[SUSE-SU-2022:3294-1] Security update for the Linux Kernel

Severity Important

Affected Packages 7

CVEs 11

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes.

The following security bugs were fixed:

CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).

The following non-security bugs were fixed:

net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).
mm, rmap: Fixed anon_vma->degree ambiguity leading to double-reuse (bsc#1203098).
lightnvm: Removed lightnvm implemenation (bsc#1191881).

Package	Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.188.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2	< 4.4.121-92.188.1

ID

SUSE-SU-2022:3294-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/

Published

2022-09-16T16:46:06
(2 years ago)

Modified

2022-09-16T16:46:06
(2 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3294-1.json
Suse	URL for SUSE-SU-2022:3294-1	https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/
Suse	E-Mail link for SUSE-SU-2022:3294-1	https://lists.suse.com/pipermail/sle-security-updates/2022-September/012274.html
Bugzilla	SUSE Bug 1133374	https://bugzilla.suse.com/1133374
Bugzilla	SUSE Bug 1191881	https://bugzilla.suse.com/1191881
Bugzilla	SUSE Bug 1196616	https://bugzilla.suse.com/1196616
Bugzilla	SUSE Bug 1201420	https://bugzilla.suse.com/1201420
Bugzilla	SUSE Bug 1201726	https://bugzilla.suse.com/1201726
Bugzilla	SUSE Bug 1201948	https://bugzilla.suse.com/1201948
Bugzilla	SUSE Bug 1202096	https://bugzilla.suse.com/1202096
Bugzilla	SUSE Bug 1202346	https://bugzilla.suse.com/1202346
Bugzilla	SUSE Bug 1202347	https://bugzilla.suse.com/1202347
Bugzilla	SUSE Bug 1202393	https://bugzilla.suse.com/1202393
Bugzilla	SUSE Bug 1202897	https://bugzilla.suse.com/1202897
Bugzilla	SUSE Bug 1202898	https://bugzilla.suse.com/1202898
Bugzilla	SUSE Bug 1203098	https://bugzilla.suse.com/1203098
Bugzilla	SUSE Bug 1203107	https://bugzilla.suse.com/1203107
CVE	SUSE CVE CVE-2019-3900 page	https://www.suse.com/security/cve/CVE-2019-3900/
CVE	SUSE CVE CVE-2020-36516 page	https://www.suse.com/security/cve/CVE-2020-36516/
CVE	SUSE CVE CVE-2022-20368 page	https://www.suse.com/security/cve/CVE-2022-20368/
CVE	SUSE CVE CVE-2022-20369 page	https://www.suse.com/security/cve/CVE-2022-20369/
CVE	SUSE CVE CVE-2022-21385 page	https://www.suse.com/security/cve/CVE-2022-21385/
CVE	SUSE CVE CVE-2022-2588 page	https://www.suse.com/security/cve/CVE-2022-2588/
CVE	SUSE CVE CVE-2022-26373 page	https://www.suse.com/security/cve/CVE-2022-26373/
CVE	SUSE CVE CVE-2022-2991 page	https://www.suse.com/security/cve/CVE-2022-2991/
CVE	SUSE CVE CVE-2022-3028 page	https://www.suse.com/security/cve/CVE-2022-3028/
CVE	SUSE CVE CVE-2022-36879 page	https://www.suse.com/security/cve/CVE-2022-36879/
CVE	SUSE CVE CVE-2022-39188 page	https://www.suse.com/security/cve/CVE-2022-39188/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2	suse	kernel-syms	< 4.4.121-92.188.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2	suse	kernel-source	< 4.4.121-92.188.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2	suse	kernel-macros	< 4.4.121-92.188.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2	suse	kernel-devel	< 4.4.121-92.188.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default	< 4.4.121-92.188.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default-devel	< 4.4.121-92.188.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2	suse	kernel-default-base	< 4.4.121-92.188.1	sles-12	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date