Summary: | Heap buffer overflow in legacy_parse_param (local privilege escalation) (CVE-2022-0185) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Kernel | Assignee: | Gentoo Kernel Security <security-kernel> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://seclists.org/oss-sec/2022/q1/55 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 831615, 831616, 831618 | ||
Bug Blocks: |
Description
Sam James
2022-01-20 15:59:34 UTC
Fixed versions:
>=5.15.16
>=5.10.93
>=5.4.173
Earlier branches not affected.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=693263a0b9dc61f1d7d025fe955ea6a925945e3f commit 693263a0b9dc61f1d7d025fe955ea6a925945e3f Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-01-20 18:22:27 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-01-20 18:22:27 +0000 sys-kernel/gentoo-sources: Auto-stabilize due to security issue Bug: https://bugs.gentoo.org/831606 See: https://wiki.gentoo.org/wiki/Project:Kernel#Kernel_stabilization Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/Manifest | 15 ------------ .../gentoo-sources/gentoo-sources-5.4.168.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.4.169.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.4.170.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.4.171.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.4.172.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.4.173.ebuild | 2 +- 7 files changed, 1 insertion(+), 156 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d25d4f3a21e942b0d939fef3d0d79d043986ef1 commit 2d25d4f3a21e942b0d939fef3d0d79d043986ef1 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-01-20 18:24:04 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-01-20 18:24:04 +0000 sys-kernel/gentoo-sources: Auto-stabilize 5.10.93 due to security issue Bug: https://bugs.gentoo.org/831606 See: https://wiki.gentoo.org/wiki/Project:Kernel#Kernel_stabilization Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/Manifest | 15 ------------ .../gentoo-sources/gentoo-sources-5.10.88.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.10.89.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.10.90.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.10.91.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.10.92.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.10.93.ebuild | 2 +- 7 files changed, 1 insertion(+), 156 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=67928dc1c2fc3938981081325e97cf1ee459cb9f commit 67928dc1c2fc3938981081325e97cf1ee459cb9f Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-01-20 18:26:02 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-01-20 18:26:02 +0000 sys-kernel/gentoo-sources: Auto-stabilize 5.15.16 due to security issue Bug: https://bugs.gentoo.org/831606 See: https://wiki.gentoo.org/wiki/Project:Kernel#Kernel_stabilization Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/Manifest | 15 ------------ .../gentoo-sources/gentoo-sources-5.15.11.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.15.12.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.15.13.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.15.14.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.15.15.ebuild | 28 ---------------------- .../gentoo-sources/gentoo-sources-5.15.16.ebuild | 2 +- 7 files changed, 1 insertion(+), 156 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8ccda939720fd542e1c393d0819ee05a52f537 commit 3f8ccda939720fd542e1c393d0819ee05a52f537 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-01-23 09:11:25 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-01-23 09:13:44 +0000 sys-kernel/pf-sources: add 5.15.{14..16} patches for CAP_SYS_ADMIN Bug: https://bugs.gentoo.org/831606 Signed-off-by: Joonas Niilola <juippis@gentoo.org> sys-kernel/pf-sources/Manifest | 3 + sys-kernel/pf-sources/pf-sources-5.15_p6-r1.ebuild | 82 ++++++++++++++++++++++ 2 files changed, 85 insertions(+) Stabled and cleaned up, all done. |