[SUSE-SU-2022:3108-1] Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400_22 fixes several issues.
The following security issues were fixed:
- CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867).
- CVE-2022-2585: Fixed use-after-free in POSIX CPU timer (bsc#1202163).
- CVE-2022-36946: Fixed a remote denial of service attack inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative length (bsc#1201941).
- ID
- SUSE-SU-2022:3108-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20223108-1/
- Published
-
2022-09-06T09:05:07
(2 years ago) - Modified
-
2022-09-06T09:05:07
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1636
- ALAS2-2022-1838
- ALAS2-2022-1852
- ALSA-2022:7318
- ALSA-2022:7683
- ALSA-2022:8267
- DSA-5207-1
- ELSA-2022-7318
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9260
- ELSA-2022-9273
- ELSA-2022-9274
- ELSA-2022-9313
- ELSA-2022-9314
- ELSA-2022-9761
- ELSA-2022-9827
- ELSA-2022-9830
- ELSA-2022-9969
- FEDORA-2022-484e226872
- FEDORA-2022-9bbb1d9b7b
- MS:CVE-2022-36946
- RHSA-2022:7318
- RHSA-2022:7319
- RHSA-2022:7330
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RLSA-2022:7683
- SSA:2022-237-02
- SUSE-SU-2022:2719-1
- SUSE-SU-2022:2720-1
- SUSE-SU-2022:2721-1
- SUSE-SU-2022:2723-1
- SUSE-SU-2022:2741-1
- SUSE-SU-2022:2803-1
- SUSE-SU-2022:2809-1
- SUSE-SU-2022:2827-1
- SUSE-SU-2022:2840-1
- SUSE-SU-2022:2875-1
- SUSE-SU-2022:2875-2
- SUSE-SU-2022:2892-1
- SUSE-SU-2022:2892-2
- SUSE-SU-2022:2910-1
- SUSE-SU-2022:3061-1
- SUSE-SU-2022:3064-1
- SUSE-SU-2022:3072-1
- SUSE-SU-2022:3088-1
- SUSE-SU-2022:3123-1
- SUSE-SU-2022:3263-1
- SUSE-SU-2022:3265-1
- SUSE-SU-2022:3274-1
- SUSE-SU-2022:3282-1
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3291-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3294-1
- SUSE-SU-2022:3408-1
- SUSE-SU-2022:3450-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- USN-5564-1
- USN-5565-1
- USN-5566-1
- USN-5567-1
- USN-5580-1
- USN-5590-1
- USN-5621-1
- USN-5622-1
- USN-5623-1
- USN-5624-1
- USN-5630-1
- USN-5633-1
- USN-5634-1
- USN-5635-1
- USN-5639-1
- USN-5640-1
- USN-5644-1
- USN-5647-1
- USN-5648-1
- USN-5650-1
- USN-5652-1
- USN-5654-1
- USN-5655-1
- USN-5660-1
- USN-5683-1
- USN-6001-1
- USN-6013-1
- USN-6014-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3108-1.json | |
Suse | URL for SUSE-SU-2022:3108-1 | https://www.suse.com/support/update/announcement/2022/suse-su-20223108-1/ | |
Suse | E-Mail link for SUSE-SU-2022:3108-1 | https://lists.suse.com/pipermail/sle-security-updates/2022-September/012107.html | |
Bugzilla | SUSE Bug 1196867 | https://bugzilla.suse.com/1196867 | |
Bugzilla | SUSE Bug 1201941 | https://bugzilla.suse.com/1201941 | |
Bugzilla | SUSE Bug 1202163 | https://bugzilla.suse.com/1202163 | |
CVE | SUSE CVE CVE-2020-36516 page | https://www.suse.com/security/cve/CVE-2020-36516/ | |
CVE | SUSE CVE CVE-2022-2585 page | https://www.suse.com/security/cve/CVE-2022-2585/ | |
CVE | SUSE CVE CVE-2022-36946 page | https://www.suse.com/security/cve/CVE-2022-36946/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |