[SUSE-SU-2022:3282-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
6
CVEs
12
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).
- CVE-2022-29581: Fixed improper update of reference count vulnerability in net/sched that allowed a local attacker to cause privilege escalation to root (bnc#1199665).
- CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed possible out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
The following non-security bugs were fixed:
- 9p: migrate from sync_inode to filemap_fdatawrite_wbc (bsc#1202528).
- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
- Fix releasing of old bundles in xfrm_bundle_lookup() (bsc#1201264 bsc#1190397 bsc#1199617).
- KABI: cgroup: Restore KABI of css_set (bsc#1201610).
- KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729).
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
- KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (bsc#1120716).
- KVM: x86: Mark TSS busy during LTR emulation after all fault checks (git-fixes).
- KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
- Revert 'USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set' (git-fixes).
- Revert 'r8152: adjust the settings about MAC clock speed down for RTL8153' (git-fixes).
- SUNRPC: Fix READ_PLUS crasher (git-fixes).
- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
- USB: new quirk for Dell Gen 2 devices (git-fixes).
- USB: serial: io_ti: add Agilent E5805A support (git-fixes).
- add Kirk Allan as branch maintainer
- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (git-fixes).
- btrfs: Convert fs_info->free_chunk_space to atomic64_t (bsc#1202528).
- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1202528).
- btrfs: add a trace point for reserve tickets (bsc#1202528).
- btrfs: adjust the flush trace point to include the source (bsc#1202528).
- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1202528).
- btrfs: check worker before need_preemptive_reclaim (bsc#1202528).
- btrfs: do not do preemptive flushing if the majority is global rsv (bsc#1202528).
- btrfs: do not include the global rsv size in the preemptive used amount (bsc#1202528).
- btrfs: enable a tracepoint when we fail tickets (bsc#1202528).
- btrfs: handle preemptive delalloc flushing slightly differently (bsc#1202528).
- btrfs: implement space clamping for preemptive flushing (bsc#1202528).
- btrfs: improve preemptive background space flushing (bsc#1202528).
- btrfs: include delalloc related info in dump space info tracepoint (bsc#1202528).
- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1202528).
- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1202528).
- btrfs: only clamp the first time we have to start flushing (bsc#1202528).
- btrfs: only ignore delalloc if delalloc is much smaller than ordered (bsc#1202528).
- btrfs: reduce the preemptive flushing threshold to 90% (bsc#1202528).
- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1202528).
- btrfs: rename need_do_async_reclaim (bsc#1202528).
- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1202528).
- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1202528).
- btrfs: rip out may_commit_transaction (bsc#1202528).
- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1202528).
- btrfs: simplify the logic in need_preemptive_flushing (bsc#1202528).
- btrfs: take into account global rsv in need_preemptive_reclaim (bsc#1202528).
- btrfs: use delalloc_bytes to determine flush amount for shrink_delalloc (bsc#1202528).
- btrfs: use percpu_read_positive instead of sum_positive for need_preempt (bsc#1202528).
- btrfs: use the filemap_fdatawrite_wbc helper for delalloc shrinking (bsc#1202528).
- btrfs: use the global rsv size in the preemptive thresh calculation (bsc#1202528).
- btrfs: wait on async extents when flushing delalloc (bsc#1202528).
- btrfs: wake up async_delalloc_pages waiters after submit (bsc#1202528).
- ceph: do not truncate file in atomic_open (bsc#1202830).
- cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610).
- check sk_peer_cred pointer before put_cred() call
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes).
- crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of (git-fixes).
- cxgb4: fix endian conversions for L4 ports in filters (git-fixes).
- cxgb4: move handling L2T ARP failures to caller (git-fixes).
- cxgb4: parse TC-U32 key values and masks natively (git-fixes).
- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
- drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX (git-fixes).
- fs: add a filemap_fdatawrite_wbc helper (bsc#1202528).
- fuse: limit nsec (bsc#1203126).
- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes).
- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
- kabi/severities: add mlx5 internal symbols
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325).
- md-raid: destroy the bitmap after destroying the thread (git-fixes).
- md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
- mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes, bsc#1203098).
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098).
- mvpp2: fix panic on module removal (git-fixes).
- mvpp2: refactor the HW checksum setup (git-fixes).
- net/mlx5: Clear LAG notifier pointer after unregister (git-fixes).
- net/mlx5: Fix auto group size calculation (git-fixes).
- net/mlx5: Imply MLXFW in mlx5_core (git-fixes).
- net/mlx5e: Use the inner headers to determine tc/pedit offload limitation on decap flows (git-fixes).
- net: dsa: mt7530: Change the LINK bit to reflect the link status (git-fixes).
- net: emaclite: Simplify if-else statements (git-fixes).
- net: ll_temac: Add more error handling of dma_map_single() calls (git-fixes).
- net: ll_temac: Enable DMA when ready, not before (git-fixes).
- net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure (git-fixes).
- net: ll_temac: Fix iommu/swiotlb leak (git-fixes).
- net: ll_temac: Fix support for 64-bit platforms (git-fixes).
- net: ll_temac: Fix support for little-endian platforms (git-fixes).
- net: ll_temac: Fix typo bug for 32-bit (git-fixes).
- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes).
- net: stmmac: gmac4: bitrev32 returns u32 (git-fixes).
- net: usb: lan78xx: Connect PHY before registering MAC (git-fixes).
- net: xilinx: replace dev_kfree_skb_irq by dev_consume_skb_irq for drop profiles (git-fixes).
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- objtool: Add --backtrace support (bsc#1202396).
- objtool: Add support for intra-function calls (bsc#1202396).
- objtool: Allow no-op CFI ops in alternatives (bsc#1202396).
- objtool: Convert insn type to enum (bsc#1202396).
- objtool: Do not use ignore flag for fake jumps (bsc#1202396).
- objtool: Fix !CFI insn_state propagation (bsc#1202396).
- objtool: Fix ORC vs alternatives (bsc#1202396).
- objtool: Fix sibling call detection (bsc#1202396).
- objtool: Make handle_insn_ops() unconditional (bsc#1202396).
- objtool: Remove INSN_STACK (bsc#1202396).
- objtool: Remove check preventing branches within alternative (bsc#1202396).
- objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (bsc#1202396).
- objtool: Rename struct cfi_state (bsc#1202396).
- objtool: Rework allocating stack_ops on decode (bsc#1202396).
- objtool: Rewrite alt->skip_orig (bsc#1202396).
- objtool: Set insn->func for alternatives (bsc#1202396).
- objtool: Support conditional retpolines (bsc#1202396).
- objtool: Support multiple stack_op per instruction (bsc#1202396).
- objtool: Track original function across branches (bsc#1202396).
- objtool: Uniquely identify alternative instruction groups (bsc#1202396).
- objtool: Use Elf_Scn typedef instead of assuming struct name (bsc#1202396).
- pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).
- phy: tegra: fix device-tree node lookups (git-fixes).
- powerpc/perf: Add privileged access check for thread_imc (bsc#1054914, git-fixes).
- powerpc/perf: Fix loop exit condition in nest_imc_event_init (bsc#1054914, git-fixes).
- powerpc/perf: Return accordingly on invalid chip-id in (bsc#1054914, git-fixes).
- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).
- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
- powerpc/powernv: Staticify functions without prototypes (bsc#1065729).
- powerpc/powernv: Use darn instruction for get_random_seed() on Power9 (bsc#1065729).
- powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729).
- powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729).
- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
- powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).
- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
- powerpc: Use sizeof(*foo) rather than sizeof(struct foo) (bsc#1054914, git-fixes).
- powerpc: define get_cycles macro for arch-override (bsc#1065729).
- powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).
- qed: Add EDPM mode type for user-fw compatibility (git-fixes).
- qed: fix kABI in qed_rdma_create_qp_in_params (git-fixes).
- rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
- scsi: smartpqi: set force_blk_mq=1.(bsc#1179310)
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes).
- squashfs: add more sanity checks in id lookup (git-fixes).
- squashfs: add more sanity checks in inode lookup (git-fixes).
- squashfs: add more sanity checks in xattr id lookup (git-fixes).
- squashfs: fix divide error in calculate_skip() (git-fixes).
- squashfs: fix inode lookup sanity checks (bsc#1203013).
- squashfs: fix xattr id and id lookup sanity checks (bsc#1203013).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/perf: Use strndup_user() instead of buggy open-coded version (git-fixes).
- tracing/uprobes: Check the return value of kstrdup() for tu->filename (git-fixes).
- tracing: Fix race in perf_trace_buf initialization (git-fixes).
- usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).
- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
- xfs: always free inline data before resetting inode fork during ifree (bsc#1202017).
- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).
- xfs: fix NULL pointer dereference in xfs_getbmap() (git-fixes).
- xprtrdma: Fix trace point use-after-free race (git-fixes).
Package | Affected Version |
---|---|
pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
pkg:rpm/suse/kernel-azure?arch=x86_64&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
pkg:rpm/suse/kernel-azure-base?arch=x86_64&distro=sles-12&sp=5 | < 4.12.14-16.109.1 |
- ID
- SUSE-SU-2022:3282-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20223282-1/
- Published
-
2022-09-15T13:33:30
(2 years ago) - Modified
-
2022-09-15T13:33:30
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1577
- ALAS-2022-1591
- ALAS-2022-1636
- ALAS-2022-1645
- ALAS2-2022-1768
- ALAS2-2022-1798
- ALAS2-2022-1833
- ALAS2-2022-1838
- ALAS2-2022-1852
- ALAS2-2022-1888
- ALAS2-2024-2569
- ALSA-2022:1988
- ALSA-2022:7110
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2023:2458
- ALSA-2023:2951
- DSA-5096-1
- DSA-5173-1
- DSA-5207-1
- ELSA-2022-10065
- ELSA-2022-1988
- ELSA-2022-7110
- ELSA-2022-7337
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9260
- ELSA-2022-9273
- ELSA-2022-9274
- ELSA-2022-9313
- ELSA-2022-9314
- ELSA-2022-9348
- ELSA-2022-9689
- ELSA-2022-9690
- ELSA-2022-9691
- ELSA-2022-9692
- ELSA-2022-9693
- ELSA-2022-9694
- ELSA-2022-9699
- ELSA-2022-9709
- ELSA-2022-9710
- ELSA-2022-9726
- ELSA-2022-9727
- ELSA-2022-9728
- ELSA-2022-9729
- ELSA-2022-9730
- ELSA-2022-9731
- ELSA-2022-9761
- ELSA-2022-9787
- ELSA-2022-9788
- ELSA-2022-9827
- ELSA-2022-9828
- ELSA-2022-9829
- ELSA-2022-9830
- ELSA-2022-9852
- ELSA-2022-9870
- ELSA-2022-9871
- ELSA-2022-9926
- ELSA-2022-9927
- ELSA-2022-9930
- ELSA-2022-9931
- ELSA-2022-9998
- ELSA-2022-9999
- ELSA-2023-2458
- ELSA-2023-2951
- FEDORA-2022-35c14ba5bb
- FEDORA-2022-484e226872
- FEDORA-2022-6835ddb6d8
- FEDORA-2022-9bbb1d9b7b
- FEDORA-2022-ccb0138bb6
- MS:CVE-2021-4203
- MS:CVE-2022-29581
- MS:CVE-2022-2977
- MS:CVE-2022-3028
- MS:CVE-2022-36879
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:7110
- RHSA-2022:7134
- RHSA-2022:7137
