SB2022051242 - SUSE update for the Linux Kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022051242

SB2022051242 - SUSE update for the Linux Kernel

Published: May 12, 2022 Updated: June 18, 2023

Security Bulletin ID SB2022051242
Severity
Low
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) Security restrictions bypass (CVE-ID: CVE-2018-7755)

The vulnerability allows a local unauthenticated attacker to bypass security restrictions on the target system.

The weakness exists in the drivers/block/floppy.c source code in the fd_locked_ioctl function due to insufficient security restrictions. A local attacker can bypass security restrictions through the system floppy drive and obtain kernel code and data from the system.

2) Input validation error (CVE-ID: CVE-2019-20811)

The vulnerability allows a local authenticated user to manipulate data.

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.


3) Use-after-free (CVE-ID: CVE-2021-20292)

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to a use-after-free error in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. A local user can escalate privileges and execute code in the context of the kernel.


4) Race condition (CVE-ID: CVE-2021-20321)

The vulnerability allows a local user to perform a denial of service (DoS) attacks.

The vulnerability exists due to a race condition when accessing file object in the Linux kernel OverlayFS subsystem. A local user can rename files in specific way with OverlayFS and perform a denial of service (DoS) attack.


5) NULL pointer dereference (CVE-ID: CVE-2021-38208)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the net/nfc/llcp_sock.c component. A remote attacker can make getsockname call and perform a denial of service (DoS) attack.


6) Improper Validation of Array Index (CVE-ID: CVE-2021-43389)

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in the ISDN CAPI implementation within detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. local user can send specially crafted data to the system and execute arbitrary code with elevated privileges.

7) Use-after-free (CVE-ID: CVE-2022-1011)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the write() function of FUSE filesystem. A local user can retireve (partial) /etc/shadow hashes and execute arbitrary code with elevated privileges.


8) Use-after-free (CVE-ID: CVE-2022-1280)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the drm_lease_held() function in drivers/gpu/drm/drm_lease.c in the Linux kernel. A local user can run a specially crafted program to trigger a use-after-free error and crash the kernel or gain access to sensitive information.



9) Information disclosure (CVE-ID: CVE-2022-1353)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the pfkey_register function in net/key/af_key.c in the Linux kernel. A local user can gain unauthorized access to kernel memory, leading to a system crash or a leak of internal kernel information.


10) Use-after-free (CVE-ID: CVE-2022-1419)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in vgem_gem_dumb_create() function in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


11) NULL pointer dereference (CVE-ID: CVE-2022-1516)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference error in the Linux kernel’s X.25 set of standardized network protocols functionality. A local user can terminate session using a simulated Ethernet card and perform a denial of service (DoS) attack.


12) Processor optimization removal or modification of security-critical code (CVE-ID: CVE-2022-23960)

The vulnerability allows a local user to obtain potentially sensitive information.

The vulnerability exists due to improper restrictions of cache speculation. A local user can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches and gain access to sensitive information.

The vulnerability was dubbed Spectre-BHB.


13) Memory leak (CVE-ID: CVE-2022-28748)

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due memory leak when working with ax88179_178a devices. An attacker with physical access to the system can inject a malicious USB-drive and remotely obtain data from kernel memory.


Remediation

Install update from vendor's website.

References