When upgrading, be sure to restart all network devices that rely on the bond.
A flaw was found in the Linux kernel that could allow a user with CAP_NET_ADMIN capability to bypass intended access restrictions.
A privileged user on a Linux system with the ability to create newApplication programming interface (API) user accounts could potentially bypass intended access restrictions by using a user created for one purpose to create user accounts for other purposes.
An issue in the user mapping implementation in Red Hat Enterprise Linux 7 could result in user accounts being created with no username. A user on a system with user mapping enabled could potentially bypass intended access restrictions by using the root user to create other user accounts.
A flaw was found in the Linux kernel that could result in possible information disclosure afterredirection of network traffic via local sockets when using the eBPF programroutine. A malicious user in possession of a socket/network device combination could potentially exploit this flaw to obtain information about actions by other users on the network.
Despite the fact that unprivileged users cannot directly create network connections, they can gain access to network devices through which other users are able to create network connections. Redirecting these connections to an unauthorized network device could have the potential to reveal information to the attacker.
Linux kernel - bounds checking and race condition
The Linux kernel is a monolithic operating system made up of different layers. The Linux kernel is responsible for interfacing with hardware and providing access to it. The Linux kernel also provides an interface that allows users to log in and access their computer as well as the computer on which they are logged in. When there is a security vulnerability that affects the Linux kernel, it is called within the bounds checking and race condition vulnerability model. This vulnerability can allow attackers to bypass intended access restrictions by exploiting this flaw.
Timeline
Published on: 01/31/2022 16:15:00 UTC
Last modified on: 07/25/2022 18:19:00 UTC
References
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40
- https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0286