OESA-2022-2035
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-2035
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-2035.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2022-2035
- Upstream
- Published
- 2022-11-04T11:04:29Z
- Modified
- 2025-09-03T06:18:21.271703Z
- Summary
- kernel security update
- Details
-
The Linux Kernel, the operating system core itself.
Security Fix(es):
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRU_CMD case.(CVE-2022-40768)
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsbmaplookupatlevel of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.(CVE-2022-3621)
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.(CVE-2022-3635)
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.(CVE-2022-43750)
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file net/vmwvsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.(CVE-2022-3629)
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlog_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.(CVE-2022-3646)
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.(CVE-2022-3586)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-2035
- https://nvd.nist.gov/vuln/detail/CVE-2022-40768
- https://nvd.nist.gov/vuln/detail/CVE-2022-3621
- https://nvd.nist.gov/vuln/detail/CVE-2022-3635
- https://nvd.nist.gov/vuln/detail/CVE-2022-43750
- https://nvd.nist.gov/vuln/detail/CVE-2022-3629
- https://nvd.nist.gov/vuln/detail/CVE-2022-3646
- https://nvd.nist.gov/vuln/detail/CVE-2022-3586
Affected packages
openEuler:20.03-LTS-SP3 / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/openEuler/kernel&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.90-2211.1.0.0175.oe1
Ecosystem specific
{
"src": [
"kernel-4.19.90-2211.1.0.0175.oe1.src.rpm"
],
"x86_64": [
"perf-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"perf-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"python3-perf-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-tools-devel-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"bpftool-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-devel-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-debugsource-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"bpftool-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"python2-perf-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-source-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"python3-perf-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-tools-debuginfo-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"kernel-tools-4.19.90-2211.1.0.0175.oe1.x86_64.rpm",
"python2-perf-4.19.90-2211.1.0.0175.oe1.x86_64.rpm"
],
"aarch64": [
"python2-perf-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-devel-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"python3-perf-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"bpftool-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-debugsource-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"bpftool-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-source-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-tools-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-tools-devel-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"perf-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"python2-perf-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-tools-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"python3-perf-debuginfo-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"kernel-4.19.90-2211.1.0.0175.oe1.aarch64.rpm",
"perf-4.19.90-2211.1.0.0175.oe1.aarch64.rpm"
]
}