7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
14.3%
This kernel update is based on upstream 5.15.65 and fixes at least the following security issues: An out-of-bounds memory read flaw was found in the Linux kernel’s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data (CVE-2022-2905). A race condition was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket (CVE-2022-3028). There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn’t handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed (CVE-2022-3176). An issue was discovered in net/netfilter/nf_tables_api.c in the kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain (CVE-2022-39190). mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse (CVE-2022-42703). Other fixes in this update: - A fix for an issue causing excessive logging (mga#30779) due to an uppstream change that was included in the 5.15.62 kernel update released as MGASA-2022-0305. - bpf, cgroup: Fix kernel BUG in purge_effective_progs - bpf: Restrict bpf_sys_bpf to CAP_PERFMON - Revert “xhci: turn off port power in shutdown” as it causes some systems to hang on shutdown. For other upstream fixes in this update, see the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | kernel | < 5.15.65-1 | kernel-5.15.65-1.mga8 |
Mageia | 8 | noarch | kmod-virtualbox | < 6.1.38-1.5 | kmod-virtualbox-6.1.38-1.5.mga8 |
Mageia | 8 | noarch | kmod-xtables-addons | < 3.21-1.5 | kmod-xtables-addons-3.21-1.5.mga8 |