In a security advisory published on October 18, several vulnerabilities impacting the Linux kernel were notified. The Debian Linux security advisory 5257-1 mentioned that the noted vulnerabilities could have caused unauthorized access to affected systems, denial of service (DoS) attacks, and data theft among other threats.
The vulnerabilities
- CVE-2021-4037 allowed cybercriminals or any intruder to create files after gaining unauthorized access and privileges by making a plain file executable and SGID.
- CVE-2022-0171 was a cache incoherence issue in the SEV API in the KVM subsystem that could have been exploited to cause a denial of service (DoS) attack.
- CVE-2022-1184 impacted the ext4 filesystem driver making it vulnerable to memory crashes, denial of service attacks, and privilege access.
- CVE-2022-2602 could have been exploited by cyber-attackers in gaining unauthorized access.
- CVE-2022-2663 exposed the nf_conntrack_irc connection tracking protocol module while it was enabled on a firewall. It would allow someone on the same IRC network to exploit its lax parsing to open arbitrary TCP ports in the firewall. This would allow them to access the user’s public IP address and block their IRC connection at the firewall.
- CVE-2022-3061 was found exposing the i740 driver to denial of service attacks. However, this driver is not enabled in Debian’s official kernel configuration.
- CVE-2022-3176 led to use-after-free access that would allow cyber-attackers to gain local privilege escalation to root.
- CVE-2022-3303 in the sound subsystem, in the Linux kernel made it vulnerable to denial of service attacks. It was found in the snd_pcm_oss_sync function resulting from improper locking.
- CVE-2022-20421 vulnerability in the Android binder driver system would have allowed unauthorized access to hackers.
- CVE-2022-39188 in the kernel’s handling of memory ranges could have been exploited to cause DoS attacks.
Similarly, several other vulnerabilities were found that caused integer overflow that would allow increasing privileges, DoS attacks, system crashes, etc. Some of them were – CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, and CVE-2022-42722. A fix to these vulnerabilities was made available in version 5.10.149-1. Upgrading Linux packages was also suggested in the advisory for complete protection against threats.
