[SUSE-SU-2022:1255-1] Security update for the Linux Kernel

Severity Important

Affected Packages 33

CVEs 20

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c (bnc#1197391).
CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).
CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).
CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).
CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).
CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma (bsc#1196639).
CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).
CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).
CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).
CVE-2022-0886: Fix possible buffer overflow in ESP transformation (bsc#1197131).
CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).
CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free (bsc#1196973).
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).
CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory (bsc#1196830).

The following non-security bugs were fixed:

ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).
macros.kernel-source: Fix coditional expansion. Fixes: bb95fef3cf19 ('rpm: Use bash for %() expansion (jsc#SLE-18234).')
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).
net: usb: ax88179_178a: fix packet alignment padding (bsc#1196018).
net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
rpm: SC2006: Use $(...) notation instead of legacy backticked ....
sr9700: sanity check for packet length (bsc#1196836).
usb: host: xen-hcd: add missing unlock in error path (git-fixes).
xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).

Package	Affected Version
pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-vanilla-base?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-vanilla-base?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-vanilla-base?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-vanilla-base?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15	< 4.12.14-150000.150.89.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15	< 4.12.14-150000.150.89.1

ID

SUSE-SU-2022:1255-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2022/suse-su-20221255-1/

Published

2022-04-19T08:20:13
(2 years ago)

Modified

2022-04-19T08:20:13
(2 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1255-1.json
Suse	URL for SUSE-SU-2022:1255-1	https://www.suse.com/support/update/announcement/2022/suse-su-20221255-1/
Suse	E-Mail link for SUSE-SU-2022:1255-1	https://lists.suse.com/pipermail/sle-security-updates/2022-April/010749.html
Bugzilla	SUSE Bug 1189562	https://bugzilla.suse.com/1189562
Bugzilla	SUSE Bug 1194943	https://bugzilla.suse.com/1194943
Bugzilla	SUSE Bug 1195051	https://bugzilla.suse.com/1195051
Bugzilla	SUSE Bug 1195353	https://bugzilla.suse.com/1195353
Bugzilla	SUSE Bug 1196018	https://bugzilla.suse.com/1196018
Bugzilla	SUSE Bug 1196114	https://bugzilla.suse.com/1196114
Bugzilla	SUSE Bug 1196468	https://bugzilla.suse.com/1196468
Bugzilla	SUSE Bug 1196488	https://bugzilla.suse.com/1196488
Bugzilla	SUSE Bug 1196514	https://bugzilla.suse.com/1196514
Bugzilla	SUSE Bug 1196639	https://bugzilla.suse.com/1196639
Bugzilla	SUSE Bug 1196761	https://bugzilla.suse.com/1196761
Bugzilla	SUSE Bug 1196830	https://bugzilla.suse.com/1196830
Bugzilla	SUSE Bug 1196836	https://bugzilla.suse.com/1196836
Bugzilla	SUSE Bug 1196942	https://bugzilla.suse.com/1196942
Bugzilla	SUSE Bug 1196973	https://bugzilla.suse.com/1196973
Bugzilla	SUSE Bug 1197131	https://bugzilla.suse.com/1197131
Bugzilla	SUSE Bug 1197227	https://bugzilla.suse.com/1197227
Bugzilla	SUSE Bug 1197331	https://bugzilla.suse.com/1197331
Bugzilla	SUSE Bug 1197366	https://bugzilla.suse.com/1197366
Bugzilla	SUSE Bug 1197391	https://bugzilla.suse.com/1197391
Bugzilla	SUSE Bug 1198031	https://bugzilla.suse.com/1198031
Bugzilla	SUSE Bug 1198032	https://bugzilla.suse.com/1198032
Bugzilla	SUSE Bug 1198033	https://bugzilla.suse.com/1198033
CVE	SUSE CVE CVE-2021-39713 page	https://www.suse.com/security/cve/CVE-2021-39713/
CVE	SUSE CVE CVE-2021-45868 page	https://www.suse.com/security/cve/CVE-2021-45868/
CVE	SUSE CVE CVE-2022-0812 page	https://www.suse.com/security/cve/CVE-2022-0812/
CVE	SUSE CVE CVE-2022-0850 page	https://www.suse.com/security/cve/CVE-2022-0850/
CVE	SUSE CVE CVE-2022-0886 page	https://www.suse.com/security/cve/CVE-2022-0886/
CVE	SUSE CVE CVE-2022-1016 page	https://www.suse.com/security/cve/CVE-2022-1016/
CVE	SUSE CVE CVE-2022-1048 page	https://www.suse.com/security/cve/CVE-2022-1048/
CVE	SUSE CVE CVE-2022-23036 page	https://www.suse.com/security/cve/CVE-2022-23036/
CVE	SUSE CVE CVE-2022-23037 page	https://www.suse.com/security/cve/CVE-2022-23037/
CVE	SUSE CVE CVE-2022-23038 page	https://www.suse.com/security/cve/CVE-2022-23038/
CVE	SUSE CVE CVE-2022-23039 page	https://www.suse.com/security/cve/CVE-2022-23039/
CVE	SUSE CVE CVE-2022-23040 page	https://www.suse.com/security/cve/CVE-2022-23040/
CVE	SUSE CVE CVE-2022-23041 page	https://www.suse.com/security/cve/CVE-2022-23041/
CVE	SUSE CVE CVE-2022-23042 page	https://www.suse.com/security/cve/CVE-2022-23042/
CVE	SUSE CVE CVE-2022-26490 page	https://www.suse.com/security/cve/CVE-2022-26490/
CVE	SUSE CVE CVE-2022-26966 page	https://www.suse.com/security/cve/CVE-2022-26966/
CVE	SUSE CVE CVE-2022-28356 page	https://www.suse.com/security/cve/CVE-2022-28356/
CVE	SUSE CVE CVE-2022-28388 page	https://www.suse.com/security/cve/CVE-2022-28388/
CVE	SUSE CVE CVE-2022-28389 page	https://www.suse.com/security/cve/CVE-2022-28389/
CVE	SUSE CVE CVE-2022-28390 page	https://www.suse.com/security/cve/CVE-2022-28390/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15	suse	reiserfs-kmp-default	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15	suse	reiserfs-kmp-default	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15	suse	reiserfs-kmp-default	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15	suse	reiserfs-kmp-default	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-vanilla-base?arch=x86_64&distro=sles-15	suse	kernel-vanilla-base	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-vanilla-base?arch=s390x&distro=sles-15	suse	kernel-vanilla-base	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-vanilla-base?arch=ppc64le&distro=sles-15	suse	kernel-vanilla-base	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-vanilla-base?arch=aarch64&distro=sles-15	suse	kernel-vanilla-base	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15	suse	kernel-syms	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15	suse	kernel-syms	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15	suse	kernel-syms	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15	suse	kernel-syms	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15	suse	kernel-source	< 4.12.14-150000.150.89.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15	suse	kernel-obs-build	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15	suse	kernel-obs-build	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15	suse	kernel-obs-build	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15	suse	kernel-obs-build	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15	suse	kernel-macros	< 4.12.14-150000.150.89.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15	suse	kernel-docs	< 4.12.14-150000.150.89.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15	suse	kernel-devel	< 4.12.14-150000.150.89.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15	suse	kernel-default	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15	suse	kernel-default	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15	suse	kernel-default	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15	suse	kernel-default	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-15	suse	kernel-default-man	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15	suse	kernel-default-devel	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15	suse	kernel-default-devel	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15	suse	kernel-default-devel	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15	suse	kernel-default-devel	< 4.12.14-150000.150.89.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15	suse	kernel-default-base	< 4.12.14-150000.150.89.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15	suse	kernel-default-base	< 4.12.14-150000.150.89.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15	suse	kernel-default-base	< 4.12.14-150000.150.89.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15	suse	kernel-default-base	< 4.12.14-150000.150.89.1	sles-15	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date