1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:0757-1

[SUSE-SU-2022:0757-1] Security update for the Linux Kernel

Severity Important
Affected Packages 20
CVEs 10
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

Transient execution side-channel attacks attacking the Branch History Buffer (BHB),
named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.

The following security bugs were fixed:

  • CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).
  • CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).
  • CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).
  • CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
  • CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).
  • CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).
  • CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
  • CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
  • CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
  • CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).

The following non-security bugs were fixed:

  • NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934).
  • crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).
  • hv_netvsc: fix network namespace issues with VF support (bsc#1107207).
  • hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).
  • lib/iov_iter: initialize 'flags' in new pipe_buffer (bsc#1196584).
Package Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 < 4.12.14-95.93.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 < 4.12.14-95.93.1
ID
SUSE-SU-2022:0757-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20220757-1/
Published
2022-03-08T18:04:15
(2 years ago)
Modified
2022-03-08T18:04:15
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0757-1.json
Suse URL for SUSE-SU-2022:0757-1 https://www.suse.com/support/update/announcement/2022/suse-su-20220757-1/
Suse E-Mail link for SUSE-SU-2022:0757-1 https://lists.suse.com/pipermail/sle-security-updates/2022-March/010402.html
Bugzilla SUSE Bug 1107207 https://bugzilla.suse.com/1107207
Bugzilla SUSE Bug 1114893 https://bugzilla.suse.com/1114893
Bugzilla SUSE Bug 1185973 https://bugzilla.suse.com/1185973
Bugzilla SUSE Bug 1191580 https://bugzilla.suse.com/1191580
Bugzilla SUSE Bug 1194516 https://bugzilla.suse.com/1194516
Bugzilla SUSE Bug 1195536 https://bugzilla.suse.com/1195536
Bugzilla SUSE Bug 1195543 https://bugzilla.suse.com/1195543
Bugzilla SUSE Bug 1195612 https://bugzilla.suse.com/1195612
Bugzilla SUSE Bug 1195840 https://bugzilla.suse.com/1195840
Bugzilla SUSE Bug 1195897 https://bugzilla.suse.com/1195897
Bugzilla SUSE Bug 1195908 https://bugzilla.suse.com/1195908
Bugzilla SUSE Bug 1195934 https://bugzilla.suse.com/1195934
Bugzilla SUSE Bug 1195949 https://bugzilla.suse.com/1195949
Bugzilla SUSE Bug 1195987 https://bugzilla.suse.com/1195987
Bugzilla SUSE Bug 1196079 https://bugzilla.suse.com/1196079
Bugzilla SUSE Bug 1196155 https://bugzilla.suse.com/1196155
Bugzilla SUSE Bug 1196584 https://bugzilla.suse.com/1196584
Bugzilla SUSE Bug 1196601 https://bugzilla.suse.com/1196601
Bugzilla SUSE Bug 1196612 https://bugzilla.suse.com/1196612
CVE SUSE CVE CVE-2021-44879 page https://www.suse.com/security/cve/CVE-2021-44879/
CVE SUSE CVE CVE-2022-0001 page https://www.suse.com/security/cve/CVE-2022-0001/
CVE SUSE CVE CVE-2022-0002 page https://www.suse.com/security/cve/CVE-2022-0002/
CVE SUSE CVE CVE-2022-0487 page https://www.suse.com/security/cve/CVE-2022-0487/
CVE SUSE CVE CVE-2022-0492 page https://www.suse.com/security/cve/CVE-2022-0492/
CVE SUSE CVE CVE-2022-0617 page https://www.suse.com/security/cve/CVE-2022-0617/
CVE SUSE CVE CVE-2022-0644 page https://www.suse.com/security/cve/CVE-2022-0644/
CVE SUSE CVE CVE-2022-0847 page https://www.suse.com/security/cve/CVE-2022-0847/
CVE SUSE CVE CVE-2022-24448 page https://www.suse.com/security/cve/CVE-2022-24448/
CVE SUSE CVE CVE-2022-24959 page https://www.suse.com/security/cve/CVE-2022-24959/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.93.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.93.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.93.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 suse kernel-syms < 4.12.14-95.93.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 suse kernel-source < 4.12.14-95.93.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 suse kernel-macros < 4.12.14-95.93.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 suse kernel-devel < 4.12.14-95.93.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.93.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.93.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.93.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 suse kernel-default < 4.12.14-95.93.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 suse kernel-default-man < 4.12.14-95.93.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.93.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.93.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.93.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 suse kernel-default-devel < 4.12.14-95.93.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.93.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.93.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.93.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 suse kernel-default-base < 4.12.14-95.93.1 sles-12 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date