An update for kernel is now available for openEuler-22.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1942 Final 1.0 1.0 2022-09-23 Initial 2022-09-23 2022-09-23 openEuler SA Tool V1.0 2022-09-23 kernel security update An update for kernel is now available for openEuler-22.03-LTS. The Linux Kernel, the operating system core itself. Security Fix(es): Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.(CVE-2022-26373) A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.(CVE-2022-2991) An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.(CVE-2022-2905) An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c.(CVE-2022-3078) An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.(CVE-2022-40307) An update for kernel is now available for openEuler-22.03-LTS. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium kernel https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-26373 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-2991 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-2905 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-3078 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-40307 https://nvd.nist.gov/vuln/detail/CVE-2022-26373 https://nvd.nist.gov/vuln/detail/CVE-2022-2991 https://nvd.nist.gov/vuln/detail/CVE-2022-2905 https://nvd.nist.gov/vuln/detail/CVE-2022-3078 https://nvd.nist.gov/vuln/detail/CVE-2022-40307 openEuler-22.03-LTS python3-perf-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-tools-devel-5.10.0-60.57.0.85.oe2203.aarch64.rpm perf-debuginfo-5.10.0-60.57.0.85.oe2203.aarch64.rpm bpftool-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-source-5.10.0-60.57.0.85.oe2203.aarch64.rpm bpftool-debuginfo-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-debugsource-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-headers-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-tools-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-debuginfo-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-5.10.0-60.57.0.85.oe2203.aarch64.rpm python3-perf-debuginfo-5.10.0-60.57.0.85.oe2203.aarch64.rpm perf-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-devel-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-tools-debuginfo-5.10.0-60.57.0.85.oe2203.aarch64.rpm kernel-5.10.0-60.57.0.85.oe2203.src.rpm kernel-tools-debuginfo-5.10.0-60.57.0.85.oe2203.x86_64.rpm perf-debuginfo-5.10.0-60.57.0.85.oe2203.x86_64.rpm bpftool-5.10.0-60.57.0.85.oe2203.x86_64.rpm bpftool-debuginfo-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-devel-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-debugsource-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-source-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-debuginfo-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-tools-devel-5.10.0-60.57.0.85.oe2203.x86_64.rpm python3-perf-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-headers-5.10.0-60.57.0.85.oe2203.x86_64.rpm kernel-tools-5.10.0-60.57.0.85.oe2203.x86_64.rpm perf-5.10.0-60.57.0.85.oe2203.x86_64.rpm python3-perf-debuginfo-5.10.0-60.57.0.85.oe2203.x86_64.rpm Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. 2022-09-23 CVE-2022-26373 openEuler-22.03-LTS Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N kernel security update 2022-09-23 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942 A heap-based buffer overflow was found in the Linux kernel s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. 2022-09-23 CVE-2022-2991 openEuler-22.03-LTS Medium 6.7 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H kernel security update 2022-09-23 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942 An out-of-bounds memory read flaw was found in the Linux kernel s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. 2022-09-23 CVE-2022-2905 openEuler-22.03-LTS Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N kernel security update 2022-09-23 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942 An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c. 2022-09-23 CVE-2022-3078 openEuler-22.03-LTS Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H kernel security update 2022-09-23 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942 An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. 2022-09-23 CVE-2022-40307 openEuler-22.03-LTS Medium 4.7 AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H kernel security update 2022-09-23 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1942