{"schema_version":"1.7.2","id":"OESA-2023-1353","modified":"2023-06-17T11:05:24Z","published":"2023-06-17T11:05:24Z","upstream":["CVE-2023-31084","CVE-2023-33288","CVE-2023-2985"],"summary":"kernel security update","details":"The Linux Kernel image for RaspberryPi.\n\nSecurity Fix(es):\n\nAn issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026amp;fepriv-\u0026gt;sem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026amp;fepriv-\u0026gt;sem) may block the process.(CVE-2023-31084)\n\nAn issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.(CVE-2023-33288)\n\nA use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.(CVE-2023-2985)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"kernel","purl":"pkg:rpm/openEuler/kernel\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.90-2306.3.0.0205.oe1"}]}],"ecosystem_specific":{"aarch64":["kernel-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-debugsource-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","perf-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","perf-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-source-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-tools-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","python2-perf-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","python3-perf-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-devel-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","python2-perf-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","bpftool-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-tools-debuginfo-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","kernel-tools-devel-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","bpftool-4.19.90-2306.3.0.0205.oe1.aarch64.rpm","python3-perf-4.19.90-2306.3.0.0205.oe1.aarch64.rpm"],"src":["kernel-4.19.90-2306.3.0.0205.oe1.src.rpm"],"x86_64":["kernel-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","perf-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-tools-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","perf-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","bpftool-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-devel-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-debugsource-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","python2-perf-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-tools-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","python3-perf-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","python2-perf-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-source-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-tools-devel-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","python3-perf-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","bpftool-4.19.90-2306.3.0.0205.oe1.x86_64.rpm","kernel-debuginfo-4.19.90-2306.3.0.0205.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1353"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31084"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33288"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2985"}],"database_specific":{"severity":"Medium"}}