[SUSE-SU-2022:4615-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
20
CVEs
38
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-42328: Guests could trigger denial of service via the netback driver (bsc#1206114).
- CVE-2022-42329: Guests could trigger denial of service via the netback driver (bsc#1206113).
- CVE-2022-3643: Guests could trigger NIC interface reset/abort/crash via netback driver (bsc#1206113).
- CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c (bsc#1204631).
- CVE-2022-41850: Fixed a race condition in roccat_report_event() in drivers/hid/hid-roccat.c (bsc#1203960).
- CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
- CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in drivers/net/slip (bsc#1205671).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
- CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
- CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2cap_core.c's l2cap_connect() and l2cap_le_connect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).
- CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req() which can be used to leak kernel pointers remotely (bsc#1205705).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).
- CVE-2022-3628: Fixed potential buffer overflow in brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bsc#1202686).
- CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bsc#1198702).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bsc#1204653).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bsc#1204402).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in net/vmw_vsock/af_vsock.c (bsc#1204635).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bsc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bsc#1204647).
- CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bsc#1204574).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bsc#1204479).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bsc#1204431).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bsc#1204354).
- CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory (bsc#1203514).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bsc#1204168).
- CVE-2022-3169: Fixed an denial of service though request to NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET (bsc#1203290).
- CVE-2022-40307: Fixed a race condition that could had been exploited to trigger a use-after-free in the efi firmware capsule-loader.c (bsc#1203322).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-3521: Fixed a race condition in kcm_tx_work() of the file net/kcm/kcmsock.c (bsc#1204355).
- CVE-2022-2153: Fixed a NULL pointer dereference in the KVM subsystem, when attempting to set a SynIC IRQ (bsc#1200788).
- CVE-2022-41848: Fixed a race condition in drivers/char/pcmcia/synclink_cs.c mgslpc_ioctl and mgslpc_detach (bsc#1203987).
The following non-security bugs were fixed:
- ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
- sunrpc: Re-purpose trace_svc_process (bsc#1205006).
- x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
- x86/hyperv: Output host build info as normal Windows version number (git-fixes).
- x86/hyperv: Set pv_info.name to 'Hyper-V' (git-fixes).
- ID
- SUSE-SU-2022:4615-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20224615-1/
- Published
-
2022-12-23T09:44:36
(21 months ago) - Modified
-
2022-12-23T09:44:36
(21 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1591
- ALAS-2022-1636
- ALAS-2022-1645
- ALAS-2023-1706
- ALAS-2023-1707
- ALAS2-2022-1793
- ALAS2-2022-1838
- ALAS2-2022-1852
- ALAS2-2022-1876
- ALAS2-2022-1888
- ALAS2-2022-1903
- ALAS2-2023-1932
- ALAS2-2024-2569
- ALSA-2022:1988
- ALSA-2023:0101
- ALSA-2023:0334
- ALSA-2023:0832
- ALSA-2023:0951
- ALSA-2023:1566
- ALSA-2023:2458
- ALSA-2023:2951
- ALSA-2023:4517
- ALSA-2023:7077
- ALSA-2024:0897
- ALSA-2024:3138
- DSA-5173-1
- DSA-5257-1
- DSA-5324-1
- DSA-5730-1
- ELSA-2022-10065
- ELSA-2022-10071
- ELSA-2022-10072
- ELSA-2022-10073
- ELSA-2022-10078
