[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2KERNEL-5.15-2022-002 --- kernel

ID: oval:org.secpod.oval:def:1700969Date: (C)2022-07-26   (M)2024-05-22
Class: PATCHFamily: unix




A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block in the Linux kernel's filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service. A NULL pointer dereference flaw was found in the Linux kernel's KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. No description is available for this CVE. A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse , causing a denial of service and possibly to run code. net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER when accessing floating point registers. rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free

Platform:
Amazon Linux 2
Product:
kernel
perf
python-perf
bpftool
Reference:
ALAS2KERNEL-5.15-2022-002
CVE-2022-1184
CVE-2022-1789
CVE-2022-1852
CVE-2022-1966
CVE-2022-1972
CVE-2022-1973
CVE-2022-2078
CVE-2022-32250
CVE-2022-32981
CVE-2022-34494
CVE-2022-34495
CVE-2022-21125
CVE-2022-21166
CVE-2022-21123
CVE    14
CVE-2022-1789
CVE-2022-1973
CVE-2022-2078
CVE-2022-32981
...

© SecPod Technologies