[SUSE-SU-2022:3108-1] Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
Severity
Important
CVEs
3
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400_22 fixes several issues.
The following security issues were fixed:
- CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867).
- CVE-2022-2585: Fixed use-after-free in POSIX CPU timer (bsc#1202163).
- CVE-2022-36946: Fixed a remote denial of service attack inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative length (bsc#1201941).
- ID
- SUSE-SU-2022:3108-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20223108-1/
- Published
-
2022-09-06T09:05:07
(2 years ago) - Modified
-
2022-09-06T09:05:07
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2022-1636
-
ALAS2-2022-1838
-
ALAS2-2022-1852
-
ALSA-2022:7318
-
ALSA-2022:7683
-
ALSA-2022:8267
-
DSA-5207-1
-
ELSA-2022-7318
-
ELSA-2022-7683
-
ELSA-2022-8267
-
ELSA-2022-9260
-
ELSA-2022-9273
-
ELSA-2022-9274
-
ELSA-2022-9313
-
ELSA-2022-9314
-
ELSA-2022-9761
-
ELSA-2022-9827
-
ELSA-2022-9830
-
ELSA-2022-9969
-
FEDORA-2022-484e226872
-
FEDORA-2022-9bbb1d9b7b
-
MS:CVE-2022-36946
-
RHSA-2022:7318
-
RHSA-2022:7319
-
RHSA-2022:7330
-
RHSA-2022:7444
-
RHSA-2022:7683
-
RHSA-2022:7933
-
RHSA-2022:8267
-
RLSA-2022:7683
-
SSA:2022-237-02
-
SUSE-SU-2022:2719-1
-
SUSE-SU-2022:2720-1
-
SUSE-SU-2022:2721-1
-
SUSE-SU-2022:2723-1
-
SUSE-SU-2022:2741-1
-
SUSE-SU-2022:2803-1
-
SUSE-SU-2022:2809-1
-
SUSE-SU-2022:2827-1
-
SUSE-SU-2022:2840-1
-
SUSE-SU-2022:2875-1
-
SUSE-SU-2022:2875-2
-
SUSE-SU-2022:2892-1
-
SUSE-SU-2022:2892-2
-
SUSE-SU-2022:2910-1
-
SUSE-SU-2022:3061-1
-
SUSE-SU-2022:3064-1
-
SUSE-SU-2022:3072-1
-
SUSE-SU-2022:3088-1
-
SUSE-SU-2022:3123-1
-
SUSE-SU-2022:3263-1
-
SUSE-SU-2022:3265-1
-
SUSE-SU-2022:3274-1
-
SUSE-SU-2022:3282-1
-
SUSE-SU-2022:3288-1
-
SUSE-SU-2022:3291-1
-
SUSE-SU-2022:3293-1
-
SUSE-SU-2022:3294-1
-
SUSE-SU-2022:3408-1
-
SUSE-SU-2022:3450-1
-
SUSE-SU-2022:3609-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0416-1
-
USN-5564-1
-
USN-5565-1
-
USN-5566-1
-
USN-5567-1
-
USN-5580-1
-
USN-5590-1
-
USN-5621-1
-
USN-5622-1
-
USN-5623-1
-
USN-5624-1
-
USN-5630-1
-
USN-5633-1
-
USN-5634-1
-
USN-5635-1
-
USN-5639-1
-
USN-5640-1
-
USN-5644-1
-
USN-5647-1
-
USN-5648-1
-
USN-5650-1
-
USN-5652-1
-
USN-5654-1
-
USN-5655-1
-
USN-5660-1
-
USN-5683-1
-
USN-6001-1
-
USN-6013-1
-
USN-6014-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2022:3108-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2022:3108-1 |
|
|
| Bugzilla | SUSE Bug 1196867 |
|
|
| Bugzilla | SUSE Bug 1201941 |
|
|
| Bugzilla | SUSE Bug 1202163 |
|
|
| CVE | SUSE CVE CVE-2020-36516 page |
|
|
| CVE | SUSE CVE CVE-2022-2585 page |
|
|
| CVE | SUSE CVE CVE-2022-36946 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |