logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15) (SUSE-SU-2022:4129-1)

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4129-1 advisory. - A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. (CVE-2020-36557) - A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. (CVE-2020-36558) - When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. (CVE-2021-33655) - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. (CVE-2022-42703) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related