NS-SA-2025-0232

简介

moderate: kernel/docker-ce security update

严重级别

moderate

主题

An update for kernel/docker-ce is now available for NewStart CGSL MAIN 6.06.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

kernel:
docker-ce:


Security Fix(es):
kernel: In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).(CVE-2023-22998)
kernel: bugfix
docker-ce: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup.(CVE-2022-36109)
docker-ce: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.06.02B5.

影响组件

• kernel
• docker-ce

影响产品

• CGSL MAIN 6.06

更新包

CVE

• CVE-2023-22998
• CVE-2022-36109

参考

• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22998
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36109