important: kernel security update
important
An update for kernel is now available for NewStart CGSL MAIN 6.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
kernel: This package provides *.ipa-clones files.
Security Fix(es):
kernel: A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.(CVE-2021-4037)
kernel: A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERF_TYPE_TRACEPOINT and sub PERF_EVENT_HARDWARE plus the PERF_EVENT_SOFTWARE using the perf_event_open() function with these three types. This flaw allows a local user to crash the system.(CVE-2022-1729)
kernel: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.02.E0CP1B1.