1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:2379-1

[SUSE-SU-2022:2379-1] Security update for the Linux Kernel

Severity Important
Affected Packages 7
CVEs 9
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).
  • CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).
  • CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
  • CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
  • CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604).
  • CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013).
  • CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).
  • CVE-2017-16525: Fixed a use-after-free after failed setup in usb/serial/console (bsc#1066618).

The following non-security bugs were fixed:

  • exec: Force single empty string when argv is empty (bsc#1200571).
Package Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.178.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.178.1
ID
SUSE-SU-2022:2379-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20222379-1/
Published
2022-07-13T08:36:03
(2 years ago)
Modified
2022-07-13T08:36:03
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2379-1.json
Suse URL for SUSE-SU-2022:2379-1 https://www.suse.com/support/update/announcement/2022/suse-su-20222379-1/
Suse E-Mail link for SUSE-SU-2022:2379-1 https://lists.suse.com/pipermail/sle-security-updates/2022-July/011540.html
Bugzilla SUSE Bug 1066618 https://bugzilla.suse.com/1066618
Bugzilla SUSE Bug 1146519 https://bugzilla.suse.com/1146519
Bugzilla SUSE Bug 1194013 https://bugzilla.suse.com/1194013
Bugzilla SUSE Bug 1196901 https://bugzilla.suse.com/1196901
Bugzilla SUSE Bug 1199487 https://bugzilla.suse.com/1199487
Bugzilla SUSE Bug 1199657 https://bugzilla.suse.com/1199657
Bugzilla SUSE Bug 1200571 https://bugzilla.suse.com/1200571
Bugzilla SUSE Bug 1200604 https://bugzilla.suse.com/1200604
Bugzilla SUSE Bug 1200605 https://bugzilla.suse.com/1200605
Bugzilla SUSE Bug 1200619 https://bugzilla.suse.com/1200619
Bugzilla SUSE Bug 1200692 https://bugzilla.suse.com/1200692
Bugzilla SUSE Bug 1201050 https://bugzilla.suse.com/1201050
Bugzilla SUSE Bug 1201080 https://bugzilla.suse.com/1201080
CVE SUSE CVE CVE-2017-16525 page https://www.suse.com/security/cve/CVE-2017-16525/
CVE SUSE CVE CVE-2021-26341 page https://www.suse.com/security/cve/CVE-2021-26341/
CVE SUSE CVE CVE-2021-4157 page https://www.suse.com/security/cve/CVE-2021-4157/
CVE SUSE CVE CVE-2022-1679 page https://www.suse.com/security/cve/CVE-2022-1679/
CVE SUSE CVE CVE-2022-20132 page https://www.suse.com/security/cve/CVE-2022-20132/
CVE SUSE CVE CVE-2022-20141 page https://www.suse.com/security/cve/CVE-2022-20141/
CVE SUSE CVE CVE-2022-29900 page https://www.suse.com/security/cve/CVE-2022-29900/
CVE SUSE CVE CVE-2022-29901 page https://www.suse.com/security/cve/CVE-2022-29901/
CVE SUSE CVE CVE-2022-33981 page https://www.suse.com/security/cve/CVE-2022-33981/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2 suse kernel-syms < 4.4.121-92.178.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2 suse kernel-source < 4.4.121-92.178.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2 suse kernel-macros < 4.4.121-92.178.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2 suse kernel-devel < 4.4.121-92.178.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2 suse kernel-default < 4.4.121-92.178.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2 suse kernel-default-devel < 4.4.121-92.178.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2 suse kernel-default-base < 4.4.121-92.178.1 sles-12 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date