MGASA-2022-0095

This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues:

A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on a MSRDONLY filesystem. It can be used to inject code into arbitrary processes (CVE-2022-0847).

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur (CVE-2022-25258).

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory (CVE-2022-25375).

net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload (CVE-2022-25636).

For other upstream fixes, see the referenced changelogs.