 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2022.0041 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2022-0041) |
| Zusammenfassung: | The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2022-0041 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2022-0041 advisory. Vulnerability Insight: This kernel update is based on upstream 5.15.18 and fixes at least the following security issues: A random memory access flaw was found in the Linux kernels GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system (CVE-2022-0330). A use-after-free flaw was found in the Linux kernels vmw_execbuf_copy_fence_user function in drivers/gpu/drm/vmwgfx/ vmwgfx_execbuf.c in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem (CVE-2022-22942). kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace (CVE-2022-24122). Other fixes in this update: - fix broken RTL8814AU support (mga#29952) - fix cifs failing to load on server kernels (mga#29957) - fix broken plymouth scaling (mga#29925) - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() - fs/exec: require argv[0] presence in do_execveat_common() For other upstream fixes, see the referenced changelogs. Affected Software/OS: 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-0330 https://bugzilla.redhat.com/show_bug.cgi?id=2042404 https://www.openwall.com/lists/oss-security/2022/01/25/12 http://www.openwall.com/lists/oss-security/2022/11/30/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-22942 https://github.com/vmware/photon/wiki/Security-Update-3.0-356 https://github.com/vmware/photon/wiki/Security-Update-4.0-148 https://www.openwall.com/lists/oss-security/2022/01/27/4 Common Vulnerability Exposure (CVE) ID: CVE-2022-24122 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSR3AI2IQGRKZCHNKF6S25JGDKUEAWWL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VVSZKUJAZ2VN6LJ35J2B6YD6BOPQTU3B/ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9d87929d451d3e649699d0f1d74f71f77ad38f5 https://github.com/torvalds/linux/commit/f9d87929d451d3e649699d0f1d74f71f77ad38f5 https://www.openwall.com/lists/oss-security/2022/01/29/1 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |