1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:4614-1

[SUSE-SU-2022:4614-1] Security update for the Linux Kernel

Severity Important
CVEs 43
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
  • CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c (bsc#1204631).
  • CVE-2022-41850: Fixed a race condition in roccat_report_event() in drivers/hid/hid-roccat.c (bsc#1203960).
  • CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
  • CVE-2022-3628: Fixed potential buffer overflow in brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
  • CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
  • CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in drivers/net/slip (bsc#1205671).
  • CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
  • CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
  • CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
  • CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req() which can be used to leak kernel pointers remotely (bsc#1205705).
  • CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2cap_core.c's l2cap_connect() and l2cap_le_connect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).
  • CVE-2022-2602: Fixed a local privilege escalation vulnerability involving Unix socket Garbage Collection and io_uring (bsc#1204228).
  • CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2022-3707: Fixed a double free in the Intel GVT-g graphics driver (bsc#1204780).
  • CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bsc#1202686).
  • CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bsc#1198702).
  • CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bsc#1204653).
  • CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bsc#1204402).
  • CVE-2022-3629: Fixed memory leak in vsock_connect() in net/vmw_vsock/af_vsock.c (bsc#1204635).
  • CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bsc#1204646).
  • CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bsc#1204647).
  • CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bsc#1204574).
  • CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bsc#1204479).
  • CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
  • CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bsc#1204431).
  • CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bsc#1204354).
  • CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory (bsc#1203514).
  • CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bsc#1204168).
  • CVE-2022-3169: Fixed an denial of service though request to NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET (bsc#1203290).
  • CVE-2022-40307: Fixed a race condition that could had been exploited to trigger a use-after-free in the efi firmware capsule-loader.c (bsc#1203322).
  • CVE-2022-3176: Fixed a use-after-free in io_uring related to signalfd_poll() and binder_poll() (bsc#1203391).
  • CVE-2022-3625: Fixed a user-after-free vulnerability in devlink_param_set/devlink_param_get of the file net/core/devlink.c (bsc#1204637).
  • CVE-2022-3535: Fixed a memory leak in mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bsc#1204417).
  • CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
  • CVE-2022-39189: Fixed an issue were an unprivileged guest users can compromise the guest kernel because TLB flush operations were mishandled in certain KVM_VCPU_PREEMPTED situations (bsc#1203066).
  • CVE-2022-3577: Fixed an out-of-bounds memory write in bigben_probe of drivers/hid/hid-bigbenff.c (bsc#1204470).
  • CVE-2022-3521: Fixed a race condition in kcm_tx_work() of the file net/kcm/kcmsock.c (bsc#1204355).
  • CVE-2022-2153: Fixed a NULL pointer dereference in the KVM subsystem, when attempting to set a SynIC IRQ (bsc#1200788).
  • CVE-2022-2978: Fixed a use-after-free in the NILFS file system (bsc#1202700).

The following non-security bugs were fixed:

  • Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
  • Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening (bsc#1204017).
  • Drivers: hv: vmbus: Allow cleanup of VMBUS_CONNECT_CPU if disconnected (bsc#1204017).
  • Drivers: hv: vmbus: Always handle the VMBus messages on CPU0 (bsc#1204017).
  • Drivers: hv: vmbus: Do not bind the offer&rescind works to a specific CPU (bsc#1204017).
  • Drivers: hv: vmbus: Drop error message when 'No request id available' (bsc#1204017).
  • Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero (bsc#1204017).
  • Drivers: hv: vmbus: Fix potential crash on module unload (git-fixes).
  • Drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
  • Drivers: hv: vmbus: Move __vmbus_open() (bsc#1204017).
  • Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer (git-fixes).
  • Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb() (bsc#1204017).
  • Drivers: hv: vmbus: Replace the per-CPU channel lists with a global array of channels (bsc#1204017).
  • Drivers: hv: vmbus: Use a spin lock for synchronizing channel scheduling vs. channel removal (bsc#1204017).
  • Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() (git-fixes).
  • Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() (git-fixes).
  • PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() (bsc#1204446).
  • PCI: hv: Add hibernation support (bsc#1204446).
  • PCI: hv: Add validation for untrusted Hyper-V values (bsc#1204017).
  • PCI: hv: Drop msi_controller structure (bsc#1204446).
  • PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (bsc#1199365).
  • PCI: hv: Fix a race condition when removing the device (bsc#1204446).
  • PCI: hv: Fix hibernation in case interrupts are not re-created (bsc#1204446).
  • PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
  • PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
  • PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
  • PCI: hv: Fix sleep while in non-sleep context when removing child devices from the bus (bsc#1204446).
  • PCI: hv: Fix synchronization between channel callback and hv_compose_msi_msg() (bsc#1204017, bsc#1203860).
  • PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit() (bsc#1204017).
  • PCI: hv: Fix the definition of vector in hv_compose_msi_msg() (bsc#1200845).
  • PCI: hv: Make the code arch neutral by adding arch specific interfaces (bsc#1200845).
  • PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
  • PCI: hv: Prepare hv_compose_msi_msg() for the VMBus-channel-interrupt-to-vCPU reassignment functionality (bsc#1204017).
  • PCI: hv: Remove bus device removal unused refcount/functions (bsc#1204446).
  • PCI: hv: Remove unnecessary use of %hx (bsc#1204446).
  • PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).
  • PCI: hv: Support for create interrupt v3 (bsc#1204446).
  • PCI: hv: Use PCI_ERROR_RESPONSE to identify config read errors (bsc#1204446).
  • PCI: hv: Use struct_size() helper (bsc#1204446).
  • PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (bsc#1204017).
  • exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053 bsc#1201725).
  • hv_netvsc: Add check for kvmalloc_array (git-fixes).
  • hv_netvsc: Add error handling while switching data path (bsc#1204850).
  • hv_netvsc: Add the support of hibernation (bsc#1204017).
  • hv_netvsc: Add validation for untrusted Hyper-V values (bsc#1204017).
  • hv_netvsc: Cache the current data path to avoid duplicate call and message (bsc#1204017).
  • hv_netvsc: Check VF datapath when sending traffic to VF (bsc#1204017).
  • hv_netvsc: Fix hibernation for mlx5 VF driver (bsc#1204850).
  • hv_netvsc: Fix potential dereference of NULL pointer (bsc#1204017).
  • hv_netvsc: Fix race between VF offering and VF association message from host (bsc#1204850).
  • hv_netvsc: Print value of invalid ID in netvsc_send_{completion,tx_complete}() (bsc#1204017).
  • hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove (bsc#1204850).
  • hv_netvsc: Remove unnecessary round_up for recv_completion_cnt (bsc#1204017).
  • hv_netvsc: Reset the RSC count if NVSP_STAT_FAIL in netvsc_receive() (bsc#1204017).
  • hv_netvsc: Switch the data path at the right time during hibernation (bsc#1204850).
  • hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • hv_netvsc: Wait for completion on request SWITCH_DATA_PATH (bsc#1204017).
  • hv_netvsc: use netif_is_bond_master() instead of open code (git-fixes).
  • mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page (bsc#1204575).
  • net: hyperv: remove use of bpf_op_t (git-fixes).
  • net: mana: Add rmb after checking owner bits (git-fixes).
  • net: netvsc: remove break after return (git-fixes).
  • scsi: storvsc: Drop DID_TARGET_FAILURE use (git-fixes).
  • scsi: storvsc: Fix max_outstanding_req_per_channel for Win8 and newer (bsc#1204017).
  • scsi: storvsc: Fix validation for unsolicited incoming packets (bsc#1204017).
  • scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (git-fixes).
  • scsi: storvsc: Resolve data race in storvsc_probe() (bsc#1204017).
  • scsi: storvsc: Use blk_mq_unique_tag() to generate requestIDs (bsc#1204017).
  • scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • scsi: storvsc: Validate length of incoming packet in storvsc_on_channel_callback() (bsc#1204017).
  • x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
  • x86/hyperv: Output host build info as normal Windows version number (git-fixes).
  • xfs: reserve data and rt quota at the same time (bsc#1203496).
ID
SUSE-SU-2022:4614-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20224614-1/
Published
2022-12-23T09:43:37
(21 months ago)
Modified
2022-12-23T09:43:37
(21 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4614-1.json
Suse URL for SUSE-SU-2022:4614-1 https://www.suse.com/support/update/announcement/2022/suse-su-20224614-1/
Suse E-Mail link for SUSE-SU-2022:4614-1 https://lists.suse.com/pipermail/sle-security-updates/2022-December/013337.html
Bugzilla SUSE Bug 1198702 https://bugzilla.suse.com/1198702
Bugzilla SUSE Bug 1199365 https://bugzilla.suse.com/1199365
Bugzilla SUSE Bug 1200845 https://bugzilla.suse.com/1200845
Bugzilla SUSE Bug 1201725 https://bugzilla.suse.com/1201725
Bugzilla SUSE Bug 1202686 https://bugzilla.suse.com/1202686
Bugzilla SUSE Bug 1202700 https://bugzilla.suse.com/1202700
Bugzilla SUSE Bug 1203008 https://bugzilla.suse.com/1203008
Bugzilla SUSE Bug 1203066 https://bugzilla.suse.com/1203066
Bugzilla SUSE Bug 1203067 https://bugzilla.suse.com/1203067
Bugzilla SUSE Bug 1203322 https://bugzilla.suse.com/1203322
Bugzilla SUSE Bug 1203391 https://bugzilla.suse.com/1203391
Bugzilla SUSE Bug 1203496 https://bugzilla.suse.com/1203496
Bugzilla SUSE Bug 1203514 https://bugzilla.suse.com/1203514
Bugzilla SUSE Bug 1203860 https://bugzilla.suse.com/1203860
Bugzilla SUSE Bug 1203960 https://bugzilla.suse.com/1203960
Bugzilla SUSE Bug 1204017 https://bugzilla.suse.com/1204017
Bugzilla SUSE Bug 1204053 https://bugzilla.suse.com/1204053
Bugzilla SUSE Bug 1204168 https://bugzilla.suse.com/1204168
Bugzilla SUSE Bug 1204170 https://bugzilla.suse.com/1204170
Bugzilla SUSE Bug 1204354 https://bugzilla.suse.com/1204354
Bugzilla SUSE Bug 1204355 https://bugzilla.suse.com/1204355
Bugzilla SUSE Bug 1204402 https://bugzilla.suse.com/1204402
Bugzilla SUSE Bug 1204414 https://bugzilla.suse.com/1204414
Bugzilla SUSE Bug 1204415 https://bugzilla.suse.com/1204415
Bugzilla SUSE Bug 1204417 https://bugzilla.suse.com/1204417
Bugzilla SUSE Bug 1204424 https://bugzilla.suse.com/1204424
Bugzilla SUSE Bug 1204431 https://bugzilla.suse.com/1204431
Bugzilla SUSE Bug 1204432 https://bugzilla.suse.com/1204432
Bugzilla SUSE Bug 1204439 https://bugzilla.suse.com/1204439
Bugzilla SUSE Bug 1204446 https://bugzilla.suse.com/1204446
Bugzilla SUSE Bug 1204470 https://bugzilla.suse.com/1204470
Bugzilla SUSE Bug 1204479 https://bugzilla.suse.com/1204479
Bugzilla SUSE Bug 1204486 https://bugzilla.suse.com/1204486
Bugzilla SUSE Bug 1204574 https://bugzilla.suse.com/1204574
Bugzilla SUSE Bug 1204575 https://bugzilla.suse.com/1204575
Bugzilla SUSE Bug 1204576 https://bugzilla.suse.com/1204576
Bugzilla SUSE Bug 1204631 https://bugzilla.suse.com/1204631
Bugzilla SUSE Bug 1204635 https://bugzilla.suse.com/1204635
Bugzilla SUSE Bug 1204636 https://bugzilla.suse.com/1204636
Bugzilla SUSE Bug 1204637 https://bugzilla.suse.com/1204637
Bugzilla SUSE Bug 1204646 https://bugzilla.suse.com/1204646
Bugzilla SUSE Bug 1204647 https://bugzilla.suse.com/1204647
Bugzilla SUSE Bug 1204653 https://bugzilla.suse.com/1204653
Bugzilla SUSE Bug 1204780 https://bugzilla.suse.com/1204780
Bugzilla SUSE Bug 1204850 https://bugzilla.suse.com/1204850
Bugzilla SUSE Bug 1205128 https://bugzilla.suse.com/1205128
Bugzilla SUSE Bug 1205130 https://bugzilla.suse.com/1205130
Bugzilla SUSE Bug 1205220 https://bugzilla.suse.com/1205220
Bugzilla SUSE Bug 1205473 https://bugzilla.suse.com/1205473
Bugzilla SUSE Bug 1205514 https://bugzilla.suse.com/1205514
Bugzilla SUSE Bug 1205617 https://bugzilla.suse.com/1205617
Bugzilla SUSE Bug 1205671 https://bugzilla.suse.com/1205671
Bugzilla SUSE Bug 1205700 https://bugzilla.suse.com/1205700
Bugzilla SUSE Bug 1205705 https://bugzilla.suse.com/1205705
Bugzilla SUSE Bug 1205709 https://bugzilla.suse.com/1205709
