[SUSE-SU-2022:1257-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
1
CVEs
33
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823).
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation (bnc#1197702).
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462).
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).
- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).
- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956).
- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).
- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).
- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image (bsc#1196079).
- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).
- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).
- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).
- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).
- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).
- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
- CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018).
- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).
The following non-security bugs were fixed:
- cifs: use the correct max-length for dentry_path_raw() (bsc#1196196).
- gve: multiple bugfixes (jsc#SLE-23652).
- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639).
- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).
Package | Affected Version |
---|---|
pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 | < 5.3.18-150200.79.2 |
- ID
- SUSE-SU-2022:1257-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/
- Published
-
2022-04-19T09:03:30
(2 years ago) - Modified
-
2022-04-19T09:03:30
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1563
- ALAS-2022-1571
- ALAS-2022-1577
- ALAS-2022-1581
- ALAS-2022-1591
- ALAS2-2022-1749
- ALAS2-2022-1761
- ALAS2-2022-1768
- ALAS2-2022-1774
- ALAS2-2022-1793
- ALAS2-2022-1798
- ALSA-2022:0825
- ALSA-2022:5249
- ALSA-2022:5316
- ALSA-2022:6003
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2023:2458
- ALSA-2023:7077
- ASB-A-185125206
- ASB-A-196926917
- ASB-A-220261709
- ASB-A-222023189
- CISA-2022:0523
- DSA-5092-1
- DSA-5095-1
- DSA-5096-1
- DSA-5127-1
- DSA-5161-1
- DSA-5173-1
- DSA-5594-1
- ELSA-2022-0620
- ELSA-2022-0825
- ELSA-2022-4642
- ELSA-2022-5249
- ELSA-2022-5316
- ELSA-2022-6003
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9010
- ELSA-2022-9011
- ELSA-2022-9012
- ELSA-2022-9013
- ELSA-2022-9014
- ELSA-2022-9141
- ELSA-2022-9142
- ELSA-2022-9147
- ELSA-2022-9148
- ELSA-2022-9179
- ELSA-2022-9180
- ELSA-2022-9244
- ELSA-2022-9245
- ELSA-2022-9260
- ELSA-2022-9266
- ELSA-2022-9267
- ELSA-2022-9270
- ELSA-2022-9271
- ELSA-2022-9273
- ELSA-2022-9274
- ELSA-2022-9313
- ELSA-2022-9314
- ELSA-2022-9348
- ELSA-2022-9365
- ELSA-2022-9366
- ELSA-2022-9367
- ELSA-2022-9368
- ELSA-2022-9477
- ELSA-2022-9478
- ELSA-2022-9479
- ELSA-2022-9480
