- 219/2022
- High
Redhat, Ubuntu, SUSE, and Debian released security updates to address multiple vulnerabilities. The attacker could exploit some of these vulnerabilities to take control of the affected system.
The most severe vulnerability in the Linux kernel could allow the attacker to execute arbitrary code on the system caused by sending a specially-crafted request.
Sample of the addressed vulnerabilities:
1- Linux Kernel Integer Overflow (CVE-2022-39842):
• CVSS: 8.4
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
2- Linux Kernel Denial of Service (CVE-2022-39190):
• CVSS: 6.2
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Denial of Service
Vulnerabilities
- CVE-2022-39842
- CVE-2022-39190
- CVE-2022-2785
- CVE-2022-3103
- CVE-2022-3303
Mitigations
The enterprise should deploy the patches as soon as the testing phase is completed.
- Redhat
- SUSE
Suse Updates - Ubuntu
Ubuntu Updates - Debian
Debian Updates