{"id":"OESA-2022-1845","summary":"kernel security update","details":"\r\n\r\nSecurity Fix(es):\r\n\r\nst21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.(CVE-2022-26490)\r\n\r\nThe Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.(CVE-2022-36123)\n\nA use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local, privileged attacker to crash the system, possibly leading to a local privilege escalation issue.(CVE-2022-2588)\n\nIt was discovered that when exec ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.(CVE-2022-2585)","modified":"2026-03-11T06:23:17.897050Z","published":"2022-08-19T11:04:09Z","upstream":["CVE-2022-2585","CVE-2022-2588","CVE-2022-26490","CVE-2022-36123"],"database_specific":{"severity":"High"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1845"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26490"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36123"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2588"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2585"}],"affected":[{"package":{"name":"kernel","ecosystem":"openEuler:22.03-LTS","purl":"pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.0-60.51.0.79.oe2203"}]}],"ecosystem_specific":{"src":["kernel-5.10.0-60.51.0.79.oe2203.src.rpm"],"x86_64":["kernel-debuginfo-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-source-5.10.0-60.51.0.79.oe2203.x86_64.rpm","perf-5.10.0-60.51.0.79.oe2203.x86_64.rpm","bpftool-5.10.0-60.51.0.79.oe2203.x86_64.rpm","perf-debuginfo-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-tools-devel-5.10.0-60.51.0.79.oe2203.x86_64.rpm","python3-perf-debuginfo-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-tools-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-headers-5.10.0-60.51.0.79.oe2203.x86_64.rpm","bpftool-debuginfo-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-tools-debuginfo-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-debugsource-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-devel-5.10.0-60.51.0.79.oe2203.x86_64.rpm","kernel-5.10.0-60.51.0.79.oe2203.x86_64.rpm","python3-perf-5.10.0-60.51.0.79.oe2203.x86_64.rpm"],"aarch64":["python3-perf-5.10.0-60.51.0.79.oe2203.aarch64.rpm","perf-debuginfo-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-debuginfo-5.10.0-60.51.0.79.oe2203.aarch64.rpm","bpftool-debuginfo-5.10.0-60.51.0.79.oe2203.aarch64.rpm","perf-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-debugsource-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-tools-debuginfo-5.10.0-60.51.0.79.oe2203.aarch64.rpm","python3-perf-debuginfo-5.10.0-60.51.0.79.oe2203.aarch64.rpm","bpftool-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-headers-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-source-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-devel-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-tools-devel-5.10.0-60.51.0.79.oe2203.aarch64.rpm","kernel-tools-5.10.0-60.51.0.79.oe2203.aarch64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2022-1845.json"}}],"schema_version":"1.7.5"}