- ELSA-2022-9533
- ELSA-2022-9534
- ELSA-2022-9557
- ELSA-2022-9667
- ELSA-2022-9781
- ELSA-2022-9852
- ELSA-2023-2458
- ELSA-2023-7077
- ELSA-2024-12570
- ELSA-2024-12571
- FEDORA-2022-2aa7c08b53
- FEDORA-2022-5cd9d787dc
- FEDORA-2022-6f887c7be7
- FEDORA-2022-8e3ac65667
- FEDORA-2022-91633399ff
- FEDORA-2022-9342e59a98
- FEDORA-2022-9d4e48836d
- FEDORA-2022-af492757d9
- FEDORA-2022-de4474b89d
- FEDORA-2022-df17aabb12
- FEDORA-2022-eb323bcd80
- MS:CVE-2021-44879
- MS:CVE-2021-45868
- MS:CVE-2022-0487
- MS:CVE-2022-0492
- MS:CVE-2022-0516
- MS:CVE-2022-0617
- MS:CVE-2022-0850
- MS:CVE-2022-0854
- MS:CVE-2022-1016
- MS:CVE-2022-1048
- MS:CVE-2022-1055
- MS:CVE-2022-24448
- MS:CVE-2022-24958
- MS:CVE-2022-24959
- MS:CVE-2022-26490
- MS:CVE-2022-26966
- MS:CVE-2022-27666
- MS:CVE-2022-28388
- MS:CVE-2022-28389
- MS:CVE-2022-28390
- openSUSE-SU-2022:0366-1
- openSUSE-SU-2022:0755-1
- openSUSE-SU-2022:0760-1
- openSUSE-SU-2022:0768-1
- openSUSE-SU-2022:1037-1
- openSUSE-SU-2022:1039-1
- RHSA-2022:0592
- RHSA-2022:0620
- RHSA-2022:0622
- RHSA-2022:0819
- RHSA-2022:0825
- RHSA-2022:0849
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:4642
- RHSA-2022:4644
- RHSA-2022:4655
- RHSA-2022:5214
- RHSA-2022:5219
- RHSA-2022:5249
- RHSA-2022:5267
- RHSA-2022:5316
- RHSA-2022:5344
- RHSA-2022:6002
- RHSA-2022:6003
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:2148
- RHSA-2023:2458
- RHSA-2023:6901
- RHSA-2023:7077
- RLSA-2022:5316
- RLSA-2022:7683
- RLSA-2022:819
- SSA:2022-031-01
- SSA:2022-067-01
- SSA:2022-129-01
- SUSE-SU-2022:0068-1
- SUSE-SU-2022:0080-1
- SUSE-SU-2022:0090-1
- SUSE-SU-2022:0366-1
- SUSE-SU-2022:0367-1
- SUSE-SU-2022:0371-1
- SUSE-SU-2022:0555-1
- SUSE-SU-2022:0615-1
- SUSE-SU-2022:0619-1
- SUSE-SU-2022:0647-1
- SUSE-SU-2022:0660-1
- SUSE-SU-2022:0667-1
- SUSE-SU-2022:0668-1
- SUSE-SU-2022:0755-1
- SUSE-SU-2022:0756-1
- SUSE-SU-2022:0757-1
- SUSE-SU-2022:0759-1
- SUSE-SU-2022:0760-1
- SUSE-SU-2022:0761-1
- SUSE-SU-2022:0762-1
- SUSE-SU-2022:0763-1
- SUSE-SU-2022:0765-1
- SUSE-SU-2022:0766-1
- SUSE-SU-2022:0767-1
- SUSE-SU-2022:0768-1
- SUSE-SU-2022:0978-1
- SUSE-SU-2022:0984-1
- SUSE-SU-2022:0991-1
- SUSE-SU-2022:0996-1
- SUSE-SU-2022:0998-1
- SUSE-SU-2022:1012-1
- SUSE-SU-2022:1034-1
- SUSE-SU-2022:1035-1
- SUSE-SU-2022:1036-1
- SUSE-SU-2022:1037-1
- SUSE-SU-2022:1038-1
- SUSE-SU-2022:1039-1
- SUSE-SU-2022:1163-1
- SUSE-SU-2022:1172-1
- SUSE-SU-2022:1182-1
- SUSE-SU-2022:1183-1
- SUSE-SU-2022:1189-1
- SUSE-SU-2022:1192-1
- SUSE-SU-2022:1193-1
- SUSE-SU-2022:1194-1
- SUSE-SU-2022:1196-1
- SUSE-SU-2022:1197-1
- SUSE-SU-2022:1212-1
- SUSE-SU-2022:1215-1
- SUSE-SU-2022:1223-1
- SUSE-SU-2022:1224-1
- SUSE-SU-2022:1230-1
- SUSE-SU-2022:1242-1
- SUSE-SU-2022:1246-1
- SUSE-SU-2022:1248-1
- SUSE-SU-2022:1255-1
- SUSE-SU-2022:1256-1
- SUSE-SU-2022:1261-1
- SUSE-SU-2022:1266-1
- SUSE-SU-2022:1267-1
- SUSE-SU-2022:1268-1
