1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:1257-1

[SUSE-SU-2022:1257-1] Security update for the Linux Kernel

Severity Important
Affected Packages 1
CVEs 33
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823).
  • CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).
  • CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).
  • CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).
  • CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).
  • CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation (bnc#1197702).
  • CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462).
  • CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).
  • CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).
  • CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956).
  • CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).
  • CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).
  • CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).
  • CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image (bsc#1196079).
  • CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).
  • CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).
  • CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).
  • CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
  • CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).
  • CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).
  • CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
  • CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
  • CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018).
  • CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155)
  • CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).
  • CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).

The following non-security bugs were fixed:

  • cifs: use the correct max-length for dentry_path_raw() (bsc#1196196).
  • gve: multiple bugfixes (jsc#SLE-23652).
  • net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
  • netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
  • powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639).
  • scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
  • scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).
Package Affected Version
pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 < 5.3.18-150200.79.2
ID
SUSE-SU-2022:1257-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/
Published
2022-04-19T09:03:30
(2 years ago)
Modified
2022-04-19T09:03:30
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1257-1.json
Suse URL for SUSE-SU-2022:1257-1 https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/
Suse E-Mail link for SUSE-SU-2022:1257-1 https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html
Bugzilla SUSE Bug 1179639 https://bugzilla.suse.com/1179639
Bugzilla SUSE Bug 1189126 https://bugzilla.suse.com/1189126
Bugzilla SUSE Bug 1189562 https://bugzilla.suse.com/1189562
Bugzilla SUSE Bug 1193731 https://bugzilla.suse.com/1193731
Bugzilla SUSE Bug 1194516 https://bugzilla.suse.com/1194516
Bugzilla SUSE Bug 1194943 https://bugzilla.suse.com/1194943
Bugzilla SUSE Bug 1195051 https://bugzilla.suse.com/1195051
Bugzilla SUSE Bug 1195254 https://bugzilla.suse.com/1195254
Bugzilla SUSE Bug 1195286 https://bugzilla.suse.com/1195286
Bugzilla SUSE Bug 1195353 https://bugzilla.suse.com/1195353
Bugzilla SUSE Bug 1195403 https://bugzilla.suse.com/1195403
Bugzilla SUSE Bug 1195516 https://bugzilla.suse.com/1195516
Bugzilla SUSE Bug 1195543 https://bugzilla.suse.com/1195543
Bugzilla SUSE Bug 1195612 https://bugzilla.suse.com/1195612
Bugzilla SUSE Bug 1195897 https://bugzilla.suse.com/1195897
Bugzilla SUSE Bug 1195905 https://bugzilla.suse.com/1195905
Bugzilla SUSE Bug 1195939 https://bugzilla.suse.com/1195939
Bugzilla SUSE Bug 1195987 https://bugzilla.suse.com/1195987
Bugzilla SUSE Bug 1196018 https://bugzilla.suse.com/1196018
Bugzilla SUSE Bug 1196079 https://bugzilla.suse.com/1196079
Bugzilla SUSE Bug 1196095 https://bugzilla.suse.com/1196095
Bugzilla SUSE Bug 1196155 https://bugzilla.suse.com/1196155
