{"id":"MGASA-2022-0213","summary":"Updated kernel-linus packages fix security vulnerabilities","details":"This kernel-linus update is based on upstream 5.15.43 and fixes at least\nthe following security issues:\n\nA race condition in the perf subsystem allows for a local privilege\nescalation. NOTE: Mageia kernels by default has disabled the perf usage\nfor unprivileged users, effectively rendering this vulnerability harmless\n(CVE-2022-1729).\n\nKernel could allow a remote attacker to bypass security restrictions,\ncaused by a lockdown break issue. By sending a specially-crafted request\nusing the kernel debugger, an attacker could exploit this vulnerability\nto perform read and write access to kernel memory (CVE-2022-21499).\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-04-16T04:40:42.534591587Z","published":"2022-05-28T08:56:13Z","upstream":["CVE-2022-1729","CVE-2022-21499"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0213.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30476"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.42"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.43"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.43-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0213.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}