OESA-2022-1893
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1893
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1893.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1893
- Upstream
- Published
- 2022-09-07T11:04:14Z
- Modified
- 2025-08-12T05:11:34.443188Z
- Summary
- kernel security update
- Details
-
Security Fix(es):
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.(CVE-2022-1462)
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5(CVE-2022-2503)
A race condition was found in the Linux kernel's watch queue due to a missing lock in piperesizering(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.(CVE-2022-2959)
A flaw was found in the kernels implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.
References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d8e7007dc7c4d7c8366739bbcd3f5e51dcd470f(CVE-2022-2977)
The linux kernels driver for the "ASIX AX88179178A based USB 2.0/3.0 Gigabit Ethernet Devices" contains multiple out-of-bounds reads and possible writes in the ax88179rx_fixup() function.
References:
https://www.spinics.net/lists/stable/msg536418.html
Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581(CVE-2022-2964)
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.(CVE-2022-3028)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1893
- https://nvd.nist.gov/vuln/detail/CVE-2022-1462
- https://nvd.nist.gov/vuln/detail/CVE-2022-2503
- https://nvd.nist.gov/vuln/detail/CVE-2022-2959
- https://nvd.nist.gov/vuln/detail/CVE-2022-2977
- https://nvd.nist.gov/vuln/detail/CVE-2022-2964
- https://nvd.nist.gov/vuln/detail/CVE-2022-3028
Affected packages
openEuler:22.03-LTS / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.0-60.54.0.82.oe2203
Ecosystem specific
{
"x86_64": [
"kernel-tools-devel-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-tools-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"perf-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-debugsource-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"perf-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"python3-perf-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-tools-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"bpftool-debuginfo-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-headers-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-source-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"kernel-devel-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"bpftool-5.10.0-60.54.0.82.oe2203.x86_64.rpm",
"python3-perf-5.10.0-60.54.0.82.oe2203.x86_64.rpm"
],
"aarch64": [
"bpftool-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-tools-devel-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-tools-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-debugsource-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-devel-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-tools-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"perf-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"perf-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"python3-perf-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-source-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"python3-perf-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"bpftool-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-headers-5.10.0-60.54.0.82.oe2203.aarch64.rpm",
"kernel-debuginfo-5.10.0-60.54.0.82.oe2203.aarch64.rpm"
],
"src": [
"kernel-5.10.0-60.54.0.82.oe2203.src.rpm"
]
}