openEuler 22.03 LTS SP1 update for kernel

Published: April 21, 2023 Updated: May 31, 2024

Security Bulletin ID SB2023042160

Severity

Low

Patch available

YES

Number of vulnerabilities 6

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2022-1015)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_validate_register_store and nft_validate_register_load in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. A local user can escalate privileges on the system.

2) Out-of-bounds write (CVE-ID: CVE-2022-36280)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the vmw_kms_cursor_snoo() function in drivers/gpu/vmxgfx/vmxgfx_kms.c in vmwgfx VMWare driver. A local user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.

3) Cross-thread return address predictions (CVE-ID: CVE-2022-27672)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to certain AMD processors may speculatively execute instructions at an incorrect return site after an SMT mode switch that may potentially lead to information disclosure.

4) Input validation error (CVE-ID: CVE-2023-30456)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of consistency for for CR0 and CR4 in arch/x86/kvm/vmx/nested.c in the Linux kernel. A local user can execute arbitrary code with elevated privileges.

5) Use-after-free (CVE-ID: CVE-2023-1989)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a use-after-free error and escalate privileges on the system.

6) Use-after-free (CVE-ID: CVE-2023-1829)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1250

Vulnerable Software

openEuler: 22.03 LTS SP1
kernel-headers: before 5.10.0-136.29.0.105
kernel-debugsource: before 5.10.0-136.29.0.105
bpftool-debuginfo: before 5.10.0-136.29.0.105
kernel-tools-debuginfo: before 5.10.0-136.29.0.105
kernel-source: before 5.10.0-136.29.0.105
bpftool: before 5.10.0-136.29.0.105
perf-debuginfo: before 5.10.0-136.29.0.105
kernel-tools-devel: before 5.10.0-136.29.0.105
kernel-devel: before 5.10.0-136.29.0.105
perf: before 5.10.0-136.29.0.105
kernel-debuginfo: before 5.10.0-136.29.0.105
python3-perf-debuginfo: before 5.10.0-136.29.0.105
python3-perf: before 5.10.0-136.29.0.105
kernel-tools: before 5.10.0-136.29.0.105
kernel: before 5.10.0-136.29.0.105

SB2023042160 - openEuler 22.03 LTS SP1 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human