 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2022.0443 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2022-0443) |
| Summary: | The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2022-0443 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2022-0443 advisory. Vulnerability Insight: This kernel-linus update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation (CVE-2022-2602). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely (CVE-2022-3524). A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak (CVE-2022-3535). A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3542). A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/ unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3543). A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3564). A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3565). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely (CVE-2022-3594). A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak (CVE-2022-3619). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition (CVE-2022-3623). An intra-object buffer overflow was found in brcmfmac, which can be triggered by a malicious USB causing a Denial-of-Service (CVE-2022-3628). drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel-linus' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-2602 http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602 https://ubuntu.com/security/notices/USN-5691-1 https://ubuntu.com/security/notices/USN-5692-1 https://ubuntu.com/security/notices/USN-5693-1 https://ubuntu.com/security/notices/USN-5700-1 https://ubuntu.com/security/notices/USN-5752-1 Common Vulnerability Exposure (CVE) ID: CVE-2022-3524 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11 https://vuldb.com/?id.211021 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html Common Vulnerability Exposure (CVE) ID: CVE-2022-3535 Common Vulnerability Exposure (CVE) ID: CVE-2022-3542 Common Vulnerability Exposure (CVE) ID: CVE-2022-3543 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7a62ed61367b8fd01bae1e18e30602c25060d824 https://vuldb.com/?id.211043 Common Vulnerability Exposure (CVE) ID: CVE-2022-3564 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1 https://vuldb.com/?id.211087 Common Vulnerability Exposure (CVE) ID: CVE-2022-3565 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f https://vuldb.com/?id.211088 Common Vulnerability Exposure (CVE) ID: CVE-2022-3594 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907 https://vuldb.com/?id.211363 Common Vulnerability Exposure (CVE) ID: CVE-2022-3619 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193 https://vuldb.com/?id.211918 Common Vulnerability Exposure (CVE) ID: CVE-2022-3623 Debian Security Information: DSA-5324 (Google Search) https://www.debian.org/security/2023/dsa-5324 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f https://vuldb.com/?id.211921 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2022-3628 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295 Common Vulnerability Exposure (CVE) ID: CVE-2022-41849 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5610bcfe8693c02e2e4c8b31427f1bdbdecc839c https://lore.kernel.org/all/20220925133243.GA383897@ubuntu/T/ Common Vulnerability Exposure (CVE) ID: CVE-2022-41850 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cacdb14b1c8d3804a3a7d31773bc7569837b71a4 https://lore.kernel.org/all/20220904193115.GA28134@ubuntu/t/#u Common Vulnerability Exposure (CVE) ID: CVE-2022-42895 https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://kernel.dance/#b1a2cd50c0357f243b7435a732b4e62ba3157a2e Common Vulnerability Exposure (CVE) ID: CVE-2022-42896 https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://kernel.dance/#711f8c3fb3db61897080468586b970c87c61d9e4 Common Vulnerability Exposure (CVE) ID: CVE-2022-43945 http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |