Synopsis:
kernel security updateSummary:
An update for kernel is now available for openEuler-20.03-LTS-SP3.Description:
The Linux Kernel, the operating system core itself.
Security Fix(es):
An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.(CVE-2022-40307)
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.(CVE-2022-3239)Topic:
An update for kernel is now available for openEuler-20.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.Severity:
HighAffected Component:
kernel
4.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe14.19.90-2209.6.0.0170.oe1Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H