- ELSA-2022-10079
- ELSA-2022-10080
- ELSA-2022-10081
- ELSA-2022-10108
- ELSA-2022-1988
- ELSA-2022-9709
- ELSA-2022-9710
- ELSA-2022-9852
- ELSA-2023-0101
- ELSA-2023-0334
- ELSA-2023-0399
- ELSA-2023-0832
- ELSA-2023-0951
- ELSA-2023-1091
- ELSA-2023-12006
- ELSA-2023-12007
- ELSA-2023-12008
- ELSA-2023-12009
- ELSA-2023-12017
- ELSA-2023-12018
- ELSA-2023-12109
- ELSA-2023-12116
- ELSA-2023-12117
- ELSA-2023-12118
- ELSA-2023-12119
- ELSA-2023-12120
- ELSA-2023-12121
- ELSA-2023-12160
- ELSA-2023-12199
- ELSA-2023-12200
- ELSA-2023-12206
- ELSA-2023-12207
- ELSA-2023-12323
- ELSA-2023-12375
- ELSA-2023-12565
- ELSA-2023-1566
- ELSA-2023-1822
- ELSA-2023-1987
- ELSA-2023-2458
- ELSA-2023-2951
- ELSA-2023-4517
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12094
- ELSA-2024-12169
- ELSA-2024-1249
- ELSA-2024-12610
- ELSA-2024-12612
- ELSA-2024-2394
- ELSA-2024-3138
- FEDORA-2022-1a5b125ac6
- FEDORA-2022-2cfbe17910
- FEDORA-2022-90162a1d88
- FEDORA-2022-b948fc3cfb
- MS:CVE-2021-4037
- MS:CVE-2022-2153
- MS:CVE-2022-3521
- MS:CVE-2022-3542
- MS:CVE-2022-3545
- MS:CVE-2022-3586
- MS:CVE-2022-3594
- MS:CVE-2022-40307
- MS:CVE-2022-40768
- MS:CVE-2022-41850
- MS:CVE-2022-41858
- MS:CVE-2022-42328
- MS:CVE-2022-42329
- MS:CVE-2022-42703
- MS:CVE-2022-43750
- MS:CVE-2022-4378
- MS:CVE-2022-43945
- MS:CVE-2022-45934
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:7110
- RHSA-2022:7134
- RHSA-2022:7337
- RHSA-2022:7338
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:0101
- RHSA-2023:0114
- RHSA-2023:0123
- RHSA-2023:0300
- RHSA-2023:0334
- RHSA-2023:0348
- RHSA-2023:0399
- RHSA-2023:0400
- RHSA-2023:0404
- RHSA-2023:0832
- RHSA-2023:0839
- RHSA-2023:0854
- RHSA-2023:0951
- RHSA-2023:0979
- RHSA-2023:1008
- RHSA-2023:1091
- RHSA-2023:1092
- RHSA-2023:1101
- RHSA-2023:1566
- RHSA-2023:1584
- RHSA-2023:1659
- RHSA-2023:1987
- RHSA-2023:1988
- RHSA-2023:2148
- RHSA-2023:2458
- RHSA-2023:2736
- RHSA-2023:2951
- RHSA-2023:4517
- RHSA-2023:4531
- RHSA-2023:4541
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1249
- RHSA-2024:1323
- RHSA-2024:1332
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2022:1988
- RLSA-2023:0101
- RLSA-2023:0334
- RLSA-2023:0832
- RLSA-2023:1566
- RLSA-2023:4517
- RLSA-2024:3138
- SSA:2022-333-01
- SSA:2023-048-01
- SUSE-SU-2022:1257-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1669-1
- SUSE-SU-2022:1676-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:1687-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3584-1
- SUSE-SU-2022:3585-1
- SUSE-SU-2022:3587-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3688-1
- SUSE-SU-2022:3693-1
- SUSE-SU-2022:3704-1
- SUSE-SU-2022:3775-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:3810-1
- SUSE-SU-2022:3844-1
- SUSE-SU-2022:3897-1
- SUSE-SU-2022:3929-1
- SUSE-SU-2022:3930-1
- SUSE-SU-2022:3998-1
- SUSE-SU-2022:4024-1
- SUSE-SU-2022:4027-1
- SUSE-SU-2022:4030-1
- SUSE-SU-2022:4033-1
- SUSE-SU-2022:4034-1
- SUSE-SU-2022:4035-1
- SUSE-SU-2022:4039-1
- SUSE-SU-2022:4053-1
- SUSE-SU-2022:4072-1
- SUSE-SU-2022:4100-1
- SUSE-SU-2022:4112-1
- SUSE-SU-2022:4113-1
- SUSE-SU-2022:4129-1
- SUSE-SU-2022:4272-1
- SUSE-SU-2022:4273-1
- SUSE-SU-2022:4503-1
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4505-1
- SUSE-SU-2022:4506-1
- SUSE-SU-2022:4510-1
- SUSE-SU-2022:4513-1
- SUSE-SU-2022:4515-1
- SUSE-SU-2022:4516-1
- SUSE-SU-2022:4517-1
- SUSE-SU-2022:4518-1
- SUSE-SU-2022:4520-1
- SUSE-SU-2022:4527-1
- SUSE-SU-2022:4528-1
- SUSE-SU-2022:4533-1
- SUSE-SU-2022:4534-1
- SUSE-SU-2022:4539-1
- SUSE-SU-2022:4542-1
- SUSE-SU-2022:4543-1
- SUSE-SU-2022:4544-1
- SUSE-SU-2022:4545-1
- SUSE-SU-2022:4546-1
- SUSE-SU-2022:4550-1
- SUSE-SU-2022:4551-1
- SUSE-SU-2022:4559-1
- SUSE-SU-2022:4560-1
- SUSE-SU-2022:4561-1
- SUSE-SU-2022:4562-1
- SUSE-SU-2022:4566-1
- SUSE-SU-2022:4569-1
- SUSE-SU-2022:4572-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4574-1
- SUSE-SU-2022:4577-1