Bugzilla SUSE Bug 1196196 https://bugzilla.suse.com/1196196
Bugzilla SUSE Bug 1196235 https://bugzilla.suse.com/1196235
Bugzilla SUSE Bug 1196468 https://bugzilla.suse.com/1196468
Bugzilla SUSE Bug 1196488 https://bugzilla.suse.com/1196488
Bugzilla SUSE Bug 1196612 https://bugzilla.suse.com/1196612
Bugzilla SUSE Bug 1196761 https://bugzilla.suse.com/1196761
Bugzilla SUSE Bug 1196776 https://bugzilla.suse.com/1196776
Bugzilla SUSE Bug 1196823 https://bugzilla.suse.com/1196823
Bugzilla SUSE Bug 1196830 https://bugzilla.suse.com/1196830
Bugzilla SUSE Bug 1196836 https://bugzilla.suse.com/1196836
Bugzilla SUSE Bug 1196956 https://bugzilla.suse.com/1196956
Bugzilla SUSE Bug 1197227 https://bugzilla.suse.com/1197227
Bugzilla SUSE Bug 1197331 https://bugzilla.suse.com/1197331
Bugzilla SUSE Bug 1197366 https://bugzilla.suse.com/1197366
Bugzilla SUSE Bug 1197389 https://bugzilla.suse.com/1197389
Bugzilla SUSE Bug 1197462 https://bugzilla.suse.com/1197462
Bugzilla SUSE Bug 1197702 https://bugzilla.suse.com/1197702
Bugzilla SUSE Bug 1198031 https://bugzilla.suse.com/1198031
Bugzilla SUSE Bug 1198032 https://bugzilla.suse.com/1198032
Bugzilla SUSE Bug 1198033 https://bugzilla.suse.com/1198033
CVE SUSE CVE CVE-2021-0920 page https://www.suse.com/security/cve/CVE-2021-0920/
CVE SUSE CVE CVE-2021-39698 page https://www.suse.com/security/cve/CVE-2021-39698/
CVE SUSE CVE CVE-2021-44879 page https://www.suse.com/security/cve/CVE-2021-44879/
CVE SUSE CVE CVE-2021-45868 page https://www.suse.com/security/cve/CVE-2021-45868/
CVE SUSE CVE CVE-2022-0487 page https://www.suse.com/security/cve/CVE-2022-0487/
CVE SUSE CVE CVE-2022-0492 page https://www.suse.com/security/cve/CVE-2022-0492/
CVE SUSE CVE CVE-2022-0516 page https://www.suse.com/security/cve/CVE-2022-0516/
CVE SUSE CVE CVE-2022-0617 page https://www.suse.com/security/cve/CVE-2022-0617/
CVE SUSE CVE CVE-2022-0644 page https://www.suse.com/security/cve/CVE-2022-0644/
CVE SUSE CVE CVE-2022-0850 page https://www.suse.com/security/cve/CVE-2022-0850/
CVE SUSE CVE CVE-2022-0854 page https://www.suse.com/security/cve/CVE-2022-0854/
CVE SUSE CVE CVE-2022-1016 page https://www.suse.com/security/cve/CVE-2022-1016/
CVE SUSE CVE CVE-2022-1048 page https://www.suse.com/security/cve/CVE-2022-1048/
CVE SUSE CVE CVE-2022-1055 page https://www.suse.com/security/cve/CVE-2022-1055/
CVE SUSE CVE CVE-2022-23036 page https://www.suse.com/security/cve/CVE-2022-23036/
CVE SUSE CVE CVE-2022-23037 page https://www.suse.com/security/cve/CVE-2022-23037/
CVE SUSE CVE CVE-2022-23038 page https://www.suse.com/security/cve/CVE-2022-23038/
CVE SUSE CVE CVE-2022-23039 page https://www.suse.com/security/cve/CVE-2022-23039/
CVE SUSE CVE CVE-2022-23040 page https://www.suse.com/security/cve/CVE-2022-23040/
CVE SUSE CVE CVE-2022-23041 page https://www.suse.com/security/cve/CVE-2022-23041/
CVE SUSE CVE CVE-2022-23042 page https://www.suse.com/security/cve/CVE-2022-23042/
CVE SUSE CVE CVE-2022-24448 page https://www.suse.com/security/cve/CVE-2022-24448/
CVE SUSE CVE CVE-2022-24958 page https://www.suse.com/security/cve/CVE-2022-24958/
CVE SUSE CVE CVE-2022-24959 page https://www.suse.com/security/cve/CVE-2022-24959/
CVE SUSE CVE CVE-2022-25258 page https://www.suse.com/security/cve/CVE-2022-25258/
CVE SUSE CVE CVE-2022-25375 page https://www.suse.com/security/cve/CVE-2022-25375/
CVE SUSE CVE CVE-2022-26490 page https://www.suse.com/security/cve/CVE-2022-26490/
CVE SUSE CVE CVE-2022-26966 page https://www.suse.com/security/cve/CVE-2022-26966/
CVE SUSE CVE CVE-2022-27666 page https://www.suse.com/security/cve/CVE-2022-27666/
CVE SUSE CVE CVE-2022-28388 page https://www.suse.com/security/cve/CVE-2022-28388/
CVE SUSE CVE CVE-2022-28389 page https://www.suse.com/security/cve/CVE-2022-28389/
CVE SUSE CVE CVE-2022-28390 page https://www.suse.com/security/cve/CVE-2022-28390/
CVE SUSE CVE CVE-2022-28748 page https://www.suse.com/security/cve/CVE-2022-28748/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 suse kernel-rt < 5.3.18-150200.79.2 slem-5 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date