Bugzilla SUSE Bug 1205711 https://bugzilla.suse.com/1205711
Bugzilla SUSE Bug 1205796 https://bugzilla.suse.com/1205796
Bugzilla SUSE Bug 1206207 https://bugzilla.suse.com/1206207
Bugzilla SUSE Bug 1206228 https://bugzilla.suse.com/1206228
CVE SUSE CVE CVE-2021-4037 page https://www.suse.com/security/cve/CVE-2021-4037/
CVE SUSE CVE CVE-2022-2153 page https://www.suse.com/security/cve/CVE-2022-2153/
CVE SUSE CVE CVE-2022-2602 page https://www.suse.com/security/cve/CVE-2022-2602/
CVE SUSE CVE CVE-2022-28693 page https://www.suse.com/security/cve/CVE-2022-28693/
CVE SUSE CVE CVE-2022-28748 page https://www.suse.com/security/cve/CVE-2022-28748/
CVE SUSE CVE CVE-2022-2964 page https://www.suse.com/security/cve/CVE-2022-2964/
CVE SUSE CVE CVE-2022-2978 page https://www.suse.com/security/cve/CVE-2022-2978/
CVE SUSE CVE CVE-2022-3169 page https://www.suse.com/security/cve/CVE-2022-3169/
CVE SUSE CVE CVE-2022-3176 page https://www.suse.com/security/cve/CVE-2022-3176/
CVE SUSE CVE CVE-2022-3521 page https://www.suse.com/security/cve/CVE-2022-3521/
CVE SUSE CVE CVE-2022-3524 page https://www.suse.com/security/cve/CVE-2022-3524/
CVE SUSE CVE CVE-2022-3535 page https://www.suse.com/security/cve/CVE-2022-3535/
CVE SUSE CVE CVE-2022-3542 page https://www.suse.com/security/cve/CVE-2022-3542/
CVE SUSE CVE CVE-2022-3545 page https://www.suse.com/security/cve/CVE-2022-3545/
CVE SUSE CVE CVE-2022-3565 page https://www.suse.com/security/cve/CVE-2022-3565/
CVE SUSE CVE CVE-2022-3567 page https://www.suse.com/security/cve/CVE-2022-3567/
CVE SUSE CVE CVE-2022-3577 page https://www.suse.com/security/cve/CVE-2022-3577/
CVE SUSE CVE CVE-2022-3586 page https://www.suse.com/security/cve/CVE-2022-3586/
CVE SUSE CVE CVE-2022-3594 page https://www.suse.com/security/cve/CVE-2022-3594/
CVE SUSE CVE CVE-2022-3621 page https://www.suse.com/security/cve/CVE-2022-3621/
CVE SUSE CVE CVE-2022-3625 page https://www.suse.com/security/cve/CVE-2022-3625/
CVE SUSE CVE CVE-2022-3628 page https://www.suse.com/security/cve/CVE-2022-3628/
CVE SUSE CVE CVE-2022-3629 page https://www.suse.com/security/cve/CVE-2022-3629/
CVE SUSE CVE CVE-2022-3635 page https://www.suse.com/security/cve/CVE-2022-3635/
CVE SUSE CVE CVE-2022-3646 page https://www.suse.com/security/cve/CVE-2022-3646/
CVE SUSE CVE CVE-2022-3649 page https://www.suse.com/security/cve/CVE-2022-3649/
CVE SUSE CVE CVE-2022-3707 page https://www.suse.com/security/cve/CVE-2022-3707/
CVE SUSE CVE CVE-2022-3903 page https://www.suse.com/security/cve/CVE-2022-3903/
CVE SUSE CVE CVE-2022-39189 page https://www.suse.com/security/cve/CVE-2022-39189/
CVE SUSE CVE CVE-2022-40307 page https://www.suse.com/security/cve/CVE-2022-40307/
CVE SUSE CVE CVE-2022-40768 page https://www.suse.com/security/cve/CVE-2022-40768/
CVE SUSE CVE CVE-2022-4095 page https://www.suse.com/security/cve/CVE-2022-4095/
CVE SUSE CVE CVE-2022-4129 page https://www.suse.com/security/cve/CVE-2022-4129/
CVE SUSE CVE CVE-2022-4139 page https://www.suse.com/security/cve/CVE-2022-4139/
CVE SUSE CVE CVE-2022-41850 page https://www.suse.com/security/cve/CVE-2022-41850/
CVE SUSE CVE CVE-2022-41858 page https://www.suse.com/security/cve/CVE-2022-41858/
CVE SUSE CVE CVE-2022-42703 page https://www.suse.com/security/cve/CVE-2022-42703/
CVE SUSE CVE CVE-2022-42895 page https://www.suse.com/security/cve/CVE-2022-42895/
CVE SUSE CVE CVE-2022-42896 page https://www.suse.com/security/cve/CVE-2022-42896/
CVE SUSE CVE CVE-2022-43750 page https://www.suse.com/security/cve/CVE-2022-43750/
CVE SUSE CVE CVE-2022-4378 page https://www.suse.com/security/cve/CVE-2022-4378/
CVE SUSE CVE CVE-2022-43945 page https://www.suse.com/security/cve/CVE-2022-43945/
CVE SUSE CVE CVE-2022-45934 page https://www.suse.com/security/cve/CVE-2022-45934/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date