1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:2809-1

[SUSE-SU-2022:2809-1] Security update for the Linux Kernel

Severity Important
Affected Packages 32
CVEs 22
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free (bnc#1201429).
  • CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
  • CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013).
  • CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).
  • CVE-2021-33655: Fixed memory out of bounds write by ioctl cmd FBIOPUT_VSCREENINFO (bnc#1201635).
  • CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636).
  • CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647).
  • CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem. This flaw allowed a local user to crash the system or read unauthorized random data from memory. (bnc#1198829)
  • CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).
  • CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).
  • CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
  • CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604).
  • CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
  • CVE-2022-21505: Fixed kexec lockdown bypass with ima policy (bsc#1201458).
  • CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
  • CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).
  • CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
  • CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940).

The following non-security bugs were fixed:

  • bcache: avoid unnecessary soft lockup in kworker update_writeback_rate() (bsc#1197362).
  • blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263).
  • blk-mq: clear active_queues before clearing BLK_MQ_F_TAG_QUEUE_SHARED (bsc#1200263).
  • blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
  • dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278).
  • dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278).
  • dma-mapping: add a dma_ops_bypass flag to struct device (bsc#1196472 ltc#192278).
  • dma-mapping: move the remaining DMA API calls out of line (bsc#1196472 ltc#192278).
  • dma: kABI: Add back removed exports (bsc#1196472 ltc#192278).
  • exec: Force single empty string when argv is empty (bsc#1200571).
  • fsnotify: invalidate dcache before IN_DELETE event (bsc#1195478 bsc#1200905).
  • kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
  • kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).
  • powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278).
  • powerpc/pseries/iommu: Create defines for operations in ibm, ddw-applicable (bsc#1196472 ltc#192278).
  • powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278).
  • powerpc/pseries/iommu: Update call to ibm, query-pe-dma-windows (bsc#1196472 ltc#192278).
  • powerpc: dma: kABI workaround for moving around dma_bypass bit (bsc#1196472 ltc#192278).
  • powerpc: use the generic dma_ops_bypass mode (bsc#1196472 ltc#192278).
  • vmxnet3: fix minimum vectors alloc issue (bsc#1199489).
  • x86/bugs: Remove apostrophe typo (bsc#1114648).
  • x86/entry: Remove skip_r11rcx (bsc#1201644).
Package Affected Version
pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1.150200.9.59.2
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1.150200.9.59.2
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1.150200.9.59.2
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=2 < 5.3.18-150200.24.126.1.150200.9.59.2
ID
SUSE-SU-2022:2809-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20222809-1/
Published
2022-08-15T16:19:23
(2 years ago)
Modified
2022-08-15T16:19:23
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2809-1.json
Suse URL for SUSE-SU-2022:2809-1 https://www.suse.com/support/update/announcement/2022/suse-su-20222809-1/
Suse E-Mail link for SUSE-SU-2022:2809-1 https://lists.suse.com/pipermail/sle-security-updates/2022-August/011914.html
Bugzilla SUSE Bug 1114648 https://bugzilla.suse.com/1114648
Bugzilla SUSE Bug 1194013 https://bugzilla.suse.com/1194013
Bugzilla SUSE Bug 1195478 https://bugzilla.suse.com/1195478
Bugzilla SUSE Bug 1195775 https://bugzilla.suse.com/1195775
Bugzilla SUSE Bug 1196472 https://bugzilla.suse.com/1196472
Bugzilla SUSE Bug 1196901 https://bugzilla.suse.com/1196901
Bugzilla SUSE Bug 1197362 https://bugzilla.suse.com/1197362
Bugzilla SUSE Bug 1198829 https://bugzilla.suse.com/1198829
Bugzilla SUSE Bug 1199487 https://bugzilla.suse.com/1199487
Bugzilla SUSE Bug 1199489 https://bugzilla.suse.com/1199489
Bugzilla SUSE Bug 1199647 https://bugzilla.suse.com/1199647
Bugzilla SUSE Bug 1199648 https://bugzilla.suse.com/1199648
Bugzilla SUSE Bug 1199657 https://bugzilla.suse.com/1199657
Bugzilla SUSE Bug 1200263 https://bugzilla.suse.com/1200263
Bugzilla SUSE Bug 1200442 https://bugzilla.suse.com/1200442
Bugzilla SUSE Bug 1200571 https://bugzilla.suse.com/1200571
Bugzilla SUSE Bug 1200599 https://bugzilla.suse.com/1200599
Bugzilla SUSE Bug 1200604 https://bugzilla.suse.com/1200604
Bugzilla SUSE Bug 1200605 https://bugzilla.suse.com/1200605
Bugzilla SUSE Bug 1200608 https://bugzilla.suse.com/1200608
Bugzilla SUSE Bug 1200619 https://bugzilla.suse.com/1200619
Bugzilla SUSE Bug 1200692 https://bugzilla.suse.com/1200692
Bugzilla SUSE Bug 1200762 https://bugzilla.suse.com/1200762
Bugzilla SUSE Bug 1200905 https://bugzilla.suse.com/1200905
Bugzilla SUSE Bug 1200910 https://bugzilla.suse.com/1200910
Bugzilla SUSE Bug 1201050 https://bugzilla.suse.com/1201050
Bugzilla SUSE Bug 1201080 https://bugzilla.suse.com/1201080
Bugzilla SUSE Bug 1201251 https://bugzilla.suse.com/1201251
Bugzilla SUSE Bug 1201429 https://bugzilla.suse.com/1201429
