[SUSE-SU-2022:2438-1] Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_116 fixes several issues.
The following security issues were fixed:
- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
- CVE-2022-21499: Reinforced the kernel lockdown feature, until now it's been trivial to break out of it with kgdb or kdb (bsc#1199426).
- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
- ID
- SUSE-SU-2022:2438-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20222438-1/
- Published
-
2022-07-19T15:33:40
(2 years ago) - Modified
-
2022-07-19T15:33:40
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1591
- ALAS2-2022-1798
- ALSA-2022:5249
- ALSA-2022:5564
- ALSA-2022:7683
- ALSA-2022:8267
- DSA-5161-1
- DSA-5173-1
- ELSA-2022-5232
- ELSA-2022-5249
- ELSA-2022-5564
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9409
- ELSA-2022-9410
- ELSA-2022-9412
- ELSA-2022-9413
- ELSA-2022-9422
- ELSA-2022-9423
- ELSA-2022-9425
- ELSA-2022-9426
- ELSA-2022-9427
- ELSA-2022-9495
- ELSA-2022-9496
- ELSA-2022-9870
- ELSA-2022-9871
- ELSA-2022-9926
- ELSA-2022-9927
- FEDORA-2022-014c3a24d9
- FEDORA-2022-8095b23575
- FEDORA-2022-b2cde267d9
- openSUSE-SU-2022:2177-1
- openSUSE-SU-2022:2549-1
- RHSA-2022:5232
- RHSA-2022:5236
- RHSA-2022:5249
- RHSA-2022:5267
- RHSA-2022:5564
- RHSA-2022:5565
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RLSA-2022:5564
- RLSA-2022:7683
- SSA:2022-237-02
- SUSE-SU-2022:2077-1
- SUSE-SU-2022:2078-1
- SUSE-SU-2022:2079-1
- SUSE-SU-2022:2080-1
- SUSE-SU-2022:2082-1
- SUSE-SU-2022:2103-1
- SUSE-SU-2022:2104-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:2116-1
- SUSE-SU-2022:2177-1
- SUSE-SU-2022:2376-1
- SUSE-SU-2022:2377-1
- SUSE-SU-2022:2382-1
- SUSE-SU-2022:2393-1
- SUSE-SU-2022:2407-1
- SUSE-SU-2022:2411-1
- SUSE-SU-2022:2424-1
- SUSE-SU-2022:2424-2
- SUSE-SU-2022:2435-1
- SUSE-SU-2022:2443-1
- SUSE-SU-2022:2444-1
- SUSE-SU-2022:2445-1
- SUSE-SU-2022:2446-1
- SUSE-SU-2022:2460-1
- SUSE-SU-2022:2461-1
- SUSE-SU-2022:2482-1
- SUSE-SU-2022:2515-1
- SUSE-SU-2022:2516-1
- SUSE-SU-2022:2520-1
- SUSE-SU-2022:2549-1
- SUSE-SU-2022:2615-1
- SUSE-SU-2022:2629-1
- SUSE-SU-2022:2809-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2024:0856-1
- SUSE-SU-2024:0857-1
- SUSE-SU-2024:0925-1
- SUSE-SU-2024:0926-1
- SUSE-SU-2024:0975-1
- SUSE-SU-2024:1321-1
- USN-5465-1
- USN-5466-1
- USN-5467-1
- USN-5468-1
- USN-5469-1
- USN-5470-1
- USN-5471-1
- USN-5484-1
- USN-5560-1
- USN-5560-2
- USN-5594-1
- USN-5599-1
- USN-5602-1
- USN-5616-1
- USN-5622-1
- USN-5623-1
- USN-5630-1
- USN-5639-1
- USN-5647-1
- USN-5650-1
- USN-5654-1
- USN-5660-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2438-1.json | |
Suse | URL for SUSE-SU-2022:2438-1 | https://www.suse.com/support/update/announcement/2022/suse-su-20222438-1/ | |
Suse | E-Mail link for SUSE-SU-2022:2438-1 | https://lists.suse.com/pipermail/sle-security-updates/2022-July/011596.html | |
Bugzilla | SUSE Bug 1199697 | https://bugzilla.suse.com/1199697 | |
Bugzilla | SUSE Bug 1200059 | https://bugzilla.suse.com/1200059 | |
Bugzilla | SUSE Bug 1200608 | https://bugzilla.suse.com/1200608 | |
CVE | SUSE CVE CVE-2022-1729 page | https://www.suse.com/security/cve/CVE-2022-1729/ | |
CVE | SUSE CVE CVE-2022-20154 page | https://www.suse.com/security/cve/CVE-2022-20154/ | |
CVE | SUSE CVE CVE-2022-21499 page | https://www.suse.com/security/cve/CVE-2022-21499/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |