QID 353947
Date Published: 2022-06-09
QID 353947: Amazon Linux Security Advisory for kernel : ALAS2-2022-1798
A memory leak flaw was found in the linux kernel's dma subsystem, in the way a user calls dma_from_device.
This flaw allows a local user to read random memory from the kernel space. (
( CVE-2022-0854) a null pointer dereference flaw was found in the linux kernel's x.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated ethernet card and continued usage of this connection.
This flaw allows a local user to crash the system. (
( CVE-2022-1516) perf: fix sys_perf_event_open() race against self (cve-2022-1729) improper update of reference count vulnerability in net/sched of linux kernel allows local attacker to cause privilege escalation to root.
This issue affects: linux kernel versions prior to 5.18; version 4.14 and later versions. (
( CVE-2022-29581) the linux kernel before 5.17.2 mishandles seccomp permissions.
The ptrace_seize code path allows attackers to bypass intended restrictions on setting the pt_suspend_seccomp flag. (
( CVE-2022-30594)
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
- ALAS2-2022-1798 -
alas.aws.amazon.com/AL2/ALAS-2022-1798.html
CVEs related to QID 353947
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS2-2022-1798 | Amazon Linux 2 |
alas.aws.amazon.com/AL2/ALAS-2022-1798.html |