7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
31.1%
This kernel update is based on upstream 5.15.18 and fixes at least the following security issues: A random memory access flaw was found in the Linux kernels GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system (CVE-2022-0330). A use-after-free flaw was found in the Linux kernels vmw_execbuf_copy_fence_user function in drivers/gpu/drm/vmwgfx/ vmwgfx_execbuf.c in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem (CVE-2022-22942). kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace (CVE-2022-24122). Other fixes in this update: - fix broken RTL8814AU support (mga#29952) - fix cifs failing to load on server kernels (mga#29957) - fix broken plymouth scaling (mga#29925) - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() - fs/exec: require argv[0] presence in do_execveat_common() For other upstream fixes, see the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | kernel | < 5.15.18-2 | kernel-5.15.18-2.mga8 |
Mageia | 8 | noarch | kmod-virtualbox | < 6.1.32-1.4 | kmod-virtualbox-6.1.32-1.4.mga8 |
Mageia | 8 | noarch | kmod-xtables-addons | < 3.18-1.52 | kmod-xtables-addons-3.18-1.52.mga8 |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
31.1%