AusCERT - Security Bulletins
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 13 perc 19 másodperc
ESB-2022.1669 - [Virtual] VMware Cloud Director: CVSS (Max): 9.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1669
VMSA-2022-0013 - VMware Cloud Director update addresses
remote code execution vulnerability (CVE-2022-22966)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: VMware Cloud Director
Publisher: VMware
Operating System: Virtualisation
VMware ESX Server
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22966
Original Bulletin:
https://www.vmware.com/security/advisories/VMSA-2022-0013.html
Comment: CVSS (Max): 9.1 CVE-2022-22966 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
CVSS Source: VMware
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Critical
Advisory ID: VMSA-2022-0013
CVSSv3 Range: 9.1
Issue Date: 2022-04-14
Updated On: 2022-04-14 (Initial Advisory)
CVE(s): CVE-2022-22966
Synopsis: VMware Cloud Director update addresses remote code execution
vulnerability (CVE-2022-22966)
1. Impacted Products
o VMware Cloud Director
2. Introduction
A remote code execution vulnerability in VMware Cloud Director was privately
reported to VMware. Updates are available to remediate these vulnerabilities
in affected VMware products.
3. Remote code execution vulnerability (CVE-2022-22966)
Description
VMware Cloud Director contains a remote code execution vulnerability.VMware
has evaluated the severity of this issue to be in the Critical severity range
with a maximum CVSSv3 base score of 9.1 .
Known Attack Vectors
An authenticated, high privileged malicious actor with network access to the
VMware Cloud Director tenant or provider may be able to exploit a remote code
execution vulnerability to gain access to the server.
Resolution
To remediate CVE-2022-22966, apply the patches listed in the 'Fixed Version'
column of the 'Response Matrix' found below.
Workarounds
Workarounds for CVE-2022-22966 have been documented in the VMware Knowledge
Base articles listed in the 'Workarounds' column of the 'Response Matrix'
below.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Jari Jaaskela (@JJaaskela) for reporting this
vulnerability to us.
Response Matrix
Product Version Running CVE Identifier CVSSv3 Severity Fixed Workarounds Additional
On Version Documentation
VMware
Cloud 10.3.x Any CVE-2022-22966 9.1 critical 10.3.3 KB88176 None
Director
VMware
Cloud 10.2.x Any CVE-2022-22966 9.1 critical 10.2.2.3 KB88176 None
Director
VMware
Cloud 10.1.x Any CVE-2022-22966 9.1 critical 10.1.4.1 KB88176 None
Director
4. References
VMware Cloud Director 10.3.3
https://docs.vmware.com/en/VMware-Cloud-Director/10.3.3/rn/
vmware-cloud-director-1033-release-notes/index.html
VMware Cloud Director 10.2.2.3:
https://docs.vmware.com/en/VMware-Cloud-Director/10.2.2.3/rn/
vmware-cloud-director-10223-release-notes/index.html
VMware Cloud Director 10.1.4.1:
https://docs.vmware.com/en/VMware-Cloud-Director/10.1.4.1/rn/
vmware-cloud-director-10141-release-notes/index.html
Workarounds :
https://kb.vmware.com/s/article/88176
Mitre CVE Dictionary Links :
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22966
FIRST CVSSv3 Calculator:
CVE-2022-22966: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/
PR:H/UI:N/S:C/C:H/I:H/A:H
5. Change Log
2022-04-14 VMSA-2022-0013
Initial security advisory.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5Dl+NLKJtyKPYoAQg1Ww/6A6XwvkBkIMCpiMfmuPDI8WAkjBL+fr8i
lFdX7CZLwfxguytw3lwiHTvoLUbP2ECL3Frnz/mtuuxUUTGqU+vBS9HRKyHzlOtx
l7frWOG/W1t9ADCKtdwlSc/XljACU1blNBbGqf406Lb5G1kEpS8AjFkxgYsipP3i
BRboRBAlW0N/nuRiQv5X6NbLFIYizmilmw/Cz2s8lIkrZ+a1LXNXGatWvwNlQ49u
Ta52Dk8yMraWl9NcQtQi7FCB9xCvW6NoMW4G+DDzv+Za+k2W1cLePAIHI5W+AieH
6o4IFS9PcktoMinRujm7Opt5cB3jRzMR8DLp8p/PscU9+Pj8kcQB6pRBwbrwqdcU
ZcGrXZrAURoUNrftyuN0y6R120H8VXFRSr6Jaqyl+BnRrr2Y8hLjXHljeeG0brI/
x9/07/n71cVB7ktW0lHfK1uVpKFfCazYVFiF404ns8j7epx1i9+aUv6VQws+Yydf
fpnkI1Jb9RGefLm2aTpahNgPi4QLgMYo1WR4iMLRj8nR6/VtOM1bOZZv2UEZNlMl
W/Xa0wGVV3zUqXcq3xe86jiVQCPaoPGELH7odbOd3jrBxIf16IzNecFn+MSx0Zw8
9nDlnXMUGuKDMhBlucLijRbYX7EBMu+Pr4EAhoXKfiw1hFpvbvb9uX5tR8OCvMYE
wLs27eccfFU=
=Ks7u
-----END PGP SIGNATURE-----
ESB-2022.1431.4 - UPDATE [Virtual] VMware Tanzu Products: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1431.4
Multiple products impacted by remote code execution vulnerability
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
Publisher: VMware
Operating System: Virtualisation
VMware ESX Server
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22965
Original Bulletin:
https://www.vmware.com/security/advisories/VMSA-2022-0010.html
Revision History: April 19 2022: Corrected subject to include CVSS(Max)
April 19 2022: Vendor updated advisory
April 8 2022: Vendor added new patched versions of Tanzu Operations Manager
April 4 2022: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
Critical
Advisory ID: VMSA-2022-0010.5
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-14
CVE(s): CVE-2022-22965
Synopsis: VMware Response to Spring Framework Remote Code Execution
Vulnerability (CVE-2022-22965)
IMPORTANT See the Notes section if prior to April 6, 3 PM PST you have updated
TAS or Ops Manager or you have applied workarounds to TAS, Ops Manager or
TKGi.
1. Impacted Products
o VMware Tanzu Application Service for VMs (TAS)
o VMware Tanzu Operations Manager (Ops Manager)
o VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
2. Introduction
A critical vulnerability in Spring Framework project identified
by CVE-2022-22965 has been publicly disclosed which impacts VMware products.
3. Problem Description
Description
Multiple products impacted by remote code execution vulnerability
(CVE-2022-22965).
Known Attack Vectors
A malicious actor with network access to an impacted VMware product may
exploit this issue to gain full control of the target system.
Resolution
Fixes for CVE-2022-22965 are documented in the 'Fixed Version' column of the
'Response Matrix' below.
Workarounds
Workarounds for CVE-2022-22965 are documented in the 'Workarounds' column of
the 'Response Matrix' below.
Additional Documentation
None.
Notes
o 2022-04-04: At the time of this publication, VMware has reviewed its
product portfolio and found that the products listed in this advisory are
affected. VMware continues to investigate this vulnerability, and will
update the advisory should any changes evolve.
o 2022-04-06: VMware is aware of reports that exploitation of CVE-2022-22965
has occurred in the wild.
2022-04-06: Customers that have applied the workaround for TAS, Ops
Manager, or TKGI prior to April 6, 3 PM PST will need to reapply the
workaround. The new workaround instructions now use UAA 74.5.37 which
properly addresses CVE-2022-22965.
o 2022-04-06: Customers that have updated to TAS 2.10.29, 2.11.17, 2.12.10
or 2.13.1 will need to update to the TAS versions listed in this advisory.
The patched versions now listed in this advisory ship with UAA 74.5.37
which properly addresses CVE-2022-22965.
o 2022-04-06: Customers that have updated to Ops Manager 2.8.20, 2.9.35 or
2.10.35 are advised to deploy the workaround as no version for Ops Manager
is yet available that addresses CVE-2022-22965.
o 2022-04-07: Customers that have updated to Ops Manager 2.8.20, 2.9.35 or
2.10.35 will need to update to the Ops Manager versions listed in this
advisory. The patched versions now listed in this advisory ship with UAA
74.5.37 which properly addresses CVE-2022-22965.
o 2022-04-08: Investigations have concluded, and the list of affected VMware
products contained in the 'Response Matrix' below is complete.
Acknowledgements
None.
Response Matrix
Product Version Running CVE Identifier CVSSv3 Severity Fixed Workarounds Additional
On Version Documentation
Tanzu Article
Application 2.13 Any CVE-2022-22965 9.8 critical 2.13.2 Number None
Service for 14035
VMs
Tanzu Article
Application 2.12 Any CVE-2022-22965 9.8 critical 2.12.11 Number None
Service for 14035
VMs
Tanzu Article
Application 2.11 Any CVE-2022-22965 9.8 critical 2.11.18 Number None
Service for 14035
VMs
Tanzu Article
Application 2.10 Any CVE-2022-22965 9.8 critical 2.10.30 Number None
Service 14035
Tanzu Article
Operations 2.10 Any CVE-2022-22965 9.8 critical 2.10.37 Number None
Manager 14035
Tanzu Article
Operations 2.9 Any CVE-2022-22965 9.8 critical 2.9.36 Number None
Manager 14035
Tanzu Article
Operations 2.8 Any CVE-2022-22965 9.8 critical 2.8.21 Number None
Manager 14035
TKGI 1.13 Any CVE-2022-22965 9.8 critical Patch KB88102 None
Pending
TKGI 1.12 Any CVE-2022-22965 9.8 critical 1.12.5 KB88102 None
TKGI 1.11 Any CVE-2022-22965 9.8 critical 1.11.10 KB88102 None
4. References
Fixed Version(s) and Release Notes:
Tanzu Application Service
Downloads and Documentation:
https://network.pivotal.io/products/elastic-runtime/
Tanzu Operations Manager
Downloads and Documentation:
https://network.tanzu.vmware.com/products/ops-manager
VMware TKGI
Downloads and Documentation:
https://network.pivotal.io/products/pivotal-container-service/
TKGI 1.12.5: https://docs.pivotal.io/tkgi/1-12/release-notes.html#1-12-5
TKGI 1.11.10: https://docs.pivotal.io/tkgi/1-11/release-notes.html#1-11-10
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965
FIRST CVSSv3 Calculator:
CVE-2022-22965: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/
PR:N/UI:N/S:U/C:H/I:H/A:H
5. Change Log
2022-04-02 VMSA-2022-0010
Initial security advisory.
2022-04-06 VMSA-2022-0010.1
Updated workaround for Tanzu Operations Manager
2022-04-06 VMSA-2022-0010.2
Added new, patched versions for TAS. Added alert to the Notes section on the
need to update versions or reapply the workaround.
2022-04-07 VMSA-2022-0010.3
Added new patched versions of Tanzu Operations Manager.
2022-04-08 VMSA-2022-0010.4
Added note confirming investigations have concluded.
2022-04-14 VMSA-2022-0010.5
Added patched versions for TKGI 1.12 and TKGI 1.11
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl5Ko+NLKJtyKPYoAQjZ3w/+NeCjtZmxsZeg3nnnHiL5FhFcJ+ur/KMp
3f7yQJsTNCjJ4bbnQiJVChfpzKzVKLenjZooPCn++X9M9SPlm0s9wQdeFCfJY3ni
08KZxmtGwgmlowsQkKSOc8/iwpF2IiyFshNwUJ3ih6bpjIjAMC4OL+4+TkQmRqtc
+XDYQfy33+TIPviA8JWE8f89fDDttWJO/AHGgLtMkHUabyYEmmggiZ5+Y8JXOvBp
7GiE5DogkAPQtDwpW9WbHit0xmY2RfqU3XJtN6j/+4TMHtzoDuh/iufJVbt68eSj
f+UKyfFFX6omNFdJqUwIEfNIeZAV1RECkijN38NjfwUOoWfWvukxmR++wGUuMWip
Ks890E08+ESFbAJFlZavNvKIxvT065dtaqXVpsX586VJpG/BuMn6vhDNn5KDHHXj
k98heq/6IYZGXzzSIWaEYn3g94laXBdvX7kJrYllRE33Olj9KC4DmLGt+vyrgiZd
NI3/PYmpYHcNOtvEMmmq3yjfPozO7QUEdw3roK28jx9NZs5r6THHbtW8tahF3Oh2
yvn64kBspA0DFlY2oc4b626ZfNsmlCr5QxdA4H+Fd9a8ypbaJFArl5iAxx7hwoy8
rbxdg8xpJmzZqDGAVwwYKQtLM7b0tpmYxsV5rvTH27FUSQnWubmdF+gppP/8S7h7
iGR/9e1IYY8=
=GN4H
-----END PGP SIGNATURE-----
ESB-2022.1668 - [Debian] abcm2ps: CVSS (Max): 9.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1668
abcm2ps security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: abcm2ps
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2021-32436 CVE-2021-32435 CVE-2021-32434
CVE-2019-1010069 CVE-2018-10771 CVE-2018-10753
Original Bulletin:
https://www.debian.org/lts/security/2022/dla-2983
Comment: CVSS (Max): 9.8 CVE-2018-10771 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
From: Anton Gladky
To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2983-1] abcm2ps security update
- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2983-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Anton Gladky
April 16, 2022 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------
Package : abcm2ps
Version : 7.8.9-1+deb9u1
CVE ID : CVE-2018-10753 CVE-2018-10771 CVE-2019-1010069 CVE-2021-32434
CVE-2021-32435 CVE-2021-32436:
Multiple vulnerabilities have been discovered in abcm2ps: program which
translates ABC music description files to PostScript.
CVE-2018-10753
Stack-based buffer overflow in the delayed_output function in music.c
allows remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact.
CVE-2018-10771
Stack-based buffer overflow in the get_key function in parse.c allows remote
attackers to cause a denial of service (application crash) or possibly have
unspecified other impact.
CVE-2019-1010069
Incorrect access control allows attackers to cause a denial of service via a
crafted file.
CVE-2021-32434
Array overflow when wrong duration in voice overlay.
CVE-2021-32435
Stack-based buffer overflow in the function get_key in parse.c allows remote
attackers to cause a senial of service (DoS) via unspecified vectors.
CVE-2021-32436
Out-of-bounds read in the function write_title() in subs.c allows remote
attackers to cause a denial of service via unspecified vectors.
For Debian 9 stretch, these problems have been fixed in version
7.8.9-1+deb9u1.
We recommend that you upgrade your abcm2ps packages.
For the detailed security status of abcm2ps please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/abcm2ps
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmJbpzsACgkQ0+Fzg8+n
/wb3FhAAkxX+SysYeZnpdq+bMS8MOSftBP1iRKBGrJ7c8rv1vT9MK2ZsxVDScl8q
tgt+UvraL5x46o9axFmDcWvQYe4Q82vZuRj2HqYqvqaJkjZYF/gPjqXiptLLPeZ+
IH3XAUhOofFt5iNqICINiy4lIHcyPyCMQItiXe0rR3k21MHnk6RIgAgi4dOWh/aD
6A53kzWIhXiTqkKX4m18Al+dpobhC870sTuvg8gW6QuwrETYBtfa7G1ZGsagR01p
KPXO5pVBYhUhw7QRpxprKbUriCNv44mX4ZZRumyh863jtcS7ZJJlcXa+pehYOSPs
aZw5iweKt5fu6S7KGvZa+1bHJXVEFyxuAu/kMzTsdTTDZk1FGA9zThPr17gzQ+b1
sEfrjKh7Ux3gsfFzhNKczAdvl8kIgkRV5FHbH9GD9FMihxFcgrE0j0yVC7BGK7rX
16Z/TYxgliC1aPRVx4WCYQfWwiiJvgDAkxjkHR5D8S8+/qZ+iAK26EEuR2Zk9k7O
XmlCZNuQP0clVLRmg2PtA/ao5/dSgFlHtwK4S7OjBAIiMZgojnQr8WcBvGynl/St
8bEg9v9yDArRwC6uymqpq3II8jzL35CBx5OsPAKetC3bAQ87ImNyk+K3JwMaHFs4
Ls1bzO7vVQc92sALs8KpJqc9KxA4eihczQl/j5YEivJN91NsgvE=
=JgCR
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4qhONLKJtyKPYoAQgsTQ//XR7cmXQxAYnyO4qVw+Y3C0h4LsMi4/SC
Y/jPCuXaqIlq9AMIiRM41s5sY+Oka4ei8D4URBF0F6rJXv86S7T9EqgXEcb1CX8F
0sMgxJvgLM13tTylTeCOB7D3U+cz+NfT3c7bpFIsFNGv+C5n+oa5V3d4H0PexniU
au6bAHcUZUm1FmLzAF7N67Y7c1QfEypGnMHcfuNvD4TOWGg2K15p4KqwCVPacayk
puRbuXgjYWvq9fqT9GckQ01pg+YyWnutTWH71eDUx33Z89o2yS4hWmxjMnCbPPZQ
fnj9P2pPHuFzGesGYfVEQmcf50ing6oZpeSufnGkiYPajbOpopuUDfEykFW35C3H
Pval9hFlswm+1hIVistXO53Y1Lyin61V6UORQT4kEwBpkx2I6Kg1E/c2wtB/TD7f
md1khoBkOWSKCaphKbaYQtSrNjuc0iDoAg+HB1XJFb7RvhKnU6t5XIfdtLtMp7BT
adasr2MN3o8wkaZiQzI9iH2td7IvBQyJqqzacdywbFo0Y7BMtS7Uz6FS9lOtH3ER
Z7qefA37inlpJnxjmCoWSjBQUrx9H+Hxauwq9MSgUbuTmjvGyojX1QKW5PnO4DaQ
1sOW4yv9pTDTYWJTkN+FHOen6dAnKEtB+SFgtdCpYLqoqofl95sTzhwrjFBUZr/d
vftda5ucwTE=
=2oSU
-----END PGP SIGNATURE-----
ESB-2022.1667 - [Debian] python-django: CVSS (Max): 7.3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1667
python-django security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: python-django
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28346
Original Bulletin:
https://www.debian.org/lts/security/2022/dla-2982
Comment: CVSS (Max): 7.3 CVE-2022-28346 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2982-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
April 14, 2022 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------
Package : python-django
Version : 1:1.10.7-2+deb9u16
CVE ID : CVE-2022-28346
Debian Bug : #1009677
It was discovered that there was potential SQL injection attack
vulnerability in Django, a popular Python-based web development
framework.
QuerySet.annotate(), aggregate(), and extra() methods were subject to
SQL injection in column aliases, using a suitably crafted dictionary,
with dictionary expansion, as the **kwargs passed to these methods.
For more information, please see:
https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
For Debian 9 "Stretch", this problem has been fixed in version
1:1.10.7-2+deb9u16.
We recommend that you upgrade your python-django packages.
For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmJYQXwACgkQHpU+J9Qx
HlhvxxAApORZR07Bo6XcViIWJRdiewPjDzK013qFP6Wm/hI9bbIpID3z83xbchb0
G/SNpbyLJWaBhSqGjWecbMIskuUNfas4mh3eZ/F6uJoFxGvW0asA8kgqcLI4z7d0
uWzhi/WyIKNGTbS+J82oiS1weEj3TfNWtLaiDtA37/fJxFGRGRKjLerpCuOve1t+
XcdpuwzEyw1aiqQlD6PlEy87Dntr6+zUtEhQP6/o/sLF5vrIKDivSsfgssPB+QR0
6zKvYhDzpcKxX46Mj0llXVLREOkj/CxKnQPFOnCiuiL0q+JZLXJb2LYVSlV0h6j2
/DD5LK6EgNT++OTP3SdoRVIukEjpHPWiHdYkYBVUvcC05fA2+klU2vm12boooZ0a
YoFewRbdDmXR4nIiq0jRU7wqkrryfyEGz2lE4Ej/BADye0ZIPcYZC1Jbgi+Cl21Q
ahM1jK7AZCFVwVnvcwirv/ZPRwCqPbWDVQEJIolhvFtwpZ4YLEdZ+qALH0K0eIu2
ldPcWIZXXFiL2sn9JjBMnhq1komJ6UtwyRYOcxNRB4EImjzr9QAPS5q4ohmvZ7E0
MsAr7AqJOXhKp5oqbp30Fvx5Om7HYyo/8KrXAMZQAUuPMNKM+LzNV3O4YSkZ9f9w
zNRpiLYf58bQ9TDSZT8JwfWdysG0CZtba9uWLS0/9PMjNFakm6I=
=RZ82
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4qc+NLKJtyKPYoAQhNQhAAr55wVW2k9CfEqMIbEfvx0mbLBOy902zs
fCOheq2FTD9cqysjIvXFIk+wXDN0jwvX79/qBZ3TEdRJ/gKxPKis2pJr3syPJp5i
azbDf5AW5aMoJv+69n+czvYNsXNrSQG35DQrJ/gDoAkM63zHK3IWyUOlohXB4mFQ
kMqo1vZG3FcJG/1TxR/Q/KWqlCIZRmQIoclrt/7kwX9XzsjUWRFD8Li0nPj4FVfT
xnXzTf1ogTZm1UsCtTAc9e2vr0wHSFkqzzcRPYAtmkRkzCRR1JIu7qE0OkqmqkZM
h2QqNLzZXJs3TsqWJsiAdiJkMPiHC9onFAhnRZELfE8vgqS8LQYr+QMR61UkEMdw
t3bbuhdz5a606eu+HBEiDyxp/8M8KMRE2a9yZ6lTIZmbMuaWXMIoF+SAtqPei4SR
VAelHyNrtyipuyetzYNQXlJzV85rg+Ur50a4zq8+RbkSGnvNSJj8QjZOanGJIbPW
FMLoMgmoVRa5OgfWxZYwMlnpOvI8mcZX3W2COpb9jhnYiHNGYUnqpA8lZVSsDoZ0
GaSn9yUTMo3DvXO3af98XbLq9EncYa9x7CVNDjvEKbsXfJZoNiDXAW5rYbOxvCd4
aFJYYiXiatQolQHz3D3gVEIgs2rohNXlKZ0WAY91/nNS5gTWoB0q/fSzHNe3Rg2T
Z6v3R+7f85o=
=Gkg3
-----END PGP SIGNATURE-----
ESB-2022.1666 - [Debian] fribidi: CVSS (Max): 7.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1666
fribidi security update
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: fribidi
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-25310 CVE-2022-25309 CVE-2022-25308
Original Bulletin:
https://www.debian.org/lts/security/2022/dla-2974
Comment: CVSS (Max): 7.0 CVE-2022-25308 (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2974-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
April 10, 2022 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------
Package : fribidi
Version : 0.19.7-1+deb9u2
CVE ID : CVE-2022-25308 CVE-2022-25309 CVE-2022-25310
Several issues have been found in fribidi, a free Implementation of the
Unicode BiDi algorithm. The issues are related to stack-buffer-overflow,
heap-buffer-overflow, and a SEGV.
CVE-2022-25308
stack-buffer-overflow issue in main()
CVE-2022-25309
heap-buffer-overflow issue in fribidi_cap_rtl_to_unicode()
CVE-2022-25310
SEGV issue in fribidi_remove_bidi_marks()
For Debian 9 stretch, these problems have been fixed in version
0.19.7-1+deb9u2.
We recommend that you upgrade your fribidi packages.
For the detailed security status of fribidi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fribidi
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmJYTGVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEd79Q/8DYl02kz57vsUm7vlBtsvZEZoQSo/jBIMmnqrTjyuDVhbrI5AOuHOi1J1
IwxtcZX5sVGku4a1vBkCKm3mzUKgFQ0v9T0jB20UMDlz+JqaB5+8+US3Vw1tHHSd
/eHfmMzTrQ3aZdDripFhI6Z1rbV/F65TAgNv2NfLXPmhof+rU9+bLX0KfxPlbvyC
sjIYxlois30Pm/TgGZXGSlH58ObjLMySPnw06DkG6UbDFp0kVQcdRJXw/pdzWe7r
pMMJT99L7mz7p+OQcMqMeKqg+YSdoV3Y08h9TwmpEXKShU66KgDyZcC+VdmLU0+W
0qNZr4F269TdaIrZzXTjZM6fUerZvmHikoskt4aj0IFLoSrmf4suEw3LfJ1r4sdZ
2WgsnQ9M6uQRHgNfBN4WucIjRNEs7uY9MwfWU2HBYuTlAEc/nja+Z2Pr9MRDJrRD
oAMc+g/mBS9y6VC0HeHLkksV/8U4Vd//gnYw9MaJ0NyiJi+1cs/wAvzCl+fFS5XT
dK5tJnvE682eeTQuSCBZ9vPoNdHWK2QfZfuh1SkEtag/pmRhzyjurCDYmvSNu2BE
RGNbMVKyIlz59avBXF1VnfY6ePjuoMZcwn0T2V3uIxjcGlcmbUUZ+RUvBZRh6uQp
mT3lx+7f/3JU5DgCAUddNekhuYeb0qNvWCH5vgGVSxtMEQhqHNw=
=x/SH
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4qLuNLKJtyKPYoAQgXzw/+OPq+QJCY83QuUY/6yqbYqE2Ohk/t5ni8
tew84Fnen0vkk8XcRsjBl5hmnRauMFHCLJuBUXAlEmk3EQ0RRN5RW6rYjAwPGhH1
+7Yw5x+HGA0IbVIVaO1HTd02NvBY8Zw3AGEmyOqRR/8+BbEvCUOi03zCMbjc6r81
qAM05KafqPN4Ds3Ufe6MDRH3YkAO7XAgd3WNq3gJOtmNlK0ohWBZnhvx5RJ6Q767
XeFMkCHWcZqph3vrzRoRh+j/ztqISfMOI7AT3DCbS/eq9AbttgJi4+d+jpINQqIN
PU4K566/1iUSHDrNAxvOqM3Owc354Noyzaxwr2BooT8RE4LcCUbHtij1AtOlGsUc
V/9kLMpWrPicipewlYsz4YisGR9bd2Y4P7M4E4hN6kAzzn9DHo+7cQBi4KE3aPDe
wlw/yG4Ll0HxXTfMuqs8ExMDElA+8eqYyrP7svwFmCmNbSmShpuoktk+fd+w9eyS
15ST4GQJGxpkrzGPY8ZzIR9NfKvfB1g+eHao02GgwzYcUSnKphUQQ8cgWKq1sPDv
D42jsWPnW5/W/kXBcMjlcufeoPPSE/0oCv3WjW5UmT+BIxVUBvJ5Lexvbh5jyYM9
hfVzkKFChMg/3Y5tV1W784fKIT94ITK0BoMybaP82UCFAiNIERfCOwMP0ZZrUC3o
KVlKMG+RfoM=
=f0tz
-----END PGP SIGNATURE-----
ESB-2022.1665 - [SUSE] zlib: CVSS (Max): 8.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1665
Security update for zlib
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: zlib
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2018-25032
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221061-2
Comment: CVSS (Max): 8.1 CVE-2018-25032 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for zlib
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1061-2
Rating: important
References: #1197459
Cross-References: CVE-2018-25032
Affected Products:
SUSE Linux Enterprise Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for zlib fixes the following issues:
o CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1061=1
Package List:
o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libz1-1.2.11-150000.3.30.1
libz1-debuginfo-1.2.11-150000.3.30.1
zlib-debugsource-1.2.11-150000.3.30.1
References:
o https://www.suse.com/security/cve/CVE-2018-25032.html
o https://bugzilla.suse.com/1197459
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4p9eNLKJtyKPYoAQiypw//Y6fDcx3pUcTL4sk6gIhXgqpL6qHj/zs8
So1AIHtxMUyWuVVpn/stTH6p/HeyobxlJ9yQU5IkQPPaf3hc6FOsndkQdEAoOy3A
Ok3kveuj8IEXNp1CXFc9O7Sg7qUxl+mYpmeOtSAmD0dswqJFpDv+gvO3fQT/p8of
i75pA8FxjTkK7mEl4w4qv577GwwCNi8U7eh1EF9b1nUPpZ8QDq+yFH8DrKt2nGYC
JJq3H0P0ZaNjCLW+I2vFQDayTvSC2Og4RD4N8dyKOGc0fLDvyHhZUpiFKP5jAK9/
tBhVQjrCbnRrSSAY2rhudGToBcDDHbC1AtzWQM5m8TQJMADMyP9MBIoVcZP9rAyp
1JwptnWH+2oK3F0+gtBDBL0i++PoUFVUluJNHV35Iiz4/SL1dH2dWY0rWA9WLv5S
rECiD2oH/c1DjjWRA7yVZiMNcWH2LiEGy9BbnsR+ENvXDACgCxaqKc575FkSbFVT
ZSSsU9bxN9VxWoVjZAH7Pk8j2B8M1ZZ4+CcZle+sV4iHFAAwU9XI6DHf92dZl1dP
qOHbvI1JOvK6d+V7k55Ls8O6UAW8TFJjEeZpkM3KVvCPZKEQbb+XrlwogSQfg3h/
Exo3y+hVSjXHhJQc9vTgIj4JMnTh3tw8IqqZNFcbRuAtGRUgoVd5ftzOPyY4JK4x
mnOHjsHFfl8=
=SPT2
-----END PGP SIGNATURE-----
ESB-2022.1664 - [SUSE] kernel: CVSS (Max): 8.4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1664
Security update for the Linux Kernel
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28390 CVE-2022-28389 CVE-2022-28388
CVE-2022-27666 CVE-2022-26966 CVE-2022-26490
CVE-2022-23042 CVE-2022-23041 CVE-2022-23040
CVE-2022-23039 CVE-2022-23038 CVE-2022-23037
CVE-2022-23036 CVE-2022-1055 CVE-2022-1048
CVE-2022-1016 CVE-2022-0854 CVE-2022-0850
CVE-2021-45868 CVE-2021-39698 CVE-2021-0920
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221197-1
Comment: CVSS (Max): 8.4 CVE-2022-1055 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1197-1
Rating: important
References: #1179639 #1189562 #1193731 #1194943 #1195051 #1195254
#1195353 #1195403 #1195939 #1196018 #1196196 #1196468
#1196488 #1196761 #1196823 #1196830 #1196836 #1196956
#1197227 #1197331 #1197366 #1197389 #1197462 #1197702
#1197914 #1198031 #1198032 #1198033
Cross-References: CVE-2021-0920 CVE-2021-39698 CVE-2021-45868 CVE-2022-0850
CVE-2022-0854 CVE-2022-1016 CVE-2022-1048 CVE-2022-1055
CVE-2022-23036 CVE-2022-23037 CVE-2022-23038 CVE-2022-23039
CVE-2022-23040 CVE-2022-23041 CVE-2022-23042 CVE-2022-26490
CVE-2022-26966 CVE-2022-27666 CVE-2022-28388 CVE-2022-28389
CVE-2022-28390
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
______________________________________________________________________________
An update that solves 21 vulnerabilities and has 7 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP2 kernel was updated.
The following security bugs were fixed:
o CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota file.
(bnc#1197366)
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c.
(bsc#1196761)
o CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a
local attacker to gain privilege escalation. (bnc#1197702)
o CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#
1197331)
o CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
o CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
o CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
o CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
o CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA
subsystem. This flaw allowed a local user to read random memory from the
kernel space. (bnc#1196823)
o CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed
attackers to obtain sensitive information from the memory via crafted frame
lengths from a USB device. (bsc#1196836)
o CVE-2021-39698: Fixed a possible memory corruption due to a use after free
in aio_poll_complete_work. This could lead to local escalation of privilege
with no additional execution privileges needed. (bsc#1196956)
o CVE-2021-0920: Fixed a race condition during UNIX socket garbage collection
that could lead to local privilege escalation. (bsc#119373) -
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to
read/write access to memory pages or denial of service. These issues are
related to the Xen PV device frontend drivers. (bsc#1196488)
CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker
with adjacent NFC access could crash the system or corrupt the system memory.
(bsc#1196830)
The following non-security bugs were fixed:
o ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#
1196018).
o cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
o drm: add a locked version of drm_is_current_master (bsc#1197914).
o drm: drm_file struct kABI compatibility workaround (bsc#1197914).
o drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
o drm: serialize drm_file.master with a new spinlock (bsc#1197914).
o drm: use the lookup lock in drm_is_current_master (bsc#1197914).
o net: tipc: validate domain record count on input (bsc#1195254).
o llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
o net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#
1196018).
o net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
o netfilter: conntrack: do not refresh sctp entries in closed state (bsc#
1197389).
o powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc
#1179639 ltc#189002 git-fixes).
o SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).
o usb: host: xen-hcd: add missing unlock in error path (git-fixes).
o xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
(bsc#1196488, XSA-396).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1197=1
o SUSE Manager Retail Branch Server 4.1:
zypper in -t patch
SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1197=1
o SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1197=1
o SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1197=1
o SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1197=1
o SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1197=1
o SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1197=1
o SUSE Linux Enterprise Module for Live Patching 15-SP2:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-1197=1
o SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1197=1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1197=1
o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1197=1
o SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-1197=1
o SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1197=1
Package List:
o SUSE Manager Server 4.1 (ppc64le s390x x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Manager Server 4.1 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Manager Server 4.1 (x86_64):
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
o SUSE Manager Retail Branch Server 4.1 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Manager Retail Branch Server 4.1 (x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Manager Proxy 4.1 (x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Manager Proxy 4.1 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x
x86_64):
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-livepatch-5.3.18-150200.24.112.1
kernel-default-livepatch-devel-5.3.18-150200.24.112.1
kernel-livepatch-5_3_18-150200_24_112-default-1-150200.5.5.1
kernel-livepatch-5_3_18-150200_24_112-default-debuginfo-1-150200.5.5.1
kernel-livepatch-SLE15-SP2_Update_26-debugsource-1-150200.5.5.1
o SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64
x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64
x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
o SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x
x86_64):
cluster-md-kmp-default-5.3.18-150200.24.112.1
cluster-md-kmp-default-debuginfo-5.3.18-150200.24.112.1
dlm-kmp-default-5.3.18-150200.24.112.1
dlm-kmp-default-debuginfo-5.3.18-150200.24.112.1
gfs2-kmp-default-5.3.18-150200.24.112.1
gfs2-kmp-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
ocfs2-kmp-default-5.3.18-150200.24.112.1
ocfs2-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Enterprise Storage 7 (aarch64 x86_64):
kernel-default-5.3.18-150200.24.112.1
kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
kernel-default-debuginfo-5.3.18-150200.24.112.1
kernel-default-debugsource-5.3.18-150200.24.112.1
kernel-default-devel-5.3.18-150200.24.112.1
kernel-default-devel-debuginfo-5.3.18-150200.24.112.1
kernel-obs-build-5.3.18-150200.24.112.1
kernel-obs-build-debugsource-5.3.18-150200.24.112.1
kernel-preempt-5.3.18-150200.24.112.1
kernel-preempt-debuginfo-5.3.18-150200.24.112.1
kernel-preempt-debugsource-5.3.18-150200.24.112.1
kernel-preempt-devel-5.3.18-150200.24.112.1
kernel-preempt-devel-debuginfo-5.3.18-150200.24.112.1
kernel-syms-5.3.18-150200.24.112.1
reiserfs-kmp-default-5.3.18-150200.24.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150200.24.112.1
o SUSE Enterprise Storage 7 (noarch):
kernel-devel-5.3.18-150200.24.112.1
kernel-docs-5.3.18-150200.24.112.1
kernel-macros-5.3.18-150200.24.112.1
kernel-source-5.3.18-150200.24.112.1
References:
o https://www.suse.com/security/cve/CVE-2021-0920.html
o https://www.suse.com/security/cve/CVE-2021-39698.html
o https://www.suse.com/security/cve/CVE-2021-45868.html
o https://www.suse.com/security/cve/CVE-2022-0850.html
o https://www.suse.com/security/cve/CVE-2022-0854.html
o https://www.suse.com/security/cve/CVE-2022-1016.html
o https://www.suse.com/security/cve/CVE-2022-1048.html
o https://www.suse.com/security/cve/CVE-2022-1055.html
o https://www.suse.com/security/cve/CVE-2022-23036.html
o https://www.suse.com/security/cve/CVE-2022-23037.html
o https://www.suse.com/security/cve/CVE-2022-23038.html
o https://www.suse.com/security/cve/CVE-2022-23039.html
o https://www.suse.com/security/cve/CVE-2022-23040.html
o https://www.suse.com/security/cve/CVE-2022-23041.html
o https://www.suse.com/security/cve/CVE-2022-23042.html
