StarlingX

[Debian] CVE: CVE-2022-1012/CVE-2022-36946/CVE-2022-3621/CVE-2022-3649/CVE-2022-3594: kernel: multiple CVEs

Bug #1996015 reported by Yue Tao on 2022-11-09

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	Medium	Jiping Ma

Bug Description

CVE-2022-1012: [https://nvd.nist.gov/vuln/detail/CVE-2022-1012]
CVE-2022-36946: [https://nvd.nist.gov/vuln/detail/CVE-2022-36946]
CVE-2022-3621: [https://nvd.nist.gov/vuln/detail/CVE-2022-3621]
CVE-2022-3649: [https://nvd.nist.gov/vuln/detail/CVE-2022-3649]
CVE-2022-3594: [https://nvd.nist.gov/vuln/detail/CVE-2022-3594]

Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-1012 fixed 8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-36946 fixed 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 fixed 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3649 fixed 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 fixed 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Upgrade Yocto kernel v5.10.150

Tags:

CVE References

Yue Tao (wrytao) on 2022-11-09

Changed in starlingx:
assignee:	nobody → Jiping Ma (jma11)
importance:	Undecided → Medium
status:	New → Triaged
information type:	Public → Public Security
tags:	added: stx.8.0
tags:	added: stx.security

Revision history for this message

Yue Tao (wrytao) wrote on 2022-11-15:

fixed by https://review.opendev.org/c/starlingx/kernel/+/864389

Changed in starlingx:
status:	Triaged → Fix Committed
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.