{"id":"MGASA-2022-0062","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream 5.15.23 and fixes at least the\nfollowing security issues:\n\nA stack overflow flaw was found in the Linux kernel TIPC protocol\nfunctionality in the way a user sends a packet with malicious content\nwhere the number of domain member nodes is higher than the 64 allowed.\nThis flaw allows a remote user to crash the system or possibly escalate\ntheir privileges if they have access to the TIPC network (CVE-2022-0435).\n\nA vulnerability was found in the Linux kernel cgroup_release_agent_write\nin the kernel/cgroup/cgroup-v1.c function. This flaw, under certain\ncircumstances, allows the use of the cgroups v1 release_agent feature to\nescalate privileges and bypass the namespace isolation unexpectedly\n(CVE-2022-0492).\n\nAn issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5.\nIf an application sets the O_DIRECTORY flag, and tries to open a regular\nfile, nfs_atomic_open() performs a regular lookup. If a regular file is\nfound, ENOTDIR should occur, but the server instead returns uninitialized\ndata in the file descriptor (CVE-2022-24448).\n\nOther fixes in this update:\n- enable several missed MediaTek wifi drivers (mga#29965)\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-04-16T00:09:05.066883894Z","published":"2022-02-15T20:50:31Z","upstream":["CVE-2022-0435","CVE-2022-0492","CVE-2022-24448"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0062.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30030"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29965"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.19"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.20"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.21"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.22"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.23"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.23-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0062.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.32-1.6.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0062.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.18-1.56.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0062.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}