SUSE-SU-2022:1257-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:1257-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2022:1257-1
- Related
- Published
- 2022-04-19T09:03:30Z
- Modified
- 2022-04-19T09:03:30Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823).
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).
- CVE-2022-1048: Fixed a race Condition in sndpcmhwfree leading to use-after-free due to the AB/BA lock with buffermutex and mmap_lock (bsc#1197331).
- CVE-2022-1055: Fixed a use-after-free in tcnewtfilter that could allow a local attacker to gain privilege escalation (bnc#1197702).
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462).
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).
- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).
- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aiopollcomplete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956).
- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).
- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).
- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udffilewrite_iter() via a malicious UDF image (bsc#1196079).
- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDISMSGSET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).
- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).
- CVE-2021-44879: In gcdatasegment() in fs/f2fs/gc.c, special files were not considered, which lead to a movedatapage NULL pointer dereference (bsc#1195987).
- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).
- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).
- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the ODIRECTORY flag, and tries to open a regular file, nfsatomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
- CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018).
- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernelreadfilefromfd() (bsc#1196155)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).
The following non-security bugs were fixed:
- cifs: use the correct max-length for dentrypathraw() (bsc#1196196).
- gve: multiple bugfixes (jsc#SLE-23652).
- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
- powerpc/mm/numa: skip NUMANONODE onlining in parsenumaproperties() (bsc#1179639).
- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).
- References
-
- https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/
- https://bugzilla.suse.com/1179639
- https://bugzilla.suse.com/1189126
- https://bugzilla.suse.com/1189562
- https://bugzilla.suse.com/1193731
- https://bugzilla.suse.com/1194516
- https://bugzilla.suse.com/1194943
- https://bugzilla.suse.com/1195051
- https://bugzilla.suse.com/1195254
- https://bugzilla.suse.com/1195286
- https://bugzilla.suse.com/1195353
- https://bugzilla.suse.com/1195403
- https://bugzilla.suse.com/1195516
- https://bugzilla.suse.com/1195543
- https://bugzilla.suse.com/1195612
- https://bugzilla.suse.com/1195897
- https://bugzilla.suse.com/1195905
- https://bugzilla.suse.com/1195939
- https://bugzilla.suse.com/1195987
- https://bugzilla.suse.com/1196018
- https://bugzilla.suse.com/1196079
- https://bugzilla.suse.com/1196095
- https://bugzilla.suse.com/1196155
- https://bugzilla.suse.com/1196196
- https://bugzilla.suse.com/1196235
- https://bugzilla.suse.com/1196468
- https://bugzilla.suse.com/1196488
- https://bugzilla.suse.com/1196612
- https://bugzilla.suse.com/1196761
- https://bugzilla.suse.com/1196776
- https://bugzilla.suse.com/1196823
- https://bugzilla.suse.com/1196830
- https://bugzilla.suse.com/1196836
- https://bugzilla.suse.com/1196956
- https://bugzilla.suse.com/1197227
- https://bugzilla.suse.com/1197331
- https://bugzilla.suse.com/1197366
- https://bugzilla.suse.com/1197389
- https://bugzilla.suse.com/1197462
- https://bugzilla.suse.com/1197702
- https://bugzilla.suse.com/1198031
- https://bugzilla.suse.com/1198032
- https://bugzilla.suse.com/1198033
- https://www.suse.com/security/cve/CVE-2021-0920
- https://www.suse.com/security/cve/CVE-2021-39698
- https://www.suse.com/security/cve/CVE-2021-44879
- https://www.suse.com/security/cve/CVE-2021-45868
