logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 28 for SLE 12 SP4) (SUSE-SU-2022:4024-1)

Description

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4024-1 advisory. - When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. (CVE-2021-33655) - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. (CVE-2022-42703) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related