- SUSE-SU-2022:1269-1
- SUSE-SU-2022:1270-1
- SUSE-SU-2022:1278-1
- SUSE-SU-2022:1283-1
- SUSE-SU-2022:1303-1
- SUSE-SU-2022:1318-1
- SUSE-SU-2022:1320-1
- SUSE-SU-2022:1322-1
- SUSE-SU-2022:1326-1
- SUSE-SU-2022:1329-1
- SUSE-SU-2022:1335-1
- SUSE-SU-2022:1369-1
- SUSE-SU-2022:1402-1
- SUSE-SU-2022:1407-1
- SUSE-SU-2022:1440-1
- SUSE-SU-2022:1453-1
- SUSE-SU-2022:1486-1
- SUSE-SU-2022:1573-1
- SUSE-SU-2022:1634-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1669-1
- SUSE-SU-2022:1676-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:1687-1
- SUSE-SU-2022:1939-1
- SUSE-SU-2022:1942-1
- SUSE-SU-2022:1945-1
- SUSE-SU-2022:1947-1
- SUSE-SU-2022:1948-1
- SUSE-SU-2022:1955-1
- SUSE-SU-2022:1974-1
- SUSE-SU-2022:1989-1
- SUSE-SU-2022:2000-1
- SUSE-SU-2022:2006-1
- SUSE-SU-2022:2077-1
- SUSE-SU-2022:2079-1
- SUSE-SU-2022:2080-1
- SUSE-SU-2022:2082-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:2237-1
- SUSE-SU-2022:2268-1
- SUSE-SU-2022:2515-1
- SUSE-SU-2022:2516-1
- SUSE-SU-2022:2520-1
- SUSE-SU-2022:2615-1
- SUSE-SU-2022:2699-1
- SUSE-SU-2022:2700-1
- SUSE-SU-2022:2709-1
- SUSE-SU-2022:2726-1
- SUSE-SU-2022:2727-1
- SUSE-SU-2022:2728-1
- SUSE-SU-2022:2738-1
- SUSE-SU-2022:2745-1
- SUSE-SU-2022:2761-1
- SUSE-SU-2022:2766-1
- SUSE-SU-2022:2770-1
- SUSE-SU-2022:2776-1
- SUSE-SU-2022:2780-1
- SUSE-SU-2022:2783-1
- SUSE-SU-2022:2789-1
- SUSE-SU-2022:2854-1
- SUSE-SU-2022:3072-1
- SUSE-SU-2022:3123-1
- SUSE-SU-2022:3411-1
- SUSE-SU-2022:3415-1
- SUSE-SU-2022:3465-1
- SUSE-SU-2022:3607-1
- SUSE-SU-2022:3897-1
- SUSE-SU-2022:3929-1
- SUSE-SU-2022:3998-1
- SUSE-SU-2022:4036-1
- SUSE-SU-2022:4038-1
- SUSE-SU-2022:4072-1
- SUSE-SU-2022:4273-1
- SUSE-SU-2022:4542-1
- SUSE-SU-2022:4561-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4589-1
- SUSE-SU-2022:4611-1
- SUSE-SU-2022:4614-1
- SUSE-SU-2022:4615-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1646-1
- SUSE-SU-2024:1648-1
- SUSE-SU-2024:1870-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2901-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2940-1
- USN-5302-1
- USN-5337-1
- USN-5338-1
- USN-5339-1
- USN-5343-1
- USN-5353-1
- USN-5357-1
- USN-5357-2
- USN-5358-1
- USN-5358-2
- USN-5361-1
- USN-5362-1
- USN-5368-1
- USN-5377-1
- USN-5381-1
- USN-5383-1
- USN-5384-1
- USN-5385-1
- USN-5390-1
- USN-5390-2
- USN-5413-1
- USN-5415-1
- USN-5416-1
- USN-5417-1
- USN-5418-1
- USN-5466-1
- USN-5467-1
- USN-5468-1
- USN-5469-1
- USN-5493-1
- USN-5493-2
- USN-5505-1
- USN-5513-1
- USN-5515-1
- USN-5539-1
- USN-5540-1
- USN-5541-1
- USN-5560-1
- USN-5560-2
- USN-5562-1
- USN-5582-1
- USN-5650-1
- USN-5856-1
- USN-6001-1
- USN-6013-1
- USN-6014-1
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6716-1
- XSA-396
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 | suse | kernel-rt | < 5.3.18-150200.79.2 | slem-5 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |