openSUSE-SU-2022:2173-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:2173-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2022:2173-1
Related
Published
2022-06-24T08:53:23Z
Modified
2022-06-24T08:53:23Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 kernel was updated.

The following security bugs were fixed:

  • CVE-2022-1966: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)
  • CVE-2022-1975: Fixed a sleep-in-atomic bug that allows attacker to crash linux kernel by simulating nfc device from user-space. (bsc#1200143)
  • CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)
  • CVE-2020-26541: Enforce the secure boot forbidden signature database (aka dbx) protection mechanism. (bnc#1177282)
  • The following non-security bugs were fixed:

  • ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (git-fixes).

  • ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).
  • ACPI: sysfs: Make sparse happy about address space in use (git-fixes).
  • ALSA: hda/conexant - Fix loopback issue with CX20632 (git-fixes).
  • ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).
  • ALSA: usb-audio: Set up (implicit) sync for Saffire 6 (git-fixes).
  • ALSA: usb-audio: Skip generic sync EP parse for secondary EP (git-fixes).
  • ALSA: usb-audio: Workaround for clock setup on TEAC devices (git-fixes).
  • ASoC: dapm: Do not fold register value changes into notifications (git-fixes).
  • ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).
  • ASoC: rt5645: Fix errorenous cleanup order (git-fixes).
  • ASoC: tscs454: Add endianness flag in sndsoccomponent_driver (git-fixes).
  • ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (git-fixes).
  • ath9k: fix QCA9561 PA bias level (git-fixes).
  • b43: Fix assigning negative value to unsigned variable (git-fixes).
  • b43legacy: Fix assigning negative value to unsigned variable (git-fixes).
  • blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
  • blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263).
  • block: fix biocloneblkgassociation() to associate with proper blkcggq (bsc#1200259).
  • btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
  • cfg80211: set custom regdomain after wiphy registration (git-fixes).
  • clocksource/drivers/oxnas-rps: Fix irqofparseandmap() return value (git-fixes).
  • clocksource/drivers/sp804: Avoid error on multiple instances (git-fixes).
  • dma-buf: fix use of DMABUFSETNAME{A,B} in userspace (git-fixes).
  • dmaengine: zynqmpdma: In struct zynqmpdmachan fix descsize data type (git-fixes).
  • drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (git-fixes).
  • drivers: staging: rtl8192e: Fix deadlock in rtllibbeaconsstop() (git-fixes).
  • drivers: staging: rtl8192u: Fix deadlock in ieee80211beaconsstop() (git-fixes).
  • drivers: tty: serial: Fix deadlock in sa1100settermios() (git-fixes).
  • drivers: usb: host: Fix deadlock in oxubussuspend() (git-fixes).
  • drm: imx: fix compiler warning with gcc-12 (git-fixes).
  • drm: msm: fix error check return value of irqofparseandmap() (git-fixes).
  • drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (git-fixes).
  • drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).
  • drm/amdgpu/ucode: Remove firmware load type check in amdgpuucodefree_bo (git-fixes).
  • drm/atomic: Force bridge self-refresh-exit on CRTC switch (git-fixes).
  • drm/bridge: analogix_dp: Support PSR-exit to disable transition (git-fixes).
  • drm/i915: Fix -Wstringop-overflow warning in call to intelreadwm_latency() (git-fixes).
  • drm/i915: fix i915globalsexit() section mismatch error (git-fixes).
  • drm/komeda: return early if drmuniversalplane_init() fails (git-fixes).
  • drm/msm/dsi: fix address for second DSI PHY on SDM660 (git-fixes).
  • drm/plane: Move range check for format_count earlier (git-fixes).
  • drm/radeon: fix a possible null pointer dereference (git-fixes).
  • drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes (git-fixes).
  • efi: Add missing prototype for eficapsulesetup_info (git-fixes).
  • efi: Do not import certificates from UEFI Secure Boot for T2 Macs (git-fixes).
  • fbcon: Consistently protect deferredtakeover with consolelock() (git-fixes).
  • ftrace: Clean up hash direct_functions on register failures (git-fixes).
  • HID: bigben: fix slab-out-of-bounds Write in bigben_probe (git-fixes).
  • HID: multitouch: Add support for Google Whiskers Touchpad (git-fixes).
  • hwmon: Make chip parameter for with_info API mandatory (git-fixes).
  • i2c: cadence: Increase timeout per message if necessary (git-fixes).
  • i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (git-fixes).
  • iio: dummy: iiosimpledummy: check the return value of kstrdup() (git-fixes).
  • Input: bcm5974 - set missing URBNOTRANSFERDMAMAP urb flag (git-fixes).
  • Input: goodix - fix spurious key release events (git-fixes).
  • ipw2x00: Fix potential NULL dereference in libipw_xmit() (git-fixes).
  • irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).
  • irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (git-fixes).
  • irqchip/aspeed-i2c-ic: Fix irqofparseandmap() return value (git-fixes).
  • irqchip/exiu: Fix acknowledgment of edge triggered interrupts (git-fixes).
  • iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).
  • KVM: fix wrong exception emulation in check_rdtsc (git-fixes).
  • KVM: nVMX: Invalidate all roots when emulating INVVPID without EPT (git-fixes).
  • KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use (git-fixes).
  • KVM: nVMX: Set LDTR to its architecturally defined value on nested VM-Exit (git-fixes).
  • KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (git-fixes).
  • KVM: s390: pv: add macros for UVC CC values (git-fixes).
  • KVM: s390: pv: avoid double free of sida page (git-fixes).
  • KVM: s390: pv: avoid stalls for kvms390pvinitvm (git-fixes).
  • KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).
  • KVM: VMX: Flush all EPTP/VPID contexts on remote TLB flush (git-fixes).
  • KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation (git-fixes).
  • KVM: x86: clflushopt should be treated as a no-op by emulation (git-fixes).
  • KVM: x86: Do not force set BSP bit when local APIC is managed by userspace (git-fixes).
  • KVM: x86: Fix emulation in writing cr8 (git-fixes).
  • KVM: x86: Fix off-by-one error in kvmvcpuioctlx86setup_mce (git-fixes).
  • KVM: x86: Immediately reset the MMU context when the SMM flag is cleared (git-fixes).
  • KVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode (git-fixes).
  • KVM: x86: Mark CR4.TSD as being possibly owned by the guest (git-fixes).
  • KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any BSP (git-fixes).
  • KVM: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode (git-fixes).
  • KVM: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode (git-fixes).
  • KVM: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (git-fixes).
  • KVM: x86/emulator: Defer not-present segment check in _loadsegment_descriptor() (git-fixes).
  • KVM: x86/pmu: Fix HWREFCPUCYCLES event pseudo-encoding in intelarch_events[] (git-fixes).
  • mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (git-fixes).
  • md: fix an incorrect NULL check in doessbneed_changing (git-fixes).
  • md: fix an incorrect NULL check in mdreloadsb (git-fixes).
  • media: cx25821: Fix the warning when removing the module (git-fixes).
  • media: netup_unidvb: Do not leak SPI master in probe error path (git-fixes).
  • media: pci: cx23885: Fix the error handling in cx23885_initdev() (git-fixes).
  • media: venus: hfi: avoid null dereference in deinit (git-fixes).
  • misc: rtsx: set NULL intfdata when probe fails (git-fixes).
  • mmc: block: Fix CQE recovery reset success (git-fixes).
  • mmc: jz4740: Apply DMA engine limits to maximum segment size (git-fixes).
  • modpost: fix removing numeric suffixes (git-fixes).
  • modpost: fix undefined behavior of isarmmapping_symbol() (git-fixes).
  • mt76: check return value of mt76txqsendburst in mt76txqschedulelist (git-fixes).
  • mwifiex: add mutex lock for call in mwifiexdfschanswwork_queue (git-fixes).
  • net: rtlwifi: properly check for alloc_workqueue() failure (git-fixes).
  • nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION (git-fixes).
  • nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).
  • nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (git-fixes).
  • NFS: Do not report ENOSPC write errors twice (git-fixes).
  • nfsd: Fix null-ptr-deref in nfsdfillsuper() (git-fixes).
  • PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (bsc#1199365).
  • pcmcia: db1xxxss: restrict to MIPSDB1XXX boards (git-fixes).
  • pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).
  • platform/chrome: crosecproto: Send command again when timeout occurs (git-fixes).
  • platform/x86: wmi: Fix driver->notify() vs ->probe() race (git-fixes).
  • platform/x86: wmi: Replace readtakesno_args with a flags field (git-fixes).
  • devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).
  • raid5: introduce MD_BROKEN (git-fixes).
  • rtl818x: Prevent using not initialized queues (git-fixes).
  • rtlwifi: Use prwarn instead of WARNONCE (git-fixes).
  • s390: fix detection of vector enhancements facility 1 vs. vector packed decimal facility (git-fixes).
  • s390: fix strrchr() implementation (git-fixes).
  • s390/cio: dont call csswaitforslowpath() inside a lock (git-fixes).
  • s390/cio: Fix the 'type' field in s390ciotpi tracepoint (git-fixes).
  • s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).
  • s390/ctcm: fix potential memory leak (git-fixes).
  • s390/ctcm: fix variable dereferenced before check (git-fixes).
  • s390/dasd: fix data corruption for ESE devices (bsc#1200207 LTC#198454).
  • s390/dasd: Fix read for ESE with blksize 4k (bsc#1200206 LTC#198455).
  • s390/dasd: Fix read inconsistency for ESE DASD devices (bsc#1200206 LTC#198455).
  • s390/dasd: prevent double format of tracks for ESE devices (bsc#1200207 LTC#198454).
  • s390/ftrace: fix ftraceupdateftrace_func implementation (git-fixes).
  • s390/lcs: fix variable dereferenced before check (git-fixes).
  • s390/mcck: fix invalid KVM guest condition check (git-fixes).
  • s390/mcck: isolate SIE instruction when setting CIFMCCKGUEST flag (git-fixes).
  • s390/nmi: handle guarded storage validity failures for KVM guests (git-fixes).
  • s390/nmi: handle vector validity failures for KVM guests (git-fixes).
  • s390/pv: fix the forcing of the swiotlb (git-fixes).
  • s390/qdio: cancel the ESTABLISH ccw after timeout (git-fixes).
  • s390/qdio: fix roll-back after timeout on ESTABLISH ccw (git-fixes).
  • s390/vfio-ap: fix circular lockdep when setting/clearing crypto masks (git-fixes).
  • serial: msmserial: disable interrupts in _msmconsolewrite() (git-fixes).
  • spi: Introduce device-managed SPI controller allocation (git-fixes).
  • spi: spi-rspi: Remove setting {src,dst}{addr,addrwidth} based on DMA direction (git-fixes).
  • spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).
  • staging: rtl8712: fix uninit-value in r871xudrvinit() (git-fixes).
  • staging: rtl8712: fix uninit-value in usb_read8() and friends (git-fixes).
  • tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (git-fixes).
  • tty: Fix a possible resource leak in icom_probe (git-fixes).
  • tty: synclinkgt: Fix null-pointer-dereference in slgtclean() (git-fixes).
  • usb: core: hcd: Add support for deferring roothub registration (git-fixes).
  • usb: dwc2: gadget: do not reset gadget's driver->bus (git-fixes).
  • usb: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).
  • usb: host: isp116x: check return value after calling platformgetresource() (git-fixes).
  • usb: new quirk for Dell Gen 2 devices (git-fixes).
  • usb: serial: option: add Quectel BG95 modem (git-fixes).
  • vfio-ccw: Check initialized flag in cp_init() (git-fixes).
  • vfio/ccw: Remove unneeded GFP_DMA (git-fixes).
  • video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xxgcuprobe/remove() (git-fixes).
  • virtio/s390: implement virtio-ccw revision 2 correctly (git-fixes).
  • vringh: Fix loop descriptors check in the indirect cases (git-fixes).
  • watchdog: wdat_wdt: Stop watchdog when rebooting the system (git-fixes).
References

Affected packages

openSUSE:Leap Micro 5.2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=openSUSE%20Leap%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.59.76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "5.3.18-150300.59.76.1.150300.18.45.2",
            "kernel-default": "5.3.18-150300.59.76.1"
        }
    ]
}

openSUSE:Leap Micro 5.2 / kernel-default-base

Package

Name
kernel-default-base
Purl
purl:rpm/suse/kernel-default-base&distro=openSUSE%20Leap%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.59.76.1.150300.18.45.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "5.3.18-150300.59.76.1.150300.18.45.2",
            "kernel-default": "5.3.18-150300.59.76.1"
        }
    ]
}