Mageia 2022-0324: kernel security update | LinuxSecurity.com
MGASA-2022-0324 - Updated kernel packages fix security vulnerabilities

Publication date: 10 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0324.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-2905,
     CVE-2022-3028,
     CVE-2022-39190

This kernel update is based on upstream 5.15.65 and fixes at least the
following security issues:

An out-of-bounds memory read flaw was found in the Linux kernel's BPF
subsystem in how a user calls the bpf_tail_call function with a key
larger than the max_entries of the map. This flaw allows a local user
to gain unauthorized access to data (CVE-2022-2905).

A race condition was found in the Linux kernel's IP framework for
transforming packets (XFRM subsystem) when multiple calls to
xfrm_probe_algs occurred simultaneously. This flaw could allow a local
attacker to potentially trigger an out-of-bounds write or leak kernel
heap memory by performing an out-of-bounds read and copying it into a
socket (CVE-2022-3028).

An issue was discovered in net/netfilter/nf_tables_api.c in the kernel
before 5.19.6. A denial of service can occur upon binding to an already
bound chain (CVE-2022-39190).

Other fixes in this update:
- A fix for an issue causing excessive logging (mga#30779) due to an
  uppstream change that was included in the 5.15.62 kernel update released
  as MGASA-2022-0305.
- bpf, cgroup: Fix kernel BUG in purge_effective_progs
- bpf: Restrict bpf_sys_bpf to CAP_PERFMON
- Revert "xhci: turn off port power in shutdown" as it causes some systems
  to hang on shutdown.

For other upstream fixes in this update, see the referenced changelogs.

References:
- https://bugs.mageia.org/show_bug.cgi?id=30813
- https://bugs.mageia.org/show_bug.cgi?id=30779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2905
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3028
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39190

SRPMS:
- 8/core/kernel-5.15.65-1.mga8
- 8/core/kmod-virtualbox-6.1.38-1.5.mga8
- 8/core/kmod-xtables-addons-3.21-1.5.mga8

Mageia 2022-0324: kernel security update

Summary

This kernel update is based on upstream 5.15.65 and fixes at least the following security issues:
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data (CVE-2022-2905).
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket (CVE-2022-3028).
An issue was discovered in net/netfilter/nf_tables_api.c in the kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain (CVE-2022-39190).
Other fixes in this update: - A fix for an issue causing excessive logging (mga#30779) due to an uppstream change that was included in the 5.15.62 kernel update released as MGASA-2022-0305. - bpf, cgroup: Fix kernel BUG in purge_effective_progs - bpf: Restrict bpf_sys_bpf to CAP_PERFMON - Revert "xhci: turn off port power in shutdown" as it causes some systems to hang on shutdown.
For other upstream fixes in this update, see the referenced changelogs.

References

- https://bugs.mageia.org/show_bug.cgi?id=30813

- https://bugs.mageia.org/show_bug.cgi?id=30779

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2905

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3028

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39190

Resolution

MGASA-2022-0324 - Updated kernel packages fix security vulnerabilities

SRPMS

- 8/core/kernel-5.15.65-1.mga8

- 8/core/kmod-virtualbox-6.1.38-1.5.mga8

- 8/core/kmod-xtables-addons-3.21-1.5.mga8

Severity
Publication date: 10 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0324.html
Type: security
CVE: CVE-2022-2905, CVE-2022-3028, CVE-2022-39190

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.