Huawei EulerOS: CVE-2022-3424: kernel security update

Huawei EulerOS: CVE-2022-3424: kernel security update

Severity

7

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

03/06/2023

Created

06/09/2023

Added

06/09/2023

Modified

01/28/2025

Description

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Solution(s)

• huawei-euleros-2_0_sp5-upgrade-kernel
• huawei-euleros-2_0_sp5-upgrade-kernel-devel
• huawei-euleros-2_0_sp5-upgrade-kernel-headers
• huawei-euleros-2_0_sp5-upgrade-kernel-tools
• huawei-euleros-2_0_sp5-upgrade-kernel-tools-libs
• huawei-euleros-2_0_sp5-upgrade-perf
• huawei-euleros-2_0_sp5-upgrade-python-perf

References

• https://attackerkb.com/topics/cve-2022-3424
• CVE - 2022-3424
• EulerOS-SA-2023-2152