- https://www.suse.com/security/cve/CVE-2022-0487
- https://www.suse.com/security/cve/CVE-2022-0492
- https://www.suse.com/security/cve/CVE-2022-0516
- https://www.suse.com/security/cve/CVE-2022-0617
- https://www.suse.com/security/cve/CVE-2022-0644
- https://www.suse.com/security/cve/CVE-2022-0850
- https://www.suse.com/security/cve/CVE-2022-0854
- https://www.suse.com/security/cve/CVE-2022-1016
- https://www.suse.com/security/cve/CVE-2022-1048
- https://www.suse.com/security/cve/CVE-2022-1055
- https://www.suse.com/security/cve/CVE-2022-23036
- https://www.suse.com/security/cve/CVE-2022-23037
- https://www.suse.com/security/cve/CVE-2022-23038
- https://www.suse.com/security/cve/CVE-2022-23039
- https://www.suse.com/security/cve/CVE-2022-23040
- https://www.suse.com/security/cve/CVE-2022-23041
- https://www.suse.com/security/cve/CVE-2022-23042
- https://www.suse.com/security/cve/CVE-2022-24448
- https://www.suse.com/security/cve/CVE-2022-24958
- https://www.suse.com/security/cve/CVE-2022-24959
- https://www.suse.com/security/cve/CVE-2022-25258
- https://www.suse.com/security/cve/CVE-2022-25375
- https://www.suse.com/security/cve/CVE-2022-26490
- https://www.suse.com/security/cve/CVE-2022-26966
- https://www.suse.com/security/cve/CVE-2022-27666
- https://www.suse.com/security/cve/CVE-2022-28388
- https://www.suse.com/security/cve/CVE-2022-28389
- https://www.suse.com/security/cve/CVE-2022-28390
- https://www.suse.com/security/cve/CVE-2022-28748
Affected packages
SUSE:Real Time Module 15 SP2 / kernel-rt
Package
- Name
- kernel-rt
- Purl
- purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-150200.79.2
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-150200.79.2",
"dlm-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug": "5.3.18-150200.79.2",
"kernel-rt-devel": "5.3.18-150200.79.2",
"cluster-md-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug-devel": "5.3.18-150200.79.2",
"kernel-source-rt": "5.3.18-150200.79.2",
"kernel-rt": "5.3.18-150200.79.2",
"ocfs2-kmp-rt": "5.3.18-150200.79.2",
"gfs2-kmp-rt": "5.3.18-150200.79.2",
"kernel-syms-rt": "5.3.18-150200.79.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-rt_debug
Package
- Name
- kernel-rt_debug
- Purl
- purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-150200.79.2
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-150200.79.2",
"dlm-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug": "5.3.18-150200.79.2",
"kernel-rt-devel": "5.3.18-150200.79.2",
"cluster-md-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug-devel": "5.3.18-150200.79.2",
"kernel-source-rt": "5.3.18-150200.79.2",
"kernel-rt": "5.3.18-150200.79.2",
"ocfs2-kmp-rt": "5.3.18-150200.79.2",
"gfs2-kmp-rt": "5.3.18-150200.79.2",
"kernel-syms-rt": "5.3.18-150200.79.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-source-rt
Package
- Name
- kernel-source-rt
- Purl
- purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-150200.79.2
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-150200.79.2",
"dlm-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug": "5.3.18-150200.79.2",
"kernel-rt-devel": "5.3.18-150200.79.2",
"cluster-md-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug-devel": "5.3.18-150200.79.2",
"kernel-source-rt": "5.3.18-150200.79.2",
"kernel-rt": "5.3.18-150200.79.2",
"ocfs2-kmp-rt": "5.3.18-150200.79.2",
"gfs2-kmp-rt": "5.3.18-150200.79.2",
"kernel-syms-rt": "5.3.18-150200.79.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-syms-rt
Package
- Name
- kernel-syms-rt
- Purl
- purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-150200.79.1
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-150200.79.2",
"dlm-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug": "5.3.18-150200.79.2",
"kernel-rt-devel": "5.3.18-150200.79.2",
"cluster-md-kmp-rt": "5.3.18-150200.79.2",
"kernel-rt_debug-devel": "5.3.18-150200.79.2",
"kernel-source-rt": "5.3.18-150200.79.2",
"kernel-rt": "5.3.18-150200.79.2",
"ocfs2-kmp-rt": "5.3.18-150200.79.2",
"gfs2-kmp-rt": "5.3.18-150200.79.2",
"kernel-syms-rt": "5.3.18-150200.79.1"
}
]
}