 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2022.0442 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2022-0442) |
| Resumen: | The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2022-0442 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2022-0442 advisory. Vulnerability Insight: This kernel update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation (CVE-2022-2602). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely (CVE-2022-3524). A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak (CVE-2022-3535). A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3542). A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/ unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3543). A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3564). A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3565). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely (CVE-2022-3594). A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak (CVE-2022-3619). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition (CVE-2022-3623). An intra-object buffer overflow was found in brcmfmac, which can be triggered by a malicious USB causing a Denial-of-Service (CVE-2022-3628). drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-2602 http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602 https://ubuntu.com/security/notices/USN-5691-1 https://ubuntu.com/security/notices/USN-5692-1 https://ubuntu.com/security/notices/USN-5693-1 https://ubuntu.com/security/notices/USN-5700-1 https://ubuntu.com/security/notices/USN-5752-1 Common Vulnerability Exposure (CVE) ID: CVE-2022-3524 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11 https://vuldb.com/?id.211021 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html Common Vulnerability Exposure (CVE) ID: CVE-2022-3535 Common Vulnerability Exposure (CVE) ID: CVE-2022-3542 Common Vulnerability Exposure (CVE) ID: CVE-2022-3543 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7a62ed61367b8fd01bae1e18e30602c25060d824 https://vuldb.com/?id.211043 Common Vulnerability Exposure (CVE) ID: CVE-2022-3564 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1 https://vuldb.com/?id.211087 Common Vulnerability Exposure (CVE) ID: CVE-2022-3565 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f https://vuldb.com/?id.211088 Common Vulnerability Exposure (CVE) ID: CVE-2022-3594 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907 https://vuldb.com/?id.211363 Common Vulnerability Exposure (CVE) ID: CVE-2022-3619 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193 https://vuldb.com/?id.211918 Common Vulnerability Exposure (CVE) ID: CVE-2022-3623 Debian Security Information: DSA-5324 (Google Search) https://www.debian.org/security/2023/dsa-5324 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f https://vuldb.com/?id.211921 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2022-3628 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295 Common Vulnerability Exposure (CVE) ID: CVE-2022-41849 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5610bcfe8693c02e2e4c8b31427f1bdbdecc839c https://lore.kernel.org/all/20220925133243.GA383897@ubuntu/T/ Common Vulnerability Exposure (CVE) ID: CVE-2022-41850 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cacdb14b1c8d3804a3a7d31773bc7569837b71a4 https://lore.kernel.org/all/20220904193115.GA28134@ubuntu/t/#u Common Vulnerability Exposure (CVE) ID: CVE-2022-42895 https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://kernel.dance/#b1a2cd50c0357f243b7435a732b4e62ba3157a2e Common Vulnerability Exposure (CVE) ID: CVE-2022-42896 https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://kernel.dance/#711f8c3fb3db61897080468586b970c87c61d9e4 Common Vulnerability Exposure (CVE) ID: CVE-2022-43945 http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |