OESA-2023-1035

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1035
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1035.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1035
Upstream
Published
2023-01-13T11:04:48Z
Modified
2025-08-12T05:12:25.978141Z
Summary
kernel security update
Details

Security Fix(es):

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2CSMBUSBLOCKDATA (with the ioctl I2CSMBUS) with malicious input data. This flaw allows a local user to crash the system.(CVE-2022-2873)

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.(CVE-2022-3903)

An issue was discovered in the Linux kernel through 5.16-rc6. lkdtmARRAYBOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.(CVE-2022-3104)

An issue was discovered in the Linux kernel through 5.16-rc6. freechargerirq() in drivers/power/supply/wm8350power.c lacks free of WM8350IRQCHGFASTRDY, which is registered in wm8350init_charger().(CVE-2022-3111)

An issue was discovered in the Linux kernel through 5.16-rc6. netvscgetethtoolstats in drivers/net/hyperv/netvscdrv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.(CVE-2022-3107)

An issue was discovered in the Linux kernel through 5.16-rc6. amvdecsetcanvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.(CVE-2022-3112)

An issue was discovered in the Linux kernel through 5.16-rc6. mtkvcodecfwvpuinit in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c lacks check of the return value of devmkzalloc() and will cause the null pointer dereference.(CVE-2022-3113)

An issue was discovered in the Linux kernel through 5.16-rc6. malidpcrtcreset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.(CVE-2022-3115)

An issue was discovered in the Linux kernel through 5.16-rc6. imxregisteruart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.(CVE-2022-3114)

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a(CVE-2022-2196)

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in setntacldacl, related to use of SMB2QUERYINFOHE after a malformed SMB2SETINFOHE command.(CVE-2022-47942)

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.(CVE-2022-47940)

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.(CVE-2022-47943)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.77.0.101.oe2203

Ecosystem specific 

{
    "x86_64": [
        "kernel-debuginfo-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "perf-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.77.0.101.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.77.0.101.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "kernel-tools-debuginfo-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "perf-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-tools-devel-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.77.0.101.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.77.0.101.oe2203.aarch64.rpm"
    ],
    "src": [
        "kernel-5.10.0-60.77.0.101.oe2203.src.rpm"
    ]
}