Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.2878
linux security update
13 June 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: linux
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28893 CVE-2022-21499 CVE-2022-1975
CVE-2022-1974 CVE-2022-1972 CVE-2022-1966
CVE-2022-1852 CVE-2022-1789 CVE-2022-1786
CVE-2022-1729 CVE-2022-1012 CVE-2022-0854
CVE-2022-0494
Original Bulletin:
https://lists.debian.org/debian-security-announce/2022/msg00129.html
Comment: CVSS (Max): 8.2 CVE-2022-1012 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)
CVSS Source: NVD, [Red Hat], SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5161-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
June 11, 2022 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : linux
CVE ID : CVE-2022-0494 CVE-2022-0854 CVE-2022-1012 CVE-2022-1729
CVE-2022-1786 CVE-2022-1789 CVE-2022-1852 CVE-2022-1966
CVE-2022-1972 CVE-2022-1974 CVE-2022-1975 CVE-2022-21499
CVE-2022-28893
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
CVE-2022-0494
The scsi_ioctl() was susceptible to an information leak only
exploitable by users with CAP_SYS_ADMIN or CAP_SYS_RAWIO
capabilities.
CVE-2022-0854
Ali Haider discovered a potential information leak in the DMA
subsystem. On systems where the swiotlb feature is needed, this
might allow a local user to read sensitive information.
CVE-2022-1012
The randomisation when calculating port offsets in the IP
implementation was enhanced.
CVE-2022-1729
Norbert Slusarek discovered a race condition in the perf subsystem
which could result in local privilege escalation to root. The
default settings in Debian prevent exploitation unless more
permissive settings have been applied in the
kernel.perf_event_paranoid sysctl.
CVE-2022-1786
Kyle Zeng discovered a use-after-free in the io_uring subsystem
which way result in local privilege escalation to root.
CVE-2022-1789 / CVE-2022-1852
Yongkang Jia, Gaoning Pan and Qiuhao Li discovered two NULL pointer
dereferences in KVM's CPU instruction handling, resulting in denial
of service.
CVE-2022-1966
Aaron Adams discovered a use-after-free in Netfilter which may
result in local privilege escalation to root.
CVE-2022-1972
Ziming Zhang discovered an out-of-bound write in Netfilter which may
result in local privilege escalation to root.
CVE-2022-1974 / CVE-2022-1975
Duoming Zhou discovered that the NFC netlink interface was
suspectible to denial of service.
CVE-2022-21499
It was discovered that the kernel debugger could be used to bypass
UEFI Secure Boot restrictions.
CVE-2022-28893
Felix Fu discovered a use-after-free in the implementation of the
Remote Procedure Call (SunRPC) protocol, which could in denial of
service or an information leak.
For the stable distribution (bullseye), these problems have been fixed in
version 5.10.120-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKkWHlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R99w//T94sBtctj4AfiOkHI2Bp6+frX++VBeSQa2Kzgi4mzN7K+NCf527O135f
eKPt5LBSjItdcB4TZFVeVjeGWjve96i/jZuRD66WmEr+15bVcE9UjeS//cSUEiRD
FBkZm/cYeNJo69+VwolkzJaySoN3EuFseu6fQ++IZJsrItzhUpU+OPap+uWxJPCj
MSVfrI/qCIm0TY1tetdnh9IIPdAxFu5RBMGG+QDZHdB8bLaLJOlQwzfUFEYy4qTL
8J/ntbvjiZXBvAG0ZEnVyTqU6jmjJS1NtIYEAwror4yRoCGROT8AAGP3jywrVIg/
MG58s50aMN42nbdBPGYw1KYaltfVIEZWk+OAfRUzojj0hvatKsJjAXkp/r+Rx2JC
6cfCzo9zYY5yb3OAmMobl59L6JdrPjyyPfMBErOBtZMdFAUHd2xynszZ+IVfJibQ
rXkPHN3l2V08wOV9NGXEbarFTfu8lOXetEiPiRbIX5ntR7DcKEu28o/QeXC4EcKJ
qRAm7U2GIrNC8ES669/84kdcg53yxehWcW0Vp+2JhS7+NAQP1sPWnpWwnFgTm11C
RPWKoxTIj9U7yQg3Oc99sHzMEhsBHx21E+EzfLoGb8W3hX89yjNbKThNW/4Ow9UE
ALezdpKlIQ5wFsRdsyBClJSqjFlBmShwf9VYyg7dLv+VmPINTvM=
=SLnt
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBYqais8kNZI30y1K9AQg4UA//R5YrEFxjv5tmLcq6TuQq4YKsg+CRrAXD
SJzNM/KJlusMMqy+bsy3cKdaG1PJqJUri3GujaPtADz6SlJ4Fgb/8chlPkTfcOIV
zys4oudqT3+HbUIgQtK8HwymuYqRvNq7J91sk3t9AlLfut8zN6PinzXy7LoZrM1u
pLaIZV89Xkqhj7Ub3ANDwvZPSynEPgCGmJxPflEPrtiqeuiIH+a1sps+yFaciqFd
eQepODxL62jtL6ZtucGL/b0pz7uhCf8P9lYskoIuFql5jJ/0PU+vP+zMFJsxNOCX
26fDGTqGX4M/SZwvFxgzfPmytGQYkV9tJbzLUt5ITf9yeQur0SfoJ1pPUTd2Fm71
qWqvrlD7Be3DsAR67LBqkwX+zJRYZBz4qItjfCsjm4/ZzuzR7Jl7h3hzJPqrOsEy
/Iatv1yjjnCsxm/dvZs3iMSyXFcemwuFE4cIB97ISeuGky28SCWfc3ApkVsxtJ/u
HO30DqrFLZHNj3b/4RiGjrsAFoIp1DsMwkDES3smgxVj0Cr6UBCELEUlY9U8uXV9
dDzZCUb2WAb2n55/BImNMa3Pl5Z6kTm6yJdAyJhgPHOK16BCLLOAUncPze66mXG2
iu86zgyTfEsdVHsRo0t98w+dmaV3Q2UHaml4Zw5zySCSicczoc9dbweN9mDY8+2/
UkNuLc3jBtg=
=PjMq
-----END PGP SIGNATURE-----