{"schema_version":"1.7.2","id":"OESA-2023-1228","modified":"2023-04-14T11:05:10Z","published":"2023-04-14T11:05:10Z","upstream":["CVE-2023-1611","CVE-2023-1670","CVE-2023-1859","CVE-2023-1582","CVE-2022-4744"],"summary":"kernel security update","details":"The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nA use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea(CVE-2023-1611)\r\n\r\nA flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.(CVE-2023-1670)\r\n\r\nA use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.(CVE-2023-1859)\n\nA race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.(CVE-2023-1582)\n\nA double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.(CVE-2022-4744)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS","name":"kernel","purl":"pkg:rpm/openEuler/kernel\u0026distro=openEuler-22.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.0-60.90.0.114.oe2203"}]}],"ecosystem_specific":{"aarch64":["kernel-devel-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-tools-5.10.0-60.90.0.114.oe2203.aarch64.rpm","perf-debuginfo-5.10.0-60.90.0.114.oe2203.aarch64.rpm","bpftool-5.10.0-60.90.0.114.oe2203.aarch64.rpm","python3-perf-5.10.0-60.90.0.114.oe2203.aarch64.rpm","python3-perf-debuginfo-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-headers-5.10.0-60.90.0.114.oe2203.aarch64.rpm","bpftool-debuginfo-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-tools-debuginfo-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-5.10.0-60.90.0.114.oe2203.aarch64.rpm","perf-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-tools-devel-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-source-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-debuginfo-5.10.0-60.90.0.114.oe2203.aarch64.rpm","kernel-debugsource-5.10.0-60.90.0.114.oe2203.aarch64.rpm"],"src":["kernel-5.10.0-60.90.0.114.oe2203.src.rpm"],"x86_64":["python3-perf-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-tools-devel-5.10.0-60.90.0.114.oe2203.x86_64.rpm","perf-5.10.0-60.90.0.114.oe2203.x86_64.rpm","perf-debuginfo-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-source-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-debuginfo-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-headers-5.10.0-60.90.0.114.oe2203.x86_64.rpm","bpftool-5.10.0-60.90.0.114.oe2203.x86_64.rpm","bpftool-debuginfo-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-tools-5.10.0-60.90.0.114.oe2203.x86_64.rpm","python3-perf-debuginfo-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-debugsource-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-devel-5.10.0-60.90.0.114.oe2203.x86_64.rpm","kernel-tools-debuginfo-5.10.0-60.90.0.114.oe2203.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1228"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1611"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1670"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1859"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1582"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4744"}],"database_specific":{"severity":"High"}}