alsa-2022:0825
Vulnerability from osv_almalinux
Published
2022-03-10 14:43
Modified
2023-09-15 13:41
Summary
Important: kernel security, bug fix, and enhancement update
Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2036888)

Security Fix(es):

  • kernel: improper initialization of the "flags" member of the new pipe_buffer (CVE-2022-0847)

  • kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)

  • kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout (CVE-2021-4154)

  • kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)

  • kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)

  • kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)

  • kernel: missing check in ioctl allows kernel memory read/write (CVE-2022-0516)

  • kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Intel QAT Kernel power up fix (BZ#2016437)

  • AlmaLinux8.4 seeing scsi_dma_map failed with mpt3sas driver and affecting performance (BZ#2018928)

  • [Lenovo 8.4 bug] audio_HDMI certification failed on AlmaLinux 8.4GA (No hdmi out) (BZ#2027335)

  • [AlmaLinux-8.5][4.18.0-323.el8.ppc64le][POWER8/9/10] security_flavor mode is not set back to zero post online migration (BZ#2027448)

  • iommu/amd: Fix unable to handle page fault due to AVIC (BZ#2030854)

  • [Lenovo 8.4 bug]The VGA display shows no signal (black screen) when install AlmaLinux8.4(beta or rc1) in the legacy BIOS mode. (BZ#2034949)

  • Double free of kmalloc-64 cache struct ib_port->pkey_group from module ib_core . (BZ#2038724)

  • Bus error with huge pages enabled (BZ#2039015)

  • AlmaLinux8 - kvm: floating interrupts may get stuck (BZ#2040769)

  • Data corruption on small files served by httpd, which is backed by cifs-mount (BZ#2041529)

  • Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042663)

  • Windows guest random Bsod when 'hv-tlbflush' enlightenment is enabled (BZ#2043237)

  • DNS lookup failures when run two times in a row (BZ#2043548)

  • net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043550)

  • Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel (BZ#2047427)

  • OCP node XFS metadata corruption after numerous reboots (BZ#2049292)

  • Broadcom bnxt_re: RDMA stats are not incrementing (BZ#2049684)

  • ice: bug fix series for 8.6 (BZ#2051951)

  • panic while looking up a symlink due to NULL i_op->get_link (BZ#2052558)

  • ceph omnibus backport for AlmaLinux-8.6.0 (BZ#2053725)

  • SCTP peel-off with SELinux and containers in OCP (BZ#2054112)

  • Selinux is not allowing SCTP connection setup between inter pod communication in enforcing mode (BZ#2054117)

  • dnf fails with fsync() over local repository present on CIFS mount point (BZ#2055824)

To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-348.20.1.el8_5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThe following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2036888)\n\nSecurity Fix(es):\n\n* kernel: improper initialization of the \"flags\" member of the new pipe_buffer (CVE-2022-0847)\n\n* kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)\n\n* kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout (CVE-2021-4154)\n\n* kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)\n\n* kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)\n\n* kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)\n\n* kernel: missing check in ioctl allows kernel memory read/write (CVE-2022-0516)\n\n* kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Intel QAT Kernel power up fix (BZ#2016437)\n\n* AlmaLinux8.4 seeing scsi_dma_map failed with mpt3sas driver and affecting performance (BZ#2018928)\n\n* [Lenovo 8.4 bug] audio_HDMI certification failed on AlmaLinux 8.4GA (No hdmi out) (BZ#2027335)\n\n* [AlmaLinux-8.5][4.18.0-323.el8.ppc64le][POWER8/9/10] security_flavor mode is not set back to zero post online migration (BZ#2027448)\n\n* iommu/amd: Fix unable to handle page fault due to AVIC (BZ#2030854)\n\n* [Lenovo 8.4 bug]The VGA display shows no signal (black screen) when install AlmaLinux8.4(beta or rc1) in the legacy BIOS mode. (BZ#2034949)\n\n* Double free of kmalloc-64  cache   struct ib_port-\u003epkey_group from module ib_core  . (BZ#2038724)\n\n* Bus error with huge pages enabled (BZ#2039015)\n\n* AlmaLinux8 - kvm: floating interrupts may get stuck (BZ#2040769)\n\n* Data corruption on small files served by httpd, which is backed by cifs-mount (BZ#2041529)\n\n* Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042663)\n\n* Windows guest random Bsod when \u0027hv-tlbflush\u0027 enlightenment is enabled (BZ#2043237)\n\n* DNS lookup failures when run two times in a row (BZ#2043548)\n\n* net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043550)\n\n* Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel (BZ#2047427)\n\n* OCP node XFS metadata corruption after numerous reboots (BZ#2049292)\n\n* Broadcom bnxt_re: RDMA stats are not incrementing (BZ#2049684)\n\n* ice: bug fix series for 8.6 (BZ#2051951)\n\n* panic while looking up a symlink due to NULL i_op-\u003eget_link (BZ#2052558)\n\n* ceph omnibus backport for AlmaLinux-8.6.0 (BZ#2053725)\n\n* SCTP peel-off with SELinux and containers in OCP (BZ#2054112)\n\n* Selinux  is not  allowing SCTP connection setup between inter pod communication in enforcing mode (BZ#2054117)\n\n* dnf fails with fsync() over local repository present on CIFS mount point (BZ#2055824)",
  "id": "ALSA-2022:0825",
  "modified": "2023-09-15T13:41:48Z",
  "published": "2022-03-10T14:43:03Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-0920"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-4154"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-0330"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-0435"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-0492"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-0516"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-0847"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2022-22942"
    }
  ],
  "related": [
    "CVE-2022-0847",
    "CVE-2021-0920",
    "CVE-2021-4154",
    "CVE-2022-0330",
    "CVE-2022-0435",
    "CVE-2022-0492",
    "CVE-2022-0516",
    "CVE-2022-22942"
  ],
  "summary": "Important: kernel security, bug fix, and enhancement update"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.