SUSE: Security Advisory (SUSE-SU-2022:1036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1036-1 Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94153 fixes one issue. The following security issue was fixed: - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 releaseagent feature, which allowed bypassing namespace isolation unexpectedly bsc1195543...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP3) (SUSE-SU-2022:0978-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0978-1 advisory. - A race condition was found in the Linux kernel's ebpf verifier between bpfmapupdateelem and bpfmapfreeze due to a missing lock in...

SUSE: Security Advisory (SUSE-SU-2022:1012-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP2) (SUSE-SU-2022:0991-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0991-1 advisory. - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, und...

SUSE-SU-2022:1012-1 Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94150 fixes several issues. The following security issues were fixed: - CVE-2022-0487: A use-after-free vulnerability was found in rtsxusbmsdrvremove in drivers/memstick/host/rtsxusbms.c bsc1194516. - CVE-2022-0492: Fixed a privilege escalation related to...

SUSE-SU-2022:0998-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005949 fixes several issues. The following security issues were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nfdupnetdev.c, related to nftablesoffload bsc1196299. -...

SUSE-SU-2022:0991-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-24102 fixes one issue. The following security issue was fixed: - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 releaseagent feature, which allowed bypassing namespace isolation unexpectedly bsc1195543...

SUSE-SU-2022:0984-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5937 fixes several issues. The following security issues were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nfdupnetdev.c, related to nftablesoffload bsc1196299. -...

Privilege Escalation

linux is vulnerable to privilege escalation. The vulnerability exists due to a lack of sanitization of the namespace isolation...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw under certain circumstances allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0760-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0760-1 advisory. - Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a...