OESA-2022-2033

In ioidentitycow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel(CVE-2022-20409)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.(CVE-2022-3524)

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btfdumpnamedups of the file tools/lib/bpf/btfdump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.(CVE-2022-3534)

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function areacacheget of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.(CVE-2022-3545)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.(CVE-2022-3564)

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function deltimer of the file drivers/isdn/mISDN/l1oipcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.(CVE-2022-3565)

A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.(CVE-2022-3566)

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.(CVE-2022-3567)

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.(CVE-2022-3594)

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsnewinode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.(CVE-2022-3649)

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.(CVE-2022-42722)

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcmtxwork of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.(CVE-2022-3521)

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.(CVE-2022-3586)

VUL-0: CVE-2022-2602: kernel: defer registered files gc to io_uring release(CVE-2022-2602)

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939sessiondestroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.(CVE-2022-3633)

An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.(CVE-2022-3577)

Database specific

{
    "severity": "Critical"
}

References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name: kernel
Purl: pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.0-60.63.0.89.oe2203

Ecosystem specific

{
    "src": [
        "kernel-5.10.0-60.63.0.89.oe2203.src.rpm"
    ],
    "x86_64": [
        "perf-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.63.0.89.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.63.0.89.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "kernel-tools-devel-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "perf-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.63.0.89.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.63.0.89.oe2203.aarch64.rpm"
    ]
}