pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p11/ALT-PU-2022-1746/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

272 lines
13 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20221746",
"Version": "oval:org.altlinux.errata:def:20221746",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2022-1746: package `kernel-image-rpi-def` update to version 5.15.33-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2022-1746",
"RefURL": "https://errata.altlinux.org/ALT-PU-2022-1746",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-01597",
"RefURL": "https://bdu.fstec.ru/vul/2022-01597",
"Source": "BDU"
},
{
"RefID": "BDU:2022-02383",
"RefURL": "https://bdu.fstec.ru/vul/2022-02383",
"Source": "BDU"
},
{
"RefID": "BDU:2022-02968",
"RefURL": "https://bdu.fstec.ru/vul/2022-02968",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03004",
"RefURL": "https://bdu.fstec.ru/vul/2022-03004",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03034",
"RefURL": "https://bdu.fstec.ru/vul/2022-03034",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05852",
"RefURL": "https://bdu.fstec.ru/vul/2022-05852",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05855",
"RefURL": "https://bdu.fstec.ru/vul/2022-05855",
"Source": "BDU"
},
{
"RefID": "CVE-2022-0742",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0742",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0995",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0995",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1158",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1158",
"Source": "CVE"
},
{
"RefID": "CVE-2022-29156",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-29156",
"Source": "CVE"
},
{
"RefID": "CVE-2022-2977",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2977",
"Source": "CVE"
},
{
"RefID": "CVE-2022-30594",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-30594",
"Source": "CVE"
},
{
"RefID": "CVE-2022-3239",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-3239",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-rpi-def to version 5.15.33-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01597: Уязвимость компонента watch_queue ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код с привилегиями root\n\n * BDU:2022-02383: Уязвимость реализации сетевого протокола ICMPv6 ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-02968: Уязвимость функции rtrs_clt_dev_release (drivers/infiniband/ulp/rtrs/rtrs-clt.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03004: Уязвимость системного вызова PTRACE_SEIZE безопасного режима вычислений seccomp ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2022-03034: Уязвимость реализации функции get_user_pages_fast() подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * BDU:2022-05852: Уязвимость реализации прокси-виртуализированных TPM-устройств ядра операционной системы Linux, позволяющая нарушителю повысить привилегии в системе\n\n * BDU:2022-05855: Уязвимость функции em28xx_usb_probe драйвера video4linux ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии\n\n * CVE-2022-0742: Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.\n\n * CVE-2022-0995: An out-of-bounds (OOB) memory write flaw was found in the Linux kernels watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.\n\n * CVE-2022-1158: A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.\n\n * CVE-2022-29156: drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.\n\n * CVE-2022-2977: A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.\n\n * CVE-2022-30594: The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.\n\n * CVE-2022-3239: A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2022-04-22"
},
"Updated": {
"Date": "2022-04-22"
},
"BDUs": [
{
"ID": "BDU:2022-01597",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-01597",
"Impact": "High",
"Public": "20220311"
},
{
"ID": "BDU:2022-02383",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-275, CWE-401, CWE-459",
"Href": "https://bdu.fstec.ru/vul/2022-02383",
"Impact": "High",
"Public": "20220303"
},
{
"ID": "BDU:2022-02968",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-415",
"Href": "https://bdu.fstec.ru/vul/2022-02968",
"Impact": "High",
"Public": "20220218"
},
{
"ID": "BDU:2022-03004",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-275, CWE-862, CWE-863",
"Href": "https://bdu.fstec.ru/vul/2022-03004",
"Impact": "High",
"Public": "20220512"
},
{
"ID": "BDU:2022-03034",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03034",
"Impact": "High",
"Public": "20220402"
},
{
"ID": "BDU:2022-05852",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-05852",
"Impact": "High",
"Public": "20220308"
},
{
"ID": "BDU:2022-05855",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-05855",
"Impact": "High",
"Public": "20220222"
}
],
"CVEs": [
{
"ID": "CVE-2022-0742",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0742",
"Impact": "High",
"Public": "20220318"
},
{
"ID": "CVE-2022-0995",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0995",
"Impact": "High",
"Public": "20220325"
},
{
"ID": "CVE-2022-1158",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1158",
"Impact": "High",
"Public": "20220805"
},
{
"ID": "CVE-2022-29156",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-29156",
"Impact": "High",
"Public": "20220413"
},
{
"ID": "CVE-2022-2977",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2977",
"Impact": "High",
"Public": "20220914"
},
{
"ID": "CVE-2022-30594",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-862",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-30594",
"Impact": "High",
"Public": "20220512"
},
{
"ID": "CVE-2022-3239",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-3239",
"Impact": "High",
"Public": "20220919"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20221746001",
"Comment": "kernel-headers-modules-rpi-def is earlier than 1:5.15.33-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221746002",
"Comment": "kernel-headers-rpi-def is earlier than 1:5.15.33-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221746003",
"Comment": "kernel-image-rpi-def is earlier than 1:5.15.33-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink