Lucene search

K
redhatRedHatRHSA-2022:5232
HistoryJun 28, 2022 - 7:52 a.m.

(RHSA-2022:5232) Important: kernel security and bug fix update

2022-06-2807:52:31
access.redhat.com
92
kernel
security
bug fix
linux operating system
privilege escalation
race condition
use-after-free
netfilter subsystem
cvss score
xfs inode cluster
sock
libceph
bz#2050464
bz#2070408
bz#2088025

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

50.8%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)

  • kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • XFS inode cluster corruption (BZ#2050464)

  • sock: sock_dequeue_err_skb() needs hard irq safety (BZ#2070408)

  • libceph: fix potential use-after-free on linger ping and resends (BZ#2088025)

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

50.8%