- RHSA-2022:7337
- RHSA-2022:7338
- RHSA-2022:7344
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:2148
- RHSA-2023:2458
- RHSA-2023:2736
- RHSA-2023:2951
- RLSA-2022:1988
- RLSA-2022:7110
- RLSA-2022:7683
- SSA:2022-031-01
- SSA:2022-237-02
- SSA:2022-333-01
- SUSE-SU-2022:2722-1
- SUSE-SU-2022:2741-1
- SUSE-SU-2022:2803-1
- SUSE-SU-2022:2875-1
- SUSE-SU-2022:2875-2
- SUSE-SU-2022:2892-1
- SUSE-SU-2022:2892-2
- SUSE-SU-2022:2910-1
- SUSE-SU-2022:3061-1
- SUSE-SU-2022:3064-1
- SUSE-SU-2022:3072-1
- SUSE-SU-2022:3088-1
- SUSE-SU-2022:3108-1
- SUSE-SU-2022:3123-1
- SUSE-SU-2022:3263-1
- SUSE-SU-2022:3264-1
- SUSE-SU-2022:3265-1
- SUSE-SU-2022:3274-1
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3291-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3294-1
- SUSE-SU-2022:3350-1
- SUSE-SU-2022:3359-1
- SUSE-SU-2022:3366-1
- SUSE-SU-2022:3368-1
- SUSE-SU-2022:3369-1
- SUSE-SU-2022:3370-1
- SUSE-SU-2022:3377-1
- SUSE-SU-2022:3407-1
- SUSE-SU-2022:3408-1
- SUSE-SU-2022:3412-1
- SUSE-SU-2022:3422-1
- SUSE-SU-2022:3432-1
- SUSE-SU-2022:3433-1
- SUSE-SU-2022:3445-1
- SUSE-SU-2022:3450-1
- SUSE-SU-2022:3463-1
- SUSE-SU-2022:3464-1
- SUSE-SU-2022:3465-1
- SUSE-SU-2022:3476-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:4024-1
- SUSE-SU-2022:4027-1
- SUSE-SU-2022:4030-1
- SUSE-SU-2022:4033-1
- SUSE-SU-2022:4034-1
- SUSE-SU-2022:4035-1
- SUSE-SU-2022:4039-1
- SUSE-SU-2022:4100-1
- SUSE-SU-2022:4112-1
- SUSE-SU-2022:4113-1
- SUSE-SU-2022:4129-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:0634-1
- SUSE-SU-2023:0747-1
- SUSE-SU-2023:0768-1
- SUSE-SU-2023:0852-1
- SUSE-SU-2023:1848-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2024:2901-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2940-1
- USN-5442-1
- USN-5442-2
- USN-5443-1
- USN-5443-2
- USN-5444-1
- USN-5557-1
- USN-5560-1
- USN-5560-2
- USN-5562-1
- USN-5564-1
- USN-5565-1
- USN-5566-1
- USN-5567-1
- USN-5580-1
- USN-5582-1
- USN-5588-1
- USN-5650-1
- USN-5667-1
- USN-5668-1
- USN-5677-1
- USN-5682-1
- USN-5683-1
- USN-5693-1
- USN-5703-1
- USN-5706-1
- USN-5727-1
- USN-5727-2
- USN-5728-1
- USN-5728-2
- USN-5728-3
- USN-5729-1
- USN-5729-2
- USN-5774-1
- USN-5854-1
- USN-5861-1
- USN-5862-1
- USN-5865-1
- USN-5883-1
- USN-5913-1
- USN-5924-1
- USN-5975-1
- USN-6001-1
- USN-6007-1
- USN-6013-1
- USN-6014-1
- USN-6221-1
- VMSA-2022-0020.2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-syms-azure | < 4.12.14-16.109.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=sles-12&sp=5 | suse | kernel-source-azure | < 4.12.14-16.109.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=sles-12&sp=5 | suse | kernel-devel-azure | < 4.12.14-16.109.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-azure?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-azure | < 4.12.14-16.109.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-azure-devel | < 4.12.14-16.109.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-azure-base?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-azure-base | < 4.12.14-16.109.1 | sles-12 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |