Anolis OS update for kernel(RHCK)4.18



| Updated: 2025-03-28
Risk Low
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-0494
CVE-2022-1353
CVE-2022-23816
CVE-2022-23825
CVE-2022-2588
CVE-2022-29900
CVE-2022-29901
CWE-ID CWE-200
CWE-843
CWE-415
CWE-1037
Exploitation vector Local
Public exploit Vulnerability #5 is being exploited in the wild.
Vulnerable software
 Anolis OS
Operating systems & Components / Operating system

kernel-doc
Operating systems & Components / Operating system package or component

kernel-abi-stablelists
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-libs
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-modules-extra
Operating systems & Components / Operating system package or component

kernel-modules
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-debug-modules-extra
Operating systems & Components / Operating system package or component

kernel-debug-modules
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-core
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-cross-headers
Operating systems & Components / Operating system package or component

kernel-core
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

Vendor OpenAnolis

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU64259

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-0494

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the scsi_ioctl() function in drivers/scsi/scsi_ioctl.c in the Linux kernel. A local user with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU63388

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1353

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the pfkey_register function in net/key/af_key.c in the Linux kernel. A local user can gain unauthorized access to kernel memory, leading to a system crash or a leak of internal kernel information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Type Confusion

EUVDB-ID: #VU65219

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-23816

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Type Confusion

EUVDB-ID: #VU65204

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-23825

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Double Free

EUVDB-ID: #VU66397

Risk: Low

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2022-2588

CWE-ID: CWE-415 - Double Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a double free error within the network packet scheduler implementation in the route4_change() function in Linux kernel when removing all references to a route filter before freeing it. A local user can run a specially crafted program to crash the kernel or execute arbitrary code.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

6) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65205

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-29900

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed  RETbleed.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65220

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-29901

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

kernel-doc: before 4.18.0-372.32.1

kernel-abi-stablelists: before 4.18.0-372.32.1

python3-perf: before 4.18.0-372.32.1

perf: before 4.18.0-372.32.1

kernel-tools-libs: before 4.18.0-372.32.1

kernel-tools: before 4.18.0-372.32.1

kernel-modules-extra: before 4.18.0-372.32.1

kernel-modules: before 4.18.0-372.32.1

kernel-headers: before 4.18.0-372.32.1

kernel-devel: before 4.18.0-372.32.1

kernel-debug-modules-extra: before 4.18.0-372.32.1

kernel-debug-modules: before 4.18.0-372.32.1

kernel-debug-devel: before 4.18.0-372.32.1

kernel-debug-core: before 4.18.0-372.32.1

kernel-debug: before 4.18.0-372.32.1

kernel-cross-headers: before 4.18.0-372.32.1

kernel-core: before 4.18.0-372.32.1

kernel: before 4.18.0-372.32.1

bpftool: before 4.18.0-372.32.1

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2022:0758


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###