alsa-2022:5249
Vulnerability from osv_almalinux
Published
2022-07-01 00:00
Modified
2023-09-15 13:41
Summary
Important: kernel security and bug fix update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012) * kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729) * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966) * kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * make SHA512_arch algos and CRYPTO_USER built-ins (BZ#2072643) * SR-IOV performance > 50% degradation (BZ#2074830) * fix data corruption caused by dm-integrity (BZ#2082187) * SCTP client-side peeloff issues [almalinux-9] (BZ#2084044) * TCP connection fails in a asymmetric routing situation (BZ#2085480) * Fails to boot Multiple RT VMs each with multiple vCPUs (BZ#2086963) * spec: Fix separate tools build (BZ#2090852) * call traces related to eeh_pseries observed and vmcore is not captured, when kdump is triggered (BZ#2092255) * Mark ThunderX NIC driver as unmaintained (BZ#2092638)
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "bpftool"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-70.17.1.el9_0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\nSecurity Fix(es):\n* kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n* kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n* kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966)\n* kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nBug Fix(es):\n* make SHA512_arch algos and CRYPTO_USER built-ins (BZ#2072643)\n* SR-IOV performance \u003e 50% degradation (BZ#2074830)\n* fix data corruption caused by dm-integrity (BZ#2082187)\n* SCTP client-side peeloff issues [almalinux-9] (BZ#2084044)\n* TCP connection fails in a asymmetric routing situation (BZ#2085480)\n* Fails to boot Multiple RT VMs each with multiple vCPUs (BZ#2086963)\n* spec: Fix separate tools build (BZ#2090852)\n* call traces related to eeh_pseries observed and vmcore is not captured, when kdump is triggered (BZ#2092255)\n* Mark ThunderX NIC driver as unmaintained (BZ#2092638)",
"id": "ALSA-2022:5249",
"modified": "2023-09-15T13:41:48Z",
"published": "2022-07-01T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:5249"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1012"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1729"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1966"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-27666"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2061633"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2064604"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2086753"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2092427"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2022-5249.html"
}
],
"related": [
"CVE-2022-1012",
"CVE-2022-1729",
"CVE-2022-1966",
"CVE-2022-27666"
],
"summary": "Important: kernel security and bug fix update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…