logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2022:4039-1)

Description

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4039-1 advisory. - A use-after-free flaw was found in the Linux kernel's pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1882) - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. (CVE-2022-42703) - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related