OESA-2023-1038

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1038
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1038.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1038
Upstream
Published
2023-01-20T11:04:48Z
Modified
2025-08-12T05:14:14.343902Z
Summary
kernel security update
Details

The Linux Kernel, the operating system core itself.

Security Fix(es):

A use-after-free flaw was found in the Linux kernel?s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.(CVE-2022-3424)

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.(CVE-2022-4662)

An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in iosqpollwaitsq in fs/iouring.c allows an attacker to crash the kernel, resulting in denial of service. finishwait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of iosqpollwaitsq.(CVE-2022-47946)

A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attrpunchhole() was found. A local user could use this flaw to crash the system.(CVE-2022-4842)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.78.0.102.oe2203

Ecosystem specific 

{
    "x86_64": [
        "perf-debuginfo-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "perf-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.78.0.102.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.78.0.102.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "kernel-tools-devel-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "perf-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.78.0.102.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.78.0.102.oe2203.aarch64.rpm"
    ],
    "src": [
        "kernel-5.10.0-60.78.0.102.oe2203.src.rpm"
    ]
}