- SUSE-SU-2022:4580-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4587-1
- SUSE-SU-2022:4589-1
- SUSE-SU-2022:4595-1
- SUSE-SU-2022:4611-1
- SUSE-SU-2022:4613-1
- SUSE-SU-2022:4614-1
- SUSE-SU-2022:4616-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0134-1
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0226-1
- SUSE-SU-2023:0227-1
- SUSE-SU-2023:0229-1
- SUSE-SU-2023:0231-1
- SUSE-SU-2023:0235-1
- SUSE-SU-2023:0237-1
- SUSE-SU-2023:0238-1
- SUSE-SU-2023:0240-1
- SUSE-SU-2023:0245-1
- SUSE-SU-2023:0250-1
- SUSE-SU-2023:0262-1
- SUSE-SU-2023:0263-1
- SUSE-SU-2023:0267-1
- SUSE-SU-2023:0270-1
- SUSE-SU-2023:0271-1
- SUSE-SU-2023:0277-1
- SUSE-SU-2023:0281-1
- SUSE-SU-2023:0331-1
- SUSE-SU-2023:0406-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:0420-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2151-1
- SUSE-SU-2023:2162-1
- SUSE-SU-2023:2163-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2506-1
- SUSE-SU-2024:2901-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2940-1
- USN-5650-1
- USN-5693-1
- USN-5727-1
- USN-5727-2
- USN-5728-1
- USN-5728-2
- USN-5728-3
- USN-5729-1
- USN-5729-2
- USN-5754-1
- USN-5754-2
- USN-5755-1
- USN-5755-2
- USN-5756-1
- USN-5756-2
- USN-5756-3
- USN-5757-1
- USN-5757-2
- USN-5758-1
- USN-5773-1
- USN-5774-1
- USN-5779-1
- USN-5780-1
- USN-5783-1
- USN-5789-1
- USN-5790-1
- USN-5791-1
- USN-5791-2
- USN-5791-3
- USN-5792-1
- USN-5792-2
- USN-5793-1
- USN-5793-2
- USN-5793-3
- USN-5793-4
- USN-5794-1
- USN-5799-1
- USN-5802-1
- USN-5803-1
- USN-5804-1
- USN-5804-2
- USN-5808-1
- USN-5809-1
- USN-5813-1
- USN-5814-1
- USN-5815-1
- USN-5829-1
- USN-5830-1
- USN-5831-1
- USN-5832-1
- USN-5850-1
- USN-5851-1
- USN-5853-1
- USN-5854-1
- USN-5856-1
- USN-5858-1
- USN-5859-1
- USN-5860-1
- USN-5861-1
- USN-5862-1
- USN-5863-1
- USN-5865-1
- USN-5874-1
- USN-5875-1
- USN-5876-1
- USN-5877-1
- USN-5878-1
- USN-5879-1
- USN-5883-1
- USN-5884-1
- USN-5909-1
- USN-5911-1
- USN-5912-1
- USN-5913-1
- USN-5914-1
- USN-5916-1
- USN-5917-1
- USN-5918-1
- USN-5919-1
- USN-5920-1
- USN-5924-1
- USN-5925-1
- USN-5926-1
- USN-5927-1
- USN-5929-1
- USN-5934-1
- USN-5935-1
- USN-5938-1
- USN-5939-1
- USN-5940-1
- USN-5941-1
- USN-5950-1
- USN-5951-1
- USN-5962-1
- USN-5970-1
- USN-5975-1
- USN-5976-1
- USN-5979-1
- USN-5981-1
- USN-5982-1
- USN-5984-1
- USN-5987-1
- USN-5991-1
- USN-6000-1
- USN-6001-1
- USN-6004-1
- USN-6007-1
- USN-6009-1
- USN-6013-1
- USN-6014-1
- USN-6024-1
- USN-6027-1
- USN-6029-1
- USN-6030-1
- USN-6031-1
- USN-6045-1
- USN-6071-1
- USN-6093-1
- USN-6124-1
- USN-6222-1
- USN-6247-1
- USN-6256-1
- VMSA-2022-0020.2
- XSA-423
- XSA-424
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.114.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.114.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.114.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.114.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 | suse | kernel-source | < 4.12.14-95.114.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 | suse | kernel-macros | < 4.12.14-95.114.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 | suse | kernel-devel | < 4.12.14-95.114.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.114.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.114.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.114.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.114.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-man | < 4.12.14-95.114.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.114.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.114.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.114.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.114.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.114.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.114.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.114.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.114.1 | sles-12 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |