logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES12 Security Update : kernel (Live Patch 27 for SLE 12 SP4) (SUSE-SU-2022:2445-1)

Description

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2445-1 advisory. - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. (CVE-2022-1729) - In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel (CVE-2022-20154) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related