7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
45.7%
CentOS Errata and Security Advisory CESA-2022:0620
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)
kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege (CVE-2020-0465)
kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)
kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)
kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Kernel with enabled BERT does not decode CPU fatal events correctly (BZ#1950302)
RHEL 7.9 - Call trace seen during controller random reset on IB config (BZ#1984070)
Infinite loop in blk_set_queue_dying() from blk_queue_for_each_rl() when another CPU races and modifies the queue’s blkg_list (BZ#2029574)
NFS client kernel crash in NFS4 backchannel transmit path - ftrace_raw_event_rpc_task_queued called from rpc_run_bc_task (BZ#2039508)
SELinux is preventing / from mount access on the filesystem /proc (BZ#2040196)
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2022-February/086260.html
Affected packages:
bpftool
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf
Upstream details at:
https://access.redhat.com/errata/RHSA-2022:0620
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | x86_64 | bpftool | < 3.10.0-1160.59.1.el7 | bpftool-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel | < 3.10.0-1160.59.1.el7 | kernel-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-abi-whitelists | < 3.10.0-1160.59.1.el7 | kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-debug | < 3.10.0-1160.59.1.el7 | kernel-debug-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-debug-devel | < 3.10.0-1160.59.1.el7 | kernel-debug-devel-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-devel | < 3.10.0-1160.59.1.el7 | kernel-devel-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-doc | < 3.10.0-1160.59.1.el7 | kernel-doc-3.10.0-1160.59.1.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-headers | < 3.10.0-1160.59.1.el7 | kernel-headers-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools | < 3.10.0-1160.59.1.el7 | kernel-tools-3.10.0-1160.59.1.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools-libs | < 3.10.0-1160.59.1.el7 | kernel-tools-libs-3.10.0-1160.59.1.el7.x86_64.rpm |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
45.7%