o https://www.suse.com/security/cve/CVE-2022-26490.html
o https://www.suse.com/security/cve/CVE-2022-26966.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://www.suse.com/security/cve/CVE-2022-28388.html
o https://www.suse.com/security/cve/CVE-2022-28389.html
o https://www.suse.com/security/cve/CVE-2022-28390.html
o https://bugzilla.suse.com/1179639
o https://bugzilla.suse.com/1189562
o https://bugzilla.suse.com/1193731
o https://bugzilla.suse.com/1194943
o https://bugzilla.suse.com/1195051
o https://bugzilla.suse.com/1195254
o https://bugzilla.suse.com/1195353
o https://bugzilla.suse.com/1195403
o https://bugzilla.suse.com/1195939
o https://bugzilla.suse.com/1196018
o https://bugzilla.suse.com/1196196
o https://bugzilla.suse.com/1196468
o https://bugzilla.suse.com/1196488
o https://bugzilla.suse.com/1196761
o https://bugzilla.suse.com/1196823
o https://bugzilla.suse.com/1196830
o https://bugzilla.suse.com/1196836
o https://bugzilla.suse.com/1196956
o https://bugzilla.suse.com/1197227
o https://bugzilla.suse.com/1197331
o https://bugzilla.suse.com/1197366
o https://bugzilla.suse.com/1197389
o https://bugzilla.suse.com/1197462
o https://bugzilla.suse.com/1197702
o https://bugzilla.suse.com/1197914
o https://bugzilla.suse.com/1198031
o https://bugzilla.suse.com/1198032
o https://bugzilla.suse.com/1198033
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4Vq+NLKJtyKPYoAQiXcQ//ROf1SADqqWJMon6/t0QGwvCEqLKuDcMS
0/kipyIdeHX2daFoVWcb6dWuhZKsioJKzW6vkSVCg0aY6du0q3OU7EFuKeIz9tcP
bzrCmDu0brjqlxYaiGLjVAaLfsr5jZ2CZlSO03MlpnRpvmAELPT7AQsc0y9LEYZW
v9xZQ7WU2y3BfEyp/UfhZnsqH2DuCj+dozbbOdUV9auIHqOVxEu/n9iwX41UX1K6
DK58rHVRUdxCqle9cqHjgoBiVP8/0fG56oBeZ6IffiTIJWV3tpYYrYNcgD70fo4A
4Sv2Ha2S0a+uQ68ZsViTZQV8fvIBqiDHAOYgWcSRF54fVCZC3KaZHo29EE41y+nn
llOv1gaYa1V6OB8/UppMsYP1ycPRKJpw7l72JcRtFFTNP5+nuWOwSUfRUsu7HJdE
xdbUU5kuLLxCGKBExBA4qEBnzYtG1q1X8RG1PntYuXdb4tAkXbqbbTKOYoIkoBe/
ld+M0BM2cpxhbg9N6TFv0Ovw2kh+7sf7Eappuuyx60A8IvhjWLZP0osz6RnV3Xy4
vfUVpJxz8h3L/RJVrQgIkKZFpH3nMGN60CH9kCcVAM07SIDuG58FAC6t3tSLQSRR
N0/eSNJcrD6JSSUvlCZzUMaL6Of7L32GlM1Sch1BaaAwko0AQp/D3id/gWhJ4SgO
ESyPyAfT+Mg=
=grH+
-----END PGP SIGNATURE-----
ESB-2022.1663 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1663
Security update for the Linux Kernel
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28390 CVE-2022-28389 CVE-2022-28388
CVE-2022-27666 CVE-2022-26966 CVE-2022-26490
CVE-2022-23960 CVE-2022-23042 CVE-2022-23041
CVE-2022-23040 CVE-2022-23039 CVE-2022-23038
CVE-2022-23037 CVE-2022-23036 CVE-2022-1048
CVE-2022-1016 CVE-2022-0850 CVE-2022-0812
CVE-2022-0002 CVE-2022-0001 CVE-2021-45868
CVE-2021-39713
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221196-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1196-1
Rating: important
References: #1065729 #1114648 #1180153 #1184207 #1189562 #1191428
#1191451 #1191580 #1192273 #1193738 #1194163 #1194541
#1194580 #1194586 #1194590 #1194591 #1194943 #1195051
#1195353 #1195403 #1195480 #1195482 #1196018 #1196114
#1196339 #1196367 #1196468 #1196478 #1196488 #1196514
#1196639 #1196657 #1196723 #1196761 #1196830 #1196836
#1196901 #1196942 #1196973 #1196999 #1197099 #1197227
#1197331 #1197366 #1197462 #1197531 #1197661 #1197675
#1197754 #1197755 #1197756 #1197757 #1197758 #1197760
#1197763 #1197806 #1197894 #1197914 #1198031 #1198032
#1198033
Cross-References: CVE-2021-39713 CVE-2021-45868 CVE-2022-0001 CVE-2022-0002
CVE-2022-0812 CVE-2022-0850 CVE-2022-1016 CVE-2022-1048
CVE-2022-23036 CVE-2022-23037 CVE-2022-23038 CVE-2022-23039
CVE-2022-23040 CVE-2022-23041 CVE-2022-23042 CVE-2022-23960
CVE-2022-26490 CVE-2022-26966 CVE-2022-27666 CVE-2022-28388
CVE-2022-28389 CVE-2022-28390
Affected Products:
SUSE Linux Enterprise Desktop 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
SUSE Linux Enterprise High Performance Computing 12-SP5
SUSE Linux Enterprise Live Patching 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Workstation Extension 12-SP5
______________________________________________________________________________
An update that solves 22 vulnerabilities, contains three features and has 39
fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP5 kernel was updated.
The following security bugs were fixed:
o CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
o CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
o CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
o CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
o CVE-2022-0812: Fixed an incorrect header size calculations which could lead
to a memory leak. (bsc#1196639)
o CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#
1197331)
o CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c.
(bsc#1196761)
o CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed
attackers to obtain sensitive information from the memory via crafted frame
lengths from a USB device. (bsc#1196836)
o CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota file.
(bnc#1197366)
o CVE-2021-39713: Fixed a race condition in the network scheduling subsystem
which could lead to a use-after-free. (bnc#1196973) -
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to
read/write access to memory pages or denial of service. These issues are
related to the Xen PV device frontend drivers. (bsc#1196488)
CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker
with adjacent NFC access could crash the system or corrupt the system memory.
(bsc#1196830)
CVE-2022-0001,CVE-2022-0002,CVE-2022-23960: Fixed a new kind of speculation
issues, exploitable via JITed eBPF for instance. (bsc#1191580)
CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
The following non-security bugs were fixed:
o asix: Add rx->ax_skb = NULL after usbnet_skb_return() (git-fixes).
o asix: Ensure asix_rx_fixup_info members are all reset (git-fixes).
o asix: Fix small memory leak in ax88772_unbind() (git-fixes).
o asix: fix uninit-value in asix_mdio_read() (git-fixes).
o asix: fix wrong return value in asix_check_host_enable() (git-fixes).
o ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#
1196018).
o block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451).
o block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586).
o can: dev: can_restart: fix use after free bug (git-fixes).
o cgroup: Correct privileges check in release_agent writes (bsc#1196723).
o cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv (bsc#1196723).
o cgroup: Use open-time cgroup namespace for process migration perm checks
(bsc#1196723).
o dax: update to new mmu_notifier semantic (bsc#1184207).
o drm: add a locked version of drm_is_current_master (bsc#1197914).
o drm: drm_file struct kABI compatibility workaround (bsc#1197914).
o drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
o drm: serialize drm_file.master with a new spinlock (bsc#1197914).
o drm: use the lookup lock in drm_is_current_master (bsc#1197914).
o EDAC: Fix calculation of returned address and next offset in edac_align_ptr
() (bsc#1114648).
o ena_netdev: use generic power management (bsc#1197099 jsc#SLE-24125).
o ena: Remove rcu_read_lock() around XDP program invocation (bsc#1197099 jsc#
SLE-24125).
o ethernet: amazon: ena: A typo fix in the file ena_com.h (bsc#1197099 jsc#
SLE-24125).
o ext4: add check to prevent attempting to resize an fs with sparse_super2
(bsc#1197754).
o ext4: check for inconsistent extents between index and leaf block (bsc#
1194163 bsc#1196339).
o ext4: check for out-of-order index extents in ext4_valid_extent_entries()
(bsc#1194163 bsc#1196339).
o ext4: do not use the orphan list when migrating an inode (bsc#1197756).
o ext4: fix an use-after-free issue about data=journal writeback mode (bsc#
1195482).
o ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).
o ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).
o ext4: fix lazy initialization next schedule time computation in more
granular unit (bsc#1194580).
o ext4: make sure quota gets properly shutdown on error (bsc#1195480).
o ext4: prevent partial update of the extent blocks (bsc#1194163 bsc#
1196339).
o ext4: update i_disksize if direct write past ondisk size (bsc#1197806).
o genirq: Use rcu in kstat_irqs_usr() (bsc#1193738).
o gtp: fix an use-before-init in gtp_newlink() (git-fixes).
o IB/core: Fix ODP get user pages flow (git-fixes)
o IB/hfi1: Acquire lock to release TID entries when user file is closed
(git-fixes)
o IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
o IB/hfi1: Correct guard on eager buffer deallocation (git-fixes)
o IB/hfi1: Ensure pq is not left on waitlist (git-fixes)
o IB/hfi1: Fix another case where pq is left on waitlist (git-fixes)
o IB/hfi1: Fix error return code in parse_platform_config() (git-fixes)
o IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes)
o IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
(git-fixes)
o IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes)
o IB/hfi1: Use kzalloc() for mmu_rb_handler allocation (git-fixes)
o IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
(git-fixes)
o IB/qib: Use struct_size() helper (git-fixes)
o IB/sa: Resolv use-after-free in ib_nl_make_request() (git-fixes)
o IB/umad: Return EIO in case of when device disassociated (git-fixes)
o IB/umad: Return EPOLLERR in case of when device disassociated (git-fixes)
o isofs: Fix out of bound access for corrupted isofs image (bsc#1194591).
o llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
o macros.kernel-source: Fix conditional expansion. Fixes: bb95fef3cf19 ("rpm:
Use bash for %() expansion (jsc#SLE-18234).")
o mdio: fix mdio-thunder.c dependency build error (git-fixes).
o mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).
o mm: drop NULL return check of pte_offset_map_lock() (bsc#1184207).
o mm/rmap: always do TTU_IGNORE_ACCESS (bsc#1184207).
o mm/rmap: update to new mmu_notifier semantic v2 (bsc#1184207).
o net: arc_emac: Fix memleak in arc_mdio_probe (git-fixes).
o net: asix: add proper error handling of usb read errors (git-fixes).
o net: asix: fix uninit value bugs (git-fixes).
o net: bcmgenet: Fix a resource leak in an error handling path in the probe
functin (git-fixes).
o net: dp83867: Fix OF_MDIO config check (git-fixes).
o net: dsa: bcm_sf2: put device node before return (git-fixes).
o net: ena: Add capabilities field with support for ENI stats capability (bsc
#1197099 jsc#SLE-24125).
o net: ena: Add debug prints for invalid req_id resets (bsc#1197099 jsc#
SLE-24125).
o net: ena: add device distinct log prefix to files (bsc#1197099 jsc#
SLE-24125).
o net: ena: add jiffies of last napi call to stats (bsc#1197099 jsc#
SLE-24125).
o net: ena: aggregate doorbell common operations into a function (bsc#1197099
jsc#SLE-24125).
o net: ena: aggregate stats increase into a function (bsc#1197099 jsc#
SLE-24125).
o net: ena: Change ENI stats support check to use capabilities field (bsc#
1197099 jsc#SLE-24125).
o net: ena: Change return value of ena_calc_io_queue_size() to void (bsc#
1197099 jsc#SLE-24125).
o net: ena: Change the name of bad_csum variable (bsc#1197099 jsc#SLE-24125).
o net: ena: Extract recurring driver reset code into a function (bsc#1197099
jsc#SLE-24125).
o net: ena: fix coding style nits (bsc#1197099 jsc#SLE-24125).
o net: ena: fix DMA mapping function issues in XDP (bsc#1197099 jsc#
SLE-24125).
o net: ena: fix inaccurate print type (bsc#1197099 jsc#SLE-24125).
o net: ena: Fix wrong rx request id by resetting device (bsc#1197099 jsc#
SLE-24125).
o net: ena: Improve error logging in driver (bsc#1197099 jsc#SLE-24125).
o net: ena: introduce ndo_xdp_xmit() function for XDP_REDIRECT (bsc#1197099
jsc#SLE-24125).
o net: ena: introduce XDP redirect implementation (bsc#1197099 jsc#
SLE-24125).
o net: ena: make symbol 'ena_alloc_map_page' static (bsc#1197099 jsc#
SLE-24125).
o net: ena: Move reset completion print to the reset function (bsc#1197099
jsc#SLE-24125).
o net: ena: optimize data access in fast-path code (bsc#1197099 jsc#
SLE-24125).
o net: ena: re-organize code to improve readability (bsc#1197099 jsc#
SLE-24125).
o net: ena: Remove ena_calc_queue_size_ctx struct (bsc#1197099 jsc#
SLE-24125).
o net: ena: remove extra words from comments (bsc#1197099 jsc#SLE-24125).
o net: ena: Remove module param and change message severity (bsc#1197099 jsc#
SLE-24125).
o net: ena: Remove redundant return code check (bsc#1197099 jsc#SLE-24125).
o net: ena: Remove unused code (bsc#1197099 jsc#SLE-24125).
o net: ena: store values in their appropriate variables types (bsc#1197099
jsc#SLE-24125).
o net: ena: Update XDP verdict upon failure (bsc#1197099 jsc#SLE-24125).
o net: ena: use build_skb() in RX path (bsc#1197099 jsc#SLE-24125).
o net: ena: use constant value for net_device allocation (bsc#1197099 jsc#
SLE-24125).
o net: ena: Use dev_alloc() in RX buffer allocation (bsc#1197099 jsc#
SLE-24125).
o net: ena: Use pci_sriov_configure_simple() to enable VFs (bsc#1197099 jsc#
SLE-24125).
o net: ena: use xdp_frame in XDP TX flow (bsc#1197099 jsc#SLE-24125).
o net: ena: use xdp_return_frame() to free xdp frames (bsc#1197099 jsc#
SLE-24125).
o net: ethernet: Fix memleak in ethoc_probe (git-fixes).
o net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered
(git-fixes).
o net: fec: only check queue 0 if RXF_0/TXF_0 interrupt is set (git-fixes).
o net: hdlc_ppp: Fix issues when mod_timer is called while timer is running
(git-fixes).
o net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
ether_setup (git-fixes).
o net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
(git-fixes).
o net: hns: fix return value check in __lb_other_process() (git-fixes).
o net: marvell: Fix OF_MDIO config check (git-fixes).
o net: mcs7830: handle usb read errors properly (git-fixes).
o net: usb: asix: add error handling for asix_mdio_* functions (git-fixes).
o net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#
1196018).
o net: usb: ax88179_178a: fix packet alignment padding (bsc#1196018).
o net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
o netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
o NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
o NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
o NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
o NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
o NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
o NFS: Clamp WRITE offsets (git-fixes).
o NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
o NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
o NFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
o ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).
o ocfs2: remove ocfs2_is_o2cb_active() (bsc#1197758).
o powercap: intel_rapl: add support for Sapphire Rapids (jsc#SLE-15288, jsc#
ECO-2990).
o powerpc/64: Fix kernel stack 16-byte alignment (bsc#1196999 ltc#196609S
git-fixes).
o powerpc/64: Interrupts save PPR on stack rather than thread_struct (bsc#
1196999 ltc#196609).
o powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jec#
SLE-23780).
o powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
o powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
o powerpc/pseries: new lparcfg key/value pair: partition_affinity_score (jec#
SLE-23780).
o powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#
1065729).
o powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
o powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
o powerpc/xive: fix return value of __setup handler (bsc#1065729).
o printk: Add panic_in_progress helper (bsc#1197894).
o printk: disable optimistic spin during panic (bsc#1197894).
o qed: select CONFIG_CRC32 (git-fixes).
o quota: correct error number in free_dqentry() (bsc#1194590).
o RDMA/addr: Be strict with gid size (git-fixes)
o RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res (git-fixes)
o RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal()
(git-fixes)
o RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
pending cmd-bit" (git-fixes)
o RDMA/bnxt_re: Set queue pair state when being queried (git-fixes)
o RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
(git-fixes)
o RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
(git-fixes)
o RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
(git-fixes)
o RDMA/core: Do not infoleak GRH fields (git-fixes)
o RDMA/core: Let ib_find_gid() continue search even after empty entry
(git-fixes)
o RDMA/cxgb4: add missing qpid increment (git-fixes)
o RDMA/cxgb4: check for ipv6 address properly while destroying listener
(git-fixes)
o RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening
server (git-fixes)
o RDMA/cxgb4: Fix the reported max_recv_sge value (git-fixes)
o RDMA/cxgb4: Set queue pair state when being queried (git-fixes)
o RDMA/cxgb4: Validate the number of CQEs (git-fixes)
o RDMA/hns: Add a check for current state before modifying QP (git-fixes)
o RDMA/hns: Encapsulate some lines for setting sq size in user mode
(git-fixes)
o RDMA/hns: Optimize hns_roce_modify_qp function (git-fixes)
o RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size()
(git-fixes)
o RDMA/hns: Validate the pkey index (git-fixes)
o RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails (git-fixes)
o RDMA/ib_srp: Fix a deadlock (git-fixes)
o RDMA/iwcm: Release resources if iw_cm module initialization fails
(git-fixes)
o RDMA/mlx4: Do not continue event handler after memory allocation failure
(git-fixes)
o RDMA/mlx4: Return missed an error if device does not support steering
(git-fixes)
o RDMA/mlx5: Do not allow rereg of a ODP MR (git-fixes)
o RDMA/mlx5: Fix corruption of reg_pages in mlx5_ib_rereg_user_mr()
(git-fixes)
o RDMA/mlx5: Fix potential race between destroy and CQE poll (git-fixes)
o RDMA/mlx5: Fix udata response upon SRQ creation (git-fixes)
o RDMA/mlx5: Put live in the correct place for ODP MRs (git-fixes)
o RDMA/odp: Lift umem_mutex out of ib_umem_odp_unmap_dma_pages() (git-fixes)
o RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
o RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
o RDMA/rxe: Clear all QP fields if creation failed (git-fixes)
o RDMA/rxe: Compute PSN windows correctly (git-fixes)
o RDMA/rxe: Correct skb on loopback path (git-fixes)
o RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
o RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt (git-fixes)
o RDMA/rxe: Fix coding error in rxe_recv.c (git-fixes)
o RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
o RDMA/rxe: Fix failure during driver load (git-fixes)
o RDMA/rxe: Fix missing kconfig dependency on CRYPTO (git-fixes)
o RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
o RDMA/rxe: Fix panic when calling kmem_cache_create() (git-fixes)
o RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
o RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt() (git-fixes)
o RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
o RDMA/rxe: Handle skb_clone() failure in rxe_recv.c (git-fixes)
o RDMA/rxe: Remove rxe_link_layer() (git-fixes)
o RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
o RDMA/ucma: Fix locking for ctx->events_reported (git-fixes)
o RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (git-fixes)
o RDMA/uverbs: Fix create WQ to use the given user handle (git-fixes)
o RDMA/uverbs: Tidy input validation of ib_uverbs_rereg_mr() (git-fixes)
o s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
o s390/disassembler: increase ebpf disasm buffer size (git-fixes).
o scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
o scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
o scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
o scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
o scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#
1197675 bsc#1196478).
o scsi: lpfc: Fix typos in comments (bsc#1197675).
o scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675
bsc#1196478).
o scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#
1196478).
o scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
o scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
o scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
o scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#
1197675).
o scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
o scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc
#1197675).
o scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
o scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#
1197675).
o scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#
1197675).
o scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
o scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
o scsi: lpfc: Use fc_block_rport() (bsc#1197675).
o scsi: lpfc: Use kcalloc() (bsc#1197675).
o scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
o scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
o scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
o scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
o scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
o scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#
1197661).
o scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
o scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#
1197661).
o scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
o scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
o scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
o scsi: qla2xxx: Fix typos in comments (bsc#1197661).
o scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
o scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
o scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
o scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
o scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc
#1197661).
o scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
o scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
o sr9700: sanity check for packet length (bsc#1196836).
o SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403).
o SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
o SUNRPC: Fix transport accounting when caller specifies an rpc_xprt (bsc#
1197531).
o tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
o tcp: change source port randomizarion at connect() time (bsc#1180153).
o tcp: Export tcp_{sendpage,sendmsg}_locked() for ipv6 (bsc#1194541).
o tracing: Fix return value of __setup handlers (git-fixes).
o USB: Add unusual-devs entry for VL817 USB-SATA bridge (git-fixes).
o USB: chipidea: fix interrupt deadlock (git-fixes).
o USB: core: Fix hang in usb_kill_urb by adding memory barriers (git-fixes).
o USB: ftdi-elan: fix memory leak on device disconnect (git-fixes).
o USB: host: xen-hcd: add missing unlock in error path (git-fixes).
o USB: host: xhci-rcar: Do not reload firmware after the completion
(git-fixes).
o USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
(git-fixes).
o USB: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes).
o USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
(git-fixes).
o USB: serial: option: add support for DW5829e (git-fixes).
o USB: serial: option: add Telit LE910R1 compositions (git-fixes).
o USB: serial: option: add ZTE MF286D modem (git-fixes).
o USB: storage: ums-realtek: fix error code in rts51x_read_mem() (git-fixes).
o USB: zaurus: support another broken Zaurus (git-fixes).
o virtio_net: Fix recursive call to cpus_read_lock() (git-fixes).
o x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#
1114648).
o x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1114648).
o xen/gntdev: update to new mmu_notifier semantic (bsc#1184207).
o xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
(bsc#1196488, XSA-396).
o xhci: Enable trust tx length quirk for Fresco FL11 USB controller
(git-fixes).
o xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set
(git-fixes).
o xhci: Prevent futile URB re-submissions due to incorrect return value
(git-fixes).
o xhci: re-initialize the HC during resume if HCE was set (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Workstation Extension 12-SP5:
zypper in -t patch SUSE-SLE-WE-12-SP5-2022-1196=1
o SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1196=1
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1196=1
o SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-1196=1
o SUSE Linux Enterprise High Availability 12-SP5:
zypper in -t patch SUSE-SLE-HA-12-SP5-2022-1196=1
Package List:
o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):
kernel-default-debuginfo-4.12.14-122.116.1
kernel-default-debugsource-4.12.14-122.116.1
kernel-default-extra-4.12.14-122.116.1
kernel-default-extra-debuginfo-4.12.14-122.116.1
o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-4.12.14-122.116.1
kernel-obs-build-debugsource-4.12.14-122.116.1
o SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):
kernel-docs-4.12.14-122.116.1
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-122.116.1
kernel-default-base-4.12.14-122.116.1
kernel-default-base-debuginfo-4.12.14-122.116.1
kernel-default-debuginfo-4.12.14-122.116.1
kernel-default-debugsource-4.12.14-122.116.1
kernel-default-devel-4.12.14-122.116.1
kernel-syms-4.12.14-122.116.1
o SUSE Linux Enterprise Server 12-SP5 (x86_64):
kernel-default-devel-debuginfo-4.12.14-122.116.1
o SUSE Linux Enterprise Server 12-SP5 (noarch):
kernel-devel-4.12.14-122.116.1
kernel-macros-4.12.14-122.116.1
kernel-source-4.12.14-122.116.1
o SUSE Linux Enterprise Server 12-SP5 (s390x):
kernel-default-man-4.12.14-122.116.1
o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kernel-default-debuginfo-4.12.14-122.116.1
kernel-default-debugsource-4.12.14-122.116.1
kernel-default-kgraft-4.12.14-122.116.1
kernel-default-kgraft-devel-4.12.14-122.116.1
kgraft-patch-4_12_14-122_116-default-1-8.3.1
o SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-122.116.1
cluster-md-kmp-default-debuginfo-4.12.14-122.116.1
dlm-kmp-default-4.12.14-122.116.1
dlm-kmp-default-debuginfo-4.12.14-122.116.1
gfs2-kmp-default-4.12.14-122.116.1
gfs2-kmp-default-debuginfo-4.12.14-122.116.1
kernel-default-debuginfo-4.12.14-122.116.1
kernel-default-debugsource-4.12.14-122.116.1
ocfs2-kmp-default-4.12.14-122.116.1
ocfs2-kmp-default-debuginfo-4.12.14-122.116.1
References:
o https://www.suse.com/security/cve/CVE-2021-39713.html
o https://www.suse.com/security/cve/CVE-2021-45868.html
o https://www.suse.com/security/cve/CVE-2022-0001.html
o https://www.suse.com/security/cve/CVE-2022-0002.html
o https://www.suse.com/security/cve/CVE-2022-0812.html
o https://www.suse.com/security/cve/CVE-2022-0850.html
o https://www.suse.com/security/cve/CVE-2022-1016.html
o https://www.suse.com/security/cve/CVE-2022-1048.html
o https://www.suse.com/security/cve/CVE-2022-23036.html
o https://www.suse.com/security/cve/CVE-2022-23037.html
o https://www.suse.com/security/cve/CVE-2022-23038.html
o https://www.suse.com/security/cve/CVE-2022-23039.html
o https://www.suse.com/security/cve/CVE-2022-23040.html
o https://www.suse.com/security/cve/CVE-2022-23041.html
o https://www.suse.com/security/cve/CVE-2022-23042.html
o https://www.suse.com/security/cve/CVE-2022-23960.html
o https://www.suse.com/security/cve/CVE-2022-26490.html
o https://www.suse.com/security/cve/CVE-2022-26966.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://www.suse.com/security/cve/CVE-2022-28388.html
o https://www.suse.com/security/cve/CVE-2022-28389.html
o https://www.suse.com/security/cve/CVE-2022-28390.html
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1114648
o https://bugzilla.suse.com/1180153
o https://bugzilla.suse.com/1184207
o https://bugzilla.suse.com/1189562
o https://bugzilla.suse.com/1191428
o https://bugzilla.suse.com/1191451
o https://bugzilla.suse.com/1191580
o https://bugzilla.suse.com/1192273
o https://bugzilla.suse.com/1193738
o https://bugzilla.suse.com/1194163
o https://bugzilla.suse.com/1194541
o https://bugzilla.suse.com/1194580
o https://bugzilla.suse.com/1194586
o https://bugzilla.suse.com/1194590
o https://bugzilla.suse.com/1194591
o https://bugzilla.suse.com/1194943
o https://bugzilla.suse.com/1195051
o https://bugzilla.suse.com/1195353
o https://bugzilla.suse.com/1195403
o https://bugzilla.suse.com/1195480
o https://bugzilla.suse.com/1195482
o https://bugzilla.suse.com/1196018
o https://bugzilla.suse.com/1196114
o https://bugzilla.suse.com/1196339
o https://bugzilla.suse.com/1196367
o https://bugzilla.suse.com/1196468
o https://bugzilla.suse.com/1196478
o https://bugzilla.suse.com/1196488
o https://bugzilla.suse.com/1196514
o https://bugzilla.suse.com/1196639
o https://bugzilla.suse.com/1196657
o https://bugzilla.suse.com/1196723
o https://bugzilla.suse.com/1196761
o https://bugzilla.suse.com/1196830
o https://bugzilla.suse.com/1196836
o https://bugzilla.suse.com/1196901
o https://bugzilla.suse.com/1196942
o https://bugzilla.suse.com/1196973
o https://bugzilla.suse.com/1196999
o https://bugzilla.suse.com/1197099
o https://bugzilla.suse.com/1197227
o https://bugzilla.suse.com/1197331
o https://bugzilla.suse.com/1197366
o https://bugzilla.suse.com/1197462
o https://bugzilla.suse.com/1197531
o https://bugzilla.suse.com/1197661
o https://bugzilla.suse.com/1197675
o https://bugzilla.suse.com/1197754
o https://bugzilla.suse.com/1197755
o https://bugzilla.suse.com/1197756
o https://bugzilla.suse.com/1197757
o https://bugzilla.suse.com/1197758
o https://bugzilla.suse.com/1197760
o https://bugzilla.suse.com/1197763
o https://bugzilla.suse.com/1197806
o https://bugzilla.suse.com/1197894
o https://bugzilla.suse.com/1197914
o https://bugzilla.suse.com/1198031
o https://bugzilla.suse.com/1198032
o https://bugzilla.suse.com/1198033
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VmeNLKJtyKPYoAQiANQ//bE8mz77ZG4aLCgoJQJgCjlIkb7UmoEWr
Zssh6iGeJijhEO/MR34ksJx0wxTNcddbspQRAHJVbyv3b22bf7mrpqqw0t6Pon2i
wWTkZj6enxmJX+rwr0TmBGkv4905d+U9Iro2E4F0NzZQKD1MJrkzNhxq2hOerPSc
QwrNUU7K6zVZw2thDgBScURpVtWSvXhxZsbCwc6wdrEpuJfPPBUmxIZ09qn2CvoL
3jhNvxpLjR7jt8XD8Q0V/CrgS7AEFGD/XtP7sFdVg4Oz0fUddreaeyK0rjCpiNIL
3WFujnaUsCHUNgJYSbQgenWIu8UIXwZkreKUMM5Aw4UlOksxLx8gN6/6/H0fb4Hm
qzU5bDqmFenuofuhr/WWWxutems8Glf8YFit2AWeZ16W7bb0+OBdNx8Uw1WmCt+I
vkr3arr20iWYoF7+T60tmysOM+zVc3Bp8VyPmraW6zBxXCFO8H3pREZk7mSpR10c
im1Ee6xEBxVvQ50UUmFkHMOE4cwXRrMQeOvGuuOddg4zoSch6rDddeMAJ6KbMhLX
F3zK90xiycnPhDWhPsVOhrGBFr9rMW15RdlDC12UuvVsvkjG6Cu98SHvNpK+muO3
xgSQfArIqdVTb0Y9z9O/n8P1RqDCSEtnfW3705hcH0ooyICPV3mUgugUCTblNR8C
NPH5FOeEtEM=
=MngQ
-----END PGP SIGNATURE-----
ESB-2022.1662 - [SUSE] kernel: CVSS (Max): 8.4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1662
Security update for the Linux Kernel
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-28390 CVE-2022-28389 CVE-2022-28388
CVE-2022-27666 CVE-2022-1205 CVE-2022-1199
CVE-2022-1198 CVE-2022-1195 CVE-2022-1055
CVE-2022-1048 CVE-2022-1016 CVE-2022-1011
CVE-2022-0854 CVE-2022-0850 CVE-2021-45868
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221183-1
Comment: CVSS (Max): 8.4 CVE-2022-1055 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1183-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134 #1179639
#1180153 #1189562 #1194649 #1195640 #1195926 #1196018
#1196196 #1196478 #1196761 #1196823 #1197227 #1197243
#1197300 #1197302 #1197331 #1197343 #1197366 #1197389
#1197462 #1197501 #1197534 #1197661 #1197675 #1197702
#1197811 #1197812 #1197815 #1197817 #1197819 #1197820
#1197888 #1197889 #1197894 #1197914 #1198027 #1198028
#1198029 #1198030 #1198031 #1198032 #1198033
Cross-References: CVE-2021-45868 CVE-2022-0850 CVE-2022-0854 CVE-2022-1011
CVE-2022-1016 CVE-2022-1048 CVE-2022-1055 CVE-2022-1195
CVE-2022-1198 CVE-2022-1199 CVE-2022-1205 CVE-2022-27666
CVE-2022-28388 CVE-2022-28389 CVE-2022-28390
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 32 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
o CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA
subsystem. This flaw allowed a local user to read random memory from the
kernel space. (bnc#1196823)
o CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
o CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
o CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
o CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
o CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a
local attacker to gain privilege escalation. (bnc#1197702)
o CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#
1197331)
o CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota file.
(bnc#1197366)
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c.
(bsc#1196761)
o CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that
allow an attacker to crash the linux kernel by simulating Amateur Radio.
(bsc#1198028)
o CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
o CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker
to crash the linux kernel by simulating Amateur Radio (bsc#1198030).
o CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service. (bsc#
1198029)
o CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other data
from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
o ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
o ACPI: APEI: fix return value of __setup handlers (git-fixes).
o ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
o ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).
o ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).
o ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
o ACPI: docs: enumeration: Update UART serial bus resource documentation
(git-fixes).
o ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
o ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
o ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
o ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
o ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
o ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
o ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
o ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
o ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
o ALSA: spi: Add check for clk_enable() (git-fixes).
o ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
o ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
o ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
o ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
o ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
o ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
o ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
o ASoC: fsi: Add check for clk_enable (git-fixes).
o ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
o ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).
o ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
o ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
o ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
o ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
o ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp()
(git-fixes).
o ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
o ASoC: SOF: topology: remove redundant code (git-fixes).
o ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
o ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
o ASoC: topology: Allow TLV control to be either read or write (git-fixes).
o ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
o ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
o ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
o ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#
1196018).
o block: update io_ticks when io hang (bsc#1197817).
o block/wbt: fix negative inflight counter when remove scsi device (bsc#
1197819).
o bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
o bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
o btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
o btrfs: avoid unnecessary log mutex contention when syncing log (bsc#
1194649).
o btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#
1194649).
o btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).
o btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
o btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
o btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
o btrfs: do not log new dentries when logging that a new name exists (bsc#
1194649).
o btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
o btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
o btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#
1194649).
o btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
o btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
o btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
o btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#
1194649).
o btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).
o btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
o btrfs: remove unnecessary list head initialization when syncing log (bsc#
1194649).
o btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#
1194649).
o can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
o can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
o can: mcba_usb: properly check endpoint type (git-fixes).
o can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when
fully ready (git-fixes).
o cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
o clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
o clk: bcm2835: Remove unused variable (git-fixes).
o clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
o clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
o clk: Initialize orphan req_rate (git-fixes).
o clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).
o clk: nxp: Remove unused variable (git-fixes).
o clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).
o clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
o clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
o clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
o clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
o clk: uniphier: Fix fixed-rate initialization (git-fixes).
o clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
o clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
o cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
o crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).
o crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
o crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
o crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
o crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
o crypto: qat - do not cast parameter in bit operations (git-fixes).
o crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
o crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
o crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
o crypto: vmx - add missing dependencies (git-fixes).
o dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#
1197501).
o driver core: dd: fix return value of __setup handler (git-fixes).
o drm: add a locked version of drm_is_current_master (bsc#1197914).
o drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
o drm: drm_file struct kABI compatibility workaround (bsc#1197914).
o drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
o drm: serialize drm_file.master with a new spinlock (bsc#1197914).
o drm: use the lookup lock in drm_is_current_master (bsc#1197914).
o drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
o drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
(git-fixes).
o drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
o drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
o drm/doc: overview before functions for drm_writeback.c (git-fixes).
o drm/i915: Fix dbuf slice config lookup (git-fixes).
o drm/i915/gem: add missing boundary check in vm_access (git-fixes).
o drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
o drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
o drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
o drm/msm/dpu: add DSPP blocks teardown (git-fixes).
o drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
o drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
o drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
o drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
o drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
o ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
o ecryptfs: Fix typo in message (bsc#1197811).
o ext2: correct max file size computing (bsc#1197820).
o firmware: google: Properly state IOMEM dependency (git-fixes).
o firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
o fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
o HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#
1197243).
o hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
o hwmon: (pmbus) Add Vin unit off handling (git-fixes).
o hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
o hwrng: atmel - disable trng on failure path (git-fixes).
o i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
o ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
o iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).
o iio: adc: Add check for devm_request_threaded_irq (git-fixes).
o iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
o iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
o iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
o iio: inkern: make a best effort on offset calculation (git-fixes).
o Input: aiptek - properly check endpoint type (git-fixes).
o iwlwifi: do not advertise TWT support (git-fixes).
o KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
o llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
o mac80211: fix potential double free on mesh join (git-fixes).
o mac80211: refuse aggregations sessions before authorized (git-fixes).
o media: aspeed: Correct value for h-total-pixels (git-fixes).
o media: bttv: fix WARNING regression on tunerless devices (git-fixes).
o media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
o media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
o media: em28xx: initialize refcount before kref_get (git-fixes).
o media: hantro: Fix overfill bottom register field name (git-fixes).
o media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
o media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
o media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
o media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
o membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
o membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
o memory: emif: Add check for setup_interrupts (git-fixes).
o memory: emif: check the pointer temp in get_device_details() (git-fixes).
o misc: alcor_pci: Fix an error handling path (git-fixes).
o misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
o mm_zone: add function to check if managed dma zone exists (bsc#1197501).
o mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes).
o mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
pages (bsc#1197501).
o mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
o net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
o net: enetc: initialize the RFS and RSS memories (git-fixes).
o net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
o net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
o net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
o net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
o net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#
1196018).
o net: watchdog: hold device global xmit lock during tx disable (git-fixes).
o net/smc: Fix loop in smc_listen (git-fixes).
o net/smc: fix using of uninitialized completions (git-fixes).
o net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
o net/smc: Make sure the link_id is unique (git-fixes).
o net/smc: Reset conn->lgr when link group registration fails (git-fixes).
o netfilter: conntrack: do not refresh sctp entries in closed state (bsc#
1197389).
o netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
o NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
o NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
o NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
o NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
o NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
o NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
o NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
o NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
o NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
o NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
o NFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
o nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
o pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).
o pinctrl: mediatek: paris: Fix "argument" argument type for mtk_pinconf_get
() (git-fixes).
o pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
o pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
o pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
o pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
o pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
o pinctrl: samsung: drop pin banks references on error paths (git-fixes).
o pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
o PM: hibernate: fix __setup handler error handling (git-fixes).
o PM: suspend: fix return value of __setup handler (git-fixes).
o powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
o powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
o powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc
#1179639 ltc#189002 git-fixes).
o powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
o powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
o powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#
1065729).
o powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
o powerpc/xive: fix return value of __setup handler (bsc#1065729).
o printk: Add panic_in_progress helper (bsc#1197894).
o printk: disable optimistic spin during panic (bsc#1197894).
o pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add()
(git-fixes).
o regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
o remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
o remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
o s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
o s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap()
(git-fixes).
o s390/gmap: validate VMA in __gmap_zap() (git-fixes).
o s390/hypfs: include z/VM guests with access control group set (bsc#1195640
LTC#196352).
o s390/kexec_file: fix error handling when applying relocations (git-fixes).
o s390/kexec: fix memory leak of ipl report buffer (git-fixes).
o s390/kexec: fix return code handling (git-fixes).
o s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
o s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
o s390/module: fix loading modules with a lot of relocations (git-fixes).
o s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
o scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
o scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
o scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
o scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
o scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#
1197675 bsc#1196478).
o scsi: lpfc: Fix typos in comments (bsc#1197675).
o scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675
bsc#1196478).
o scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#
1196478).
o scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
o scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
o scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
o scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#
1197675).
o scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
o scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc
#1197675).
o scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
o scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#
1197675).
o scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
o scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#
1197675).
o scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
o scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
o scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
o scsi: lpfc: Use fc_block_rport() (bsc#1197675).
o scsi: lpfc: Use kcalloc() (bsc#1197675).
o scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
o scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
o scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
o scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
o scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
o scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#
1197661).
o scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
o scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#
1197661).
o scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
o scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
o scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
o scsi: qla2xxx: Fix typos in comments (bsc#1197661).
o scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
o scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
o scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
o scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
o scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc
#1197661).
o scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
o scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
o serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).
o serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
o serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
o serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
o soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
o soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
o soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
o soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
o spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
o spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
o staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
o tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
o tcp: change source port randomizarion at connect() time (bsc#1180153).
o thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
o thermal: int340x: Increase bitmap size (git-fixes).
o udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
o Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y
o usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
o usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()'
(git-fixes).
o usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
o usb: bdc: remove duplicated error message (git-fixes).
o usb: bdc: Use devm_clk_get_optional() (git-fixes).
o usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
o usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
o usb: dwc3: qcom: add IRQ check (git-fixes).
o usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
o usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
o usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
o usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
o VFS: filename_create(): fix incorrect intent (bsc#1197534).
o video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
o video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
o video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
o video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
o video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
o video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
o video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
o VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
o vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
o wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
o wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
o wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
o wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
o x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#
1178134).
o x86/mm/pat: Do not flush cache if hardware enforces cache coherency across
encryption domnains (bsc#1178134).
o x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#
1178134).
o x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
o xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1183=1
o openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1183=1
o SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1183=1
o SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183=1
o SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1183=1
o SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183=1
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1183=1
o SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1183=1
o SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1183=1
o SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1183=1
Package List:
o openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
o openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-default-optional-5.3.18-150300.59.63.1
kernel-default-optional-debuginfo-5.3.18-150300.59.63.1
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-obs-qa-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
kselftests-kmp-default-5.3.18-150300.59.63.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.63.1
kernel-debug-debuginfo-5.3.18-150300.59.63.1
kernel-debug-debugsource-5.3.18-150300.59.63.1
kernel-debug-devel-5.3.18-150300.59.63.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.63.1
kernel-debug-livepatch-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-5.3.18-150300.59.63.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.63.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-64kb-5.3.18-150300.59.63.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dtb-al-5.3.18-150300.59.63.1
dtb-allwinner-5.3.18-150300.59.63.1
dtb-altera-5.3.18-150300.59.63.1
dtb-amd-5.3.18-150300.59.63.1
dtb-amlogic-5.3.18-150300.59.63.1
dtb-apm-5.3.18-150300.59.63.1
dtb-arm-5.3.18-150300.59.63.1
dtb-broadcom-5.3.18-150300.59.63.1
dtb-cavium-5.3.18-150300.59.63.1
dtb-exynos-5.3.18-150300.59.63.1
dtb-freescale-5.3.18-150300.59.63.1
dtb-hisilicon-5.3.18-150300.59.63.1
dtb-lg-5.3.18-150300.59.63.1
dtb-marvell-5.3.18-150300.59.63.1
dtb-mediatek-5.3.18-150300.59.63.1
dtb-nvidia-5.3.18-150300.59.63.1
dtb-qcom-5.3.18-150300.59.63.1
dtb-renesas-5.3.18-150300.59.63.1
dtb-rockchip-5.3.18-150300.59.63.1
dtb-socionext-5.3.18-150300.59.63.1
dtb-sprd-5.3.18-150300.59.63.1
dtb-xilinx-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
gfs2-kmp-64kb-5.3.18-150300.59.63.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-extra-5.3.18-150300.59.63.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1
kernel-64kb-optional-5.3.18-150300.59.63.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-64kb-5.3.18-150300.59.63.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-docs-5.3.18-150300.59.63.1
kernel-docs-html-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
kernel-source-vanilla-5.3.18-150300.59.63.1
o openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x
x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1
o SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le
s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
o SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
o SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x
x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
References:
o https://www.suse.com/security/cve/CVE-2021-45868.html
o https://www.suse.com/security/cve/CVE-2022-0850.html
o https://www.suse.com/security/cve/CVE-2022-0854.html
o https://www.suse.com/security/cve/CVE-2022-1011.html
o https://www.suse.com/security/cve/CVE-2022-1016.html
o https://www.suse.com/security/cve/CVE-2022-1048.html
o https://www.suse.com/security/cve/CVE-2022-1055.html
o https://www.suse.com/security/cve/CVE-2022-1195.html
o https://www.suse.com/security/cve/CVE-2022-1198.html
o https://www.suse.com/security/cve/CVE-2022-1199.html
o https://www.suse.com/security/cve/CVE-2022-1205.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://www.suse.com/security/cve/CVE-2022-28388.html
o https://www.suse.com/security/cve/CVE-2022-28389.html
o https://www.suse.com/security/cve/CVE-2022-28390.html
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1156395
o https://bugzilla.suse.com/1175667
o https://bugzilla.suse.com/1177028
o https://bugzilla.suse.com/1178134
o https://bugzilla.suse.com/1179639
o https://bugzilla.suse.com/1180153
o https://bugzilla.suse.com/1189562
o https://bugzilla.suse.com/1194649
o https://bugzilla.suse.com/1195640
o https://bugzilla.suse.com/1195926
o https://bugzilla.suse.com/1196018
o https://bugzilla.suse.com/1196196
o https://bugzilla.suse.com/1196478
o https://bugzilla.suse.com/1196761
o https://bugzilla.suse.com/1196823
o https://bugzilla.suse.com/1197227
o https://bugzilla.suse.com/1197243
o https://bugzilla.suse.com/1197300
o https://bugzilla.suse.com/1197302
o https://bugzilla.suse.com/1197331
o https://bugzilla.suse.com/1197343
o https://bugzilla.suse.com/1197366
o https://bugzilla.suse.com/1197389
o https://bugzilla.suse.com/1197462
o https://bugzilla.suse.com/1197501
o https://bugzilla.suse.com/1197534
o https://bugzilla.suse.com/1197661
o https://bugzilla.suse.com/1197675
o https://bugzilla.suse.com/1197702
o https://bugzilla.suse.com/1197811
o https://bugzilla.suse.com/1197812
o https://bugzilla.suse.com/1197815
o https://bugzilla.suse.com/1197817
o https://bugzilla.suse.com/1197819
o https://bugzilla.suse.com/1197820
o https://bugzilla.suse.com/1197888
o https://bugzilla.suse.com/1197889
o https://bugzilla.suse.com/1197894
o https://bugzilla.suse.com/1197914
o https://bugzilla.suse.com/1198027
o https://bugzilla.suse.com/1198028
o https://bugzilla.suse.com/1198029
o https://bugzilla.suse.com/1198030
o https://bugzilla.suse.com/1198031
o https://bugzilla.suse.com/1198032
o https://bugzilla.suse.com/1198033
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VVONLKJtyKPYoAQiW7xAAgyAbWR8Jmmq9CKAEIp3JwahPuhT2t25F
i7bFHRUs7/Dx/oWixbWSs4pyZLtRoT3uu+2XGGqb0zRKrpb2KdKTmBaDOw8SPyQJ
Z7S0KD5bS+oPO6VjOrlF4qKnEv7AVsi1Is9DD4O2NQJEXL7E3cQ2bIHzbmPaJcoP
LWQCxhGefqwj4VkGKc8GZ6rKfkf1pTe5frHDqm5+7o9iNDz7fKAe0+9J6we6LD0C
OJBK2vNm2X4ZBhJ1OrvJfq6OdvVSiS7qDRq9eXeSS6wEr27yrWVyC2YPMcYKJSPi
jWmlO8XShca2VVC2MfS6ahUbBRhgaEQ46VkaDpUOzTmnnnFsAwkfPkqhwoVzOZMJ
wZQN4W2fghyEC0tfhavYnfIpK5gtyEu3avAIckm/GkLHR8JuL3jJaNhtGtJAH8YK
xUdrZmEzepBI0IBt5uTNLXb5Ol/rBoNIA6/m7esbj8unKQcYY20uYXgh0+5S85At
HKM/4nk7D8QYbjBasUvFrqsbDJ+LNVyGrl7rda7tER6cm9tP/o+hOQ39mYWDpJjy
2OXPljmhawywh0e5iIsNHBrA4SG6XEKPb14I+LyDX/MQ/wqb7B8N9tGrCJasdH/a
VIatXn1eV78K8qyXQ5UE6ARTDMG8UG9XYaGGR4HjKO9Ceqj/vDdzY2RaWpDFQe2i
DUP4oYbWgKo=
=LrMS
-----END PGP SIGNATURE-----
ESB-2022.1661 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1661
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP3)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942 CVE-2021-39698
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221223-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 12 for
SLE 15 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1223-1
Rating: important
References: #1195951 #1196959 #1197133
Cross-References: CVE-2021-39698 CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 5.3.18-150300_59_43 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2021-39698: Fixed a possible memory corruption due to a use after free
in aio_poll_complete_work. This could lead to local escalation of privilege
with no additional execution privileges needed. (bsc#1196956)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1207=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1214=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1226=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1227=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1229=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1231=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1232=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1233=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1234=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1235=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1241=1
o SUSE Linux Enterprise Module for Live Patching 15-SP2:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-1213=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1219=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1220=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1221=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1222=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1223=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1228=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1237=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1238=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1239=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-150300_59_43-default-5-150300.2.1
kernel-livepatch-5_3_18-150300_59_43-default-debuginfo-5-150300.2.1
kernel-livepatch-5_3_18-150300_59_46-default-5-150300.2.1
kernel-livepatch-5_3_18-150300_59_46-default-debuginfo-5-150300.2.1
kernel-livepatch-5_3_18-57-default-14-150200.3.1
kernel-livepatch-5_3_18-57-default-debuginfo-14-150200.3.1
kernel-livepatch-5_3_18-59_10-default-12-150300.2.1
kernel-livepatch-5_3_18-59_10-default-debuginfo-12-150300.2.1
kernel-livepatch-5_3_18-59_13-default-12-150300.2.1
kernel-livepatch-5_3_18-59_13-default-debuginfo-12-150300.2.1
kernel-livepatch-5_3_18-59_19-default-10-150300.2.1
kernel-livepatch-5_3_18-59_19-default-debuginfo-10-150300.2.1
kernel-livepatch-5_3_18-59_24-default-8-150300.2.1
kernel-livepatch-5_3_18-59_24-default-debuginfo-8-150300.2.1
kernel-livepatch-5_3_18-59_27-default-8-150300.2.1
kernel-livepatch-5_3_18-59_27-default-debuginfo-8-150300.2.1
kernel-livepatch-5_3_18-59_34-default-7-150300.2.1
kernel-livepatch-5_3_18-59_34-default-debuginfo-7-150300.2.1
kernel-livepatch-5_3_18-59_37-default-6-150300.2.1
kernel-livepatch-5_3_18-59_37-default-debuginfo-6-150300.2.1
kernel-livepatch-5_3_18-59_40-default-6-150300.2.1
kernel-livepatch-SLE15-SP3_Update_0-debugsource-14-150200.3.1
kernel-livepatch-SLE15-SP3_Update_10-debugsource-6-150300.2.1
kernel-livepatch-SLE15-SP3_Update_2-debugsource-12-150300.2.1
kernel-livepatch-SLE15-SP3_Update_3-debugsource-12-150300.2.1
kernel-livepatch-SLE15-SP3_Update_5-debugsource-10-150300.2.1
kernel-livepatch-SLE15-SP3_Update_6-debugsource-8-150300.2.1
kernel-livepatch-SLE15-SP3_Update_7-debugsource-8-150300.2.1
kernel-livepatch-SLE15-SP3_Update_9-debugsource-7-150300.2.1
o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le x86_64):
kernel-livepatch-5_3_18-59_40-default-debuginfo-6-150300.2.1
o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-24_53_4-default-12-150200.2.1
kernel-livepatch-5_3_18-24_53_4-default-debuginfo-12-150200.2.1
kernel-livepatch-5_3_18-24_61-default-14-150200.2.1
kernel-livepatch-5_3_18-24_61-default-debuginfo-14-150200.2.1
kernel-livepatch-5_3_18-24_64-default-14-150200.2.1
kernel-livepatch-5_3_18-24_64-default-debuginfo-14-150200.2.1
kernel-livepatch-5_3_18-24_67-default-12-150200.2.1
kernel-livepatch-5_3_18-24_67-default-debuginfo-12-150200.2.1
kernel-livepatch-5_3_18-24_70-default-12-150200.2.1
kernel-livepatch-5_3_18-24_70-default-debuginfo-12-150200.2.1
kernel-livepatch-5_3_18-24_75-default-11-150200.2.1
kernel-livepatch-5_3_18-24_75-default-debuginfo-11-150200.2.1
kernel-livepatch-5_3_18-24_83-default-8-150200.2.1
kernel-livepatch-5_3_18-24_83-default-debuginfo-8-150200.2.1
kernel-livepatch-5_3_18-24_93-default-7-150200.2.1
kernel-livepatch-5_3_18-24_93-default-debuginfo-7-150200.2.1
kernel-livepatch-5_3_18-24_96-default-6-150200.2.1
kernel-livepatch-5_3_18-24_96-default-debuginfo-6-150200.2.1
kernel-livepatch-5_3_18-24_99-default-5-150200.2.1
kernel-livepatch-5_3_18-24_99-default-debuginfo-5-150200.2.1
kernel-livepatch-SLE15-SP2_Update_12-debugsource-14-150200.2.1
kernel-livepatch-SLE15-SP2_Update_13-debugsource-14-150200.2.1
kernel-livepatch-SLE15-SP2_Update_14-debugsource-12-150200.2.1
kernel-livepatch-SLE15-SP2_Update_15-debugsource-12-150200.2.1
kernel-livepatch-SLE15-SP2_Update_16-debugsource-12-150200.2.1
kernel-livepatch-SLE15-SP2_Update_17-debugsource-11-150200.2.1
kernel-livepatch-SLE15-SP2_Update_19-debugsource-8-150200.2.1
kernel-livepatch-SLE15-SP2_Update_21-debugsource-7-150200.2.1
kernel-livepatch-SLE15-SP2_Update_22-debugsource-6-150200.2.1
kernel-livepatch-SLE15-SP2_Update_23-debugsource-5-150200.2.1
References:
o https://www.suse.com/security/cve/CVE-2021-39698.html
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1196959
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VRONLKJtyKPYoAQgr7g//e10JlxzA/sgAZcGZWv/rkHfXWI117HNN
Wy0X2pcxDtq39B0VzMJyV1GoExakb4YNBvZLZMBvuAFPNr6T6tdKV/CjUFkNz/UA
hGtfcD67CwE9YhKCiTSdAOreBt/9vH5gNJwV3Ba7D/I2WD3rzopftKJ8CVQkHHXg
jlyOJjCDLzpiAXBEbO8I0Juf8gMN1UxXh/39/2L1dxS9QrVzrqWX4qe/cXb49+8v
Ua+nz3e/koli+1YQgFHj8CyOw1XVeboZI5hHHe5sTAi566y813ap9kwpllGZoOlb
MptTHaocaunnKelXMV3ZEKXufSM66HQk+JqZP+goZHJLHlVgHgwgQcTqJSLHygmi
LViKVtYOTcnH7i2jP1AJNhBltKdDihRa1Zputw32xz7fzwOCDzX01sUErHqOYLpQ
1Bhrtl1I0Ciy+O02A1ceNGnblgU6itsIt/Jqgjpri3gDxc/NxojFJuEZF62q79cE
JczXU94zc8OkWDiFfN521Tm2I3+hQnsRt4MzXzquuYwu0yTT+XQLJtiUbmZBcP5g
l2BNcJTY+hEhJTbX+HrzBRlQO3ZlLLWeKRur9NsFR604OAlZoyslJN9gh8NwOXXz
qPdkYIEFu5k83HuYggbTWU4cDeb4lb+f+uZ7xumg8hlg5ltCVjaw5BKkwYb6xquz
iTWkKysX0WU=
=2Qej
-----END PGP SIGNATURE-----
ESB-2022.1660 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1660
Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2021-39698
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221224-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 16 for
SLE 15 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1224-1
Rating: important
References: #1196959 #1197133
Cross-References: CVE-2021-39698 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 5.3.18-150300_59_60 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2021-39698: Fixed a possible memory corruption due to a use after free
in aio_poll_complete_work. This could lead to local escalation of privilege
with no additional execution privileges needed. (bsc#1196956)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1236=1
SUSE-SLE-Module-Live-Patching-15-SP3-2022-1240=1
o SUSE Linux Enterprise Module for Live Patching 15-SP2:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-1224=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1225=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-150300_59_49-default-4-150300.2.1
kernel-livepatch-5_3_18-150300_59_60-default-2-150300.2.1
o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-24_102-default-4-150200.2.1
kernel-livepatch-5_3_18-24_102-default-debuginfo-4-150200.2.1
kernel-livepatch-5_3_18-24_107-default-3-150200.2.1
kernel-livepatch-5_3_18-24_107-default-debuginfo-3-150200.2.1
kernel-livepatch-SLE15-SP2_Update_24-debugsource-4-150200.2.1
o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le x86_64):
kernel-livepatch-SLE15-SP2_Update_25-debugsource-3-150200.2.1
References:
o https://www.suse.com/security/cve/CVE-2021-39698.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1196959
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VL+NLKJtyKPYoAQgF8Q//SEV5sOpGPKzrt+koGrlyZMAnOPS8ETHX
6k0+LB63YocZHjrycW2MFyQPhmDgqyEVb3UPUZ4ZUpRRbjkBgGzKEPdg1AAaM2cv
E1JPihhn6dqSLHNFtJeb3d+RZN8wihWQ+eiL+CsyE4ufRN+bWJq2O2RkVJBnWh6i
5IGjxeFwOb3e3GNLzGIsfRs2Kf+8XVus0V8BFO8ktbgPOKs+zM1WZmE5qKA+kTLq
mJ01R2ce0nj0PSzfMUsxhV9UZEH0FRtjTmr2+MOQag0KERmVO8P/h5XPDuU5giqb
8ALZu64iGs//KtLcf0CjdoODaCap0hTH0SEuTMh/ydz2bt/giiSHuQkDh46sLsze
1O5TMpKwXv69O4cuG1b+rQI7VcrBB89Q/aCIm293aKxrJOYZNcy0nUkohb+arOU1
/GdglPur8UqGVx2jdo0zfWDXp+y9NOd+rmjglvv3BDUZ2V7qjQfvujEJCgTX+fzD
6W3PbWIt9/ZTzKY0+C3Guf9hM03t9lWsfJp2ZpXVmOWetJsnoWwgMdwkgXFTdk54
maClXC2FIR88moeKMFrSLI5gYGPzK/Lgk6Vk8ENY8UIBNgcsqL3+8/QytrdWSfow
GNOX4ALurgx73PsphF7IiToYp+ZvpMD8dWOuHcR28uZVkOeIK8cEZMDJNwKOV3lV
TgfAxZEfSw4=
=p1hQ
-----END PGP SIGNATURE-----
ESB-2022.1659 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1659
Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP2)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942 CVE-2021-39698
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221194-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 18 for
SLE 15 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1194-1
Rating: important
References: #1195951 #1196959 #1197133
Cross-References: CVE-2021-39698 CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for the Linux Kernel 5.3.18-24_78 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2021-39698: Fixed a possible memory corruption due to a use after free
in aio_poll_complete_work. This could lead to local escalation of privilege
with no additional execution privileges needed. (bsc#1196956)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP2:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-1194=1
SUSE-SLE-Module-Live-Patching-15-SP2-2022-1195=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x
x86_64):
kernel-livepatch-5_3_18-24_78-default-10-150200.2.1
kernel-livepatch-5_3_18-24_78-default-debuginfo-10-150200.2.1
kernel-livepatch-5_3_18-24_86-default-8-150200.2.1
kernel-livepatch-5_3_18-24_86-default-debuginfo-8-150200.2.1
kernel-livepatch-SLE15-SP2_Update_18-debugsource-10-150200.2.1
kernel-livepatch-SLE15-SP2_Update_20-debugsource-8-150200.2.1
References:
o https://www.suse.com/security/cve/CVE-2021-39698.html
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1196959
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VHONLKJtyKPYoAQjFeA//dztVGTZY0TxNuzmqTSRp5/gNewNKrozA
f2blrTI8CaMacSw3QPScAqw/9wqPTsPO0z69Vyz2hTkE5xmvyq7N1wydB/8GVrH+
EfuDcP6CD205xCtNR7q5NFU7pvakgUN/EGLFi7U8ojXsTWfJinfCBE+Q8SwR2bdB
VmnEpSAqbsb0VEifsEgeTwJX8CFY46v+laoskXuBZnNKhJgqVcHJn+cR5u98wM1G
s0Dz75fuAMfsECf382DzEtkhrmtPm1Gv3E42CgjGEZLYkSY/o7jJhh3QBG5wAYqH
pY5aV8GMrUsSa0Vz+Aw3KVI0RZrDk2+jVCt3bg8eWA75b6wTPMjwa/PqprWnLSyX
pvnFw+ExrjWOBWcPi2DAVLR33qpcKTNnlP6YHmJQgOG6keDvd+urv21VAC5KkrUI
RSNB1+xYbIZYOt9OkoADkCjTmny4trRTkPGQpaPwVXPHhE0ZodKmiwABzbHo5LTn
PzHeesfMV3bhVERHJjAp+4jl3zesi+9FXrIGOOmeRJ1pjH5xb6SE+qkpnFATQ61z
oA9Hhf3epAVtnZm8a0XHvg59CYsSNbZMAjgE53H6/sgay+8Te2sh3zglQkE5XpDH
eXb2iSyYK1z8vpBR8LLraOZaVEqwj6F1B8ztPcdEwY3QKE1zS9cR6ndQBHn8wLba
wlBUAifneYo=
=o9CD
-----END PGP SIGNATURE-----
ESB-2022.1658 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1658
Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221182-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 23 for
SLE 12 SP4)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1182-1
Rating: important
References: #1197133
Cross-References: CVE-2022-27666
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.12.14-95_83 fixes one issue.
The following security issue was fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Live Patching 12-SP4:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2022-1180=1
SUSE-SLE-Live-Patching-12-SP4-2022-1181=1
SUSE-SLE-Live-Patching-12-SP4-2022-1182=1
Package List:
o SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le s390x x86_64):
kgraft-patch-4_12_14-95_77-default-13-2.1
kgraft-patch-4_12_14-95_80-default-11-2.1
kgraft-patch-4_12_14-95_83-default-6-2.1
References:
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4VCuNLKJtyKPYoAQg5ThAArwkKk8dLcoccQaEOuequQQZoXT9RxVQB
+bZshW026PK4Z562vcGlZ9s+Dakw3RANh60J8FtHKSaf8+3uUZdNoePoZUiG7eFA
MkhEoF7+64KYTUiyMyOoRiBqFnMzodLcb3tEhHR5JNPpsIrhVTO0jySX3ZGnWgBv
EUXCPdf4OBpn8cpa/xWGEtKHcDvnkIyZQozNtJuAwLjsGyx4DDHpkVlcDjfCw0Ch
xo4sayhKeBaLLhL1rI2npwYsihCHOjXWrYSpBLBuyObUgffZiSvD6RUoBpgIZTdp
IeIf