Bugzilla SUSE Bug 1201458 https://bugzilla.suse.com/1201458
Bugzilla SUSE Bug 1201635 https://bugzilla.suse.com/1201635
Bugzilla SUSE Bug 1201636 https://bugzilla.suse.com/1201636
Bugzilla SUSE Bug 1201644 https://bugzilla.suse.com/1201644
Bugzilla SUSE Bug 1201664 https://bugzilla.suse.com/1201664
Bugzilla SUSE Bug 1201672 https://bugzilla.suse.com/1201672
Bugzilla SUSE Bug 1201673 https://bugzilla.suse.com/1201673
Bugzilla SUSE Bug 1201676 https://bugzilla.suse.com/1201676
Bugzilla SUSE Bug 1201742 https://bugzilla.suse.com/1201742
Bugzilla SUSE Bug 1201752 https://bugzilla.suse.com/1201752
Bugzilla SUSE Bug 1201930 https://bugzilla.suse.com/1201930
Bugzilla SUSE Bug 1201940 https://bugzilla.suse.com/1201940
CVE SUSE CVE CVE-2020-36557 page https://www.suse.com/security/cve/CVE-2020-36557/
CVE SUSE CVE CVE-2020-36558 page https://www.suse.com/security/cve/CVE-2020-36558/
CVE SUSE CVE CVE-2021-26341 page https://www.suse.com/security/cve/CVE-2021-26341/
CVE SUSE CVE CVE-2021-33655 page https://www.suse.com/security/cve/CVE-2021-33655/
CVE SUSE CVE CVE-2021-33656 page https://www.suse.com/security/cve/CVE-2021-33656/
CVE SUSE CVE CVE-2021-4157 page https://www.suse.com/security/cve/CVE-2021-4157/
CVE SUSE CVE CVE-2022-1116 page https://www.suse.com/security/cve/CVE-2022-1116/
CVE SUSE CVE CVE-2022-1462 page https://www.suse.com/security/cve/CVE-2022-1462/
CVE SUSE CVE CVE-2022-1679 page https://www.suse.com/security/cve/CVE-2022-1679/
CVE SUSE CVE CVE-2022-20132 page https://www.suse.com/security/cve/CVE-2022-20132/
CVE SUSE CVE CVE-2022-20141 page https://www.suse.com/security/cve/CVE-2022-20141/
CVE SUSE CVE CVE-2022-20154 page https://www.suse.com/security/cve/CVE-2022-20154/
CVE SUSE CVE CVE-2022-21505 page https://www.suse.com/security/cve/CVE-2022-21505/
CVE SUSE CVE CVE-2022-2318 page https://www.suse.com/security/cve/CVE-2022-2318/
CVE SUSE CVE CVE-2022-26365 page https://www.suse.com/security/cve/CVE-2022-26365/
CVE SUSE CVE CVE-2022-29900 page https://www.suse.com/security/cve/CVE-2022-29900/
CVE SUSE CVE CVE-2022-29901 page https://www.suse.com/security/cve/CVE-2022-29901/
CVE SUSE CVE CVE-2022-33740 page https://www.suse.com/security/cve/CVE-2022-33740/
CVE SUSE CVE CVE-2022-33741 page https://www.suse.com/security/cve/CVE-2022-33741/
CVE SUSE CVE CVE-2022-33742 page https://www.suse.com/security/cve/CVE-2022-33742/
CVE SUSE CVE CVE-2022-33981 page https://www.suse.com/security/cve/CVE-2022-33981/
CVE SUSE CVE CVE-2022-36946 page https://www.suse.com/security/cve/CVE-2022-36946/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=2 suse reiserfs-kmp-default < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=2 suse reiserfs-kmp-default < 5.3.18-150200.24.126.1 sles-15 s390x
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=2 suse reiserfs-kmp-default < 5.3.18-150200.24.126.1 sles-15 ppc64le
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=2 suse reiserfs-kmp-default < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=2 suse kernel-syms < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=2 suse kernel-syms < 5.3.18-150200.24.126.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=2 suse kernel-syms < 5.3.18-150200.24.126.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=2 suse kernel-syms < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=2 suse kernel-source < 5.3.18-150200.24.126.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=2 suse kernel-preempt < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=2 suse kernel-preempt < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=2 suse kernel-preempt-devel < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=2 suse kernel-preempt-devel < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=2 suse kernel-obs-build < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=2 suse kernel-obs-build < 5.3.18-150200.24.126.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=2 suse kernel-obs-build < 5.3.18-150200.24.126.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=2 suse kernel-obs-build < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=2 suse kernel-macros < 5.3.18-150200.24.126.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=2 suse kernel-docs < 5.3.18-150200.24.126.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=2 suse kernel-devel < 5.3.18-150200.24.126.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=2 suse kernel-default < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=2 suse kernel-default < 5.3.18-150200.24.126.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=2 suse kernel-default < 5.3.18-150200.24.126.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=2 suse kernel-default < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=2 suse kernel-default-devel < 5.3.18-150200.24.126.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=2 suse kernel-default-devel < 5.3.18-150200.24.126.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=2 suse kernel-default-devel < 5.3.18-150200.24.126.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=2 suse kernel-default-devel < 5.3.18-150200.24.126.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=2 suse kernel-default-base < 5.3.18-150200.24.126.1.150200.9.59.2 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=2 suse kernel-default-base < 5.3.18-150200.24.126.1.150200.9.59.2 sles-15 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=2 suse kernel-default-base < 5.3.18-150200.24.126.1.150200.9.59.2 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=2 suse kernel-default-base < 5.3.18-150200.24.126.1.150200.9.59.2 sles-15 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date