OESA-2022-1925
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1925
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1925.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1925
- Upstream
- Published
- 2022-09-16T11:04:17Z
- Modified
- 2025-08-12T05:06:09.084995Z
- Summary
- kernel security update
- Details
-
The Linux Kernel, the operating system core itself.
Security Fix(es):
A heap-based buffer overflow was found in the Linux kernel s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.(CVE-2022-2991)
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printerioctl() printerioctl() tries to access of a printerdev instance. However, use-after-free arises because it had been freed by gprinterfree().(CVE-2020-27784)
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations.(CVE-2022-39189)
Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn t check the value of pixclock , so it may cause a divide by zero error.(CVE-2022-3061)
An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nfconntrackirc configured.(CVE-2022-2663)
An issue was discovered in the Linux kernel before 5.19. In pxa3xxgcuwrite in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of sizet versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copyfrom_user(), a heap overflow may occur.(CVE-2022-39842)
An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmapmappingrange versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.(CVE-2022-39188)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1925
- https://nvd.nist.gov/vuln/detail/CVE-2022-2991
- https://nvd.nist.gov/vuln/detail/CVE-2020-27784
- https://nvd.nist.gov/vuln/detail/CVE-2022-39189
- https://nvd.nist.gov/vuln/detail/CVE-2022-3061
- https://nvd.nist.gov/vuln/detail/CVE-2022-2663
- https://nvd.nist.gov/vuln/detail/CVE-2022-39842
- https://nvd.nist.gov/vuln/detail/CVE-2022-39188
Affected packages
openEuler:20.03-LTS-SP1 / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/openEuler/kernel&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.90-2209.4.0.0168.oe1
Ecosystem specific
{
"x86_64": [
"kernel-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-devel-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-tools-devel-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-debugsource-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-source-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"perf-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"bpftool-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"bpftool-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"python3-perf-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"python2-perf-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-tools-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"perf-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"python2-perf-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"kernel-tools-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm",
"python3-perf-debuginfo-4.19.90-2209.4.0.0168.oe1.x86_64.rpm"
],
"aarch64": [
"kernel-devel-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"bpftool-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-debugsource-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"python3-perf-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-source-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-tools-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"perf-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-tools-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-tools-devel-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"python3-perf-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"python2-perf-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"perf-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"python2-perf-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"kernel-4.19.90-2209.4.0.0168.oe1.aarch64.rpm",
"bpftool-debuginfo-4.19.90-2209.4.0.0168.oe1.aarch64.rpm"
],
"src": [
"kernel-4.19.90-2209.4.0.0168.oe1.src.rpm"
]
}