Test Kennung:	1.3.6.1.4.1.25623.1.1.13.2022.067.01
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2022-067-01)
Zusammenfassung:	The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2022-067-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2022-067-01 advisory. Vulnerability Insight: New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/linux-5.15.27/*: Upgraded. These updates fix various bugs and security issues, including the recently announced 'Dirty Pipe' vulnerability which allows overwriting data in arbitrary read-only files (CVE-2022-0847). Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 5.15.20: [link moved to references] Fixed in 5.15.23: [links moved to references] Fixed in 5.15.24: [links moved to references] Fixed in 5.15.25: [link moved to references] Fixed in 5.15.26: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'kernel' package(s) on Slackware 15.0. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0435 https://security.netapp.com/advisory/ntap-20220602-0001/ https://bugzilla.redhat.com/show_bug.cgi?id=2048738 https://www.openwall.com/lists/oss-security/2022/02/10/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-0487 Debian Security Information: DSA-5095 (Google Search) https://www.debian.org/security/2022/dsa-5095 Debian Security Information: DSA-5096 (Google Search) https://www.debian.org/security/2022/dsa-5096 https://bugzilla.redhat.com/show_bug.cgi?id=2044561 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0492 http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html https://bugzilla.redhat.com/show_bug.cgi?id=2051505 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af Common Vulnerability Exposure (CVE) ID: CVE-2022-0516 Debian Security Information: DSA-5092 (Google Search) https://www.debian.org/security/2022/dsa-5092 https://bugzilla.redhat.com/show_bug.cgi?id=2050237 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55 Common Vulnerability Exposure (CVE) ID: CVE-2022-0847 http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html https://www.suse.com/support/kb/doc/?id=000020603 https://bugzilla.redhat.com/show_bug.cgi?id=2060795 https://dirtypipe.cm4all.com/ Common Vulnerability Exposure (CVE) ID: CVE-2022-25258 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 https://github.com/szymonh/d-os-descriptor https://github.com/torvalds/linux/commit/75e5b4849b81e19e9efe1654b30d7f3151c33c2c Common Vulnerability Exposure (CVE) ID: CVE-2022-25375 https://github.com/szymonh/rndis-co https://github.com/torvalds/linux/commit/38ea1eac7d88072bbffb630e2b3db83ca649b826 http://www.openwall.com/lists/oss-security/2022/02/21/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-25636 https://security.netapp.com/advisory/ntap-20220325-0002/ https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 https://github.com/Bonfee/CVE-2022-25636 https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ https://www.openwall.com/lists/oss-security/2022/02/21/2 https://www.oracle.com/security-alerts/cpujul2022.html http://www.openwall.com/lists/oss-security/2022/02/22/1
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.