1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:0325-1

[SUSE-SU-2022:0325-1] Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3)

Severity Important
Affected Packages 4
CVEs 9
Info Packages References Vulnerabilities

Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94_141 fixes several issues.

The following security issues were fixed:

  • CVE-2018-25020: Fixed an issue in the BPF subsystem in the Linux kernel mishandled situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. (bsc#1193575)
  • CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bsc#1191193)
  • CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673, CVE-2021-23134: Fixed multiple bugs in NFC subsytem (bsc#1178181, bsc#1186060).
  • CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service. (bsc#1193157)
  • CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).
Package Affected Version
pkg:rpm/suse/kgraft-patch-4_4_180-94_141-default?arch=x86_64&distro=sles-12&sp=3 < 13-2.2
pkg:rpm/suse/kgraft-patch-4_4_180-94_141-default?arch=ppc64le&distro=sles-12&sp=3 < 13-2.2
pkg:rpm/suse/kgraft-patch-4_4_180-94_138-default?arch=x86_64&distro=sles-12&sp=3 < 14-2.2
pkg:rpm/suse/kgraft-patch-4_4_180-94_138-default?arch=ppc64le&distro=sles-12&sp=3 < 14-2.2
ID
SUSE-SU-2022:0325-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20220325-1/
Published
2022-02-04T08:27:37
(2 years ago)
Modified
2022-02-04T08:27:37
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0325-1.json
Suse URL for SUSE-SU-2022:0325-1 https://www.suse.com/support/update/announcement/2022/suse-su-20220325-1/
Suse E-Mail link for SUSE-SU-2022:0325-1 https://lists.suse.com/pipermail/sle-security-updates/2022-February/010183.html
Bugzilla SUSE Bug 1186061 https://bugzilla.suse.com/1186061
Bugzilla SUSE Bug 1191529 https://bugzilla.suse.com/1191529
Bugzilla SUSE Bug 1192036 https://bugzilla.suse.com/1192036
Bugzilla SUSE Bug 1193161 https://bugzilla.suse.com/1193161
Bugzilla SUSE Bug 1193863 https://bugzilla.suse.com/1193863
Bugzilla SUSE Bug 1194680 https://bugzilla.suse.com/1194680
CVE SUSE CVE CVE-2018-25020 page https://www.suse.com/security/cve/CVE-2018-25020/
CVE SUSE CVE CVE-2019-0136 page https://www.suse.com/security/cve/CVE-2019-0136/
CVE SUSE CVE CVE-2020-25670 page https://www.suse.com/security/cve/CVE-2020-25670/
CVE SUSE CVE CVE-2020-25671 page https://www.suse.com/security/cve/CVE-2020-25671/
CVE SUSE CVE CVE-2020-25672 page https://www.suse.com/security/cve/CVE-2020-25672/
CVE SUSE CVE CVE-2020-25673 page https://www.suse.com/security/cve/CVE-2020-25673/
CVE SUSE CVE CVE-2020-3702 page https://www.suse.com/security/cve/CVE-2020-3702/
CVE SUSE CVE CVE-2021-23134 page https://www.suse.com/security/cve/CVE-2021-23134/
CVE SUSE CVE CVE-2021-42739 page https://www.suse.com/security/cve/CVE-2021-42739/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kgraft-patch-4_4_180-94_141-default?arch=x86_64&distro=sles-12&sp=3 suse kgraft-patch-4_4_180-94_141-default < 13-2.2 sles-12 x86_64
Affected pkg:rpm/suse/kgraft-patch-4_4_180-94_141-default?arch=ppc64le&distro=sles-12&sp=3 suse kgraft-patch-4_4_180-94_141-default < 13-2.2 sles-12 ppc64le
Affected pkg:rpm/suse/kgraft-patch-4_4_180-94_138-default?arch=x86_64&distro=sles-12&sp=3 suse kgraft-patch-4_4_180-94_138-default < 14-2.2 sles-12 x86_64
Affected pkg:rpm/suse/kgraft-patch-4_4_180-94_138-default?arch=ppc64le&distro=sles-12&sp=3 suse kgraft-patch-4_4_180-94_138-default < 14-2.2 sles-12 ppc64le
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date