logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES15 Security Update : kernel (Live Patch 20 for SLE 15 SP3) (SUSE-SU-2022:4100-1)

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4100-1 advisory. - When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. (CVE-2021-33655) - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. (CVE-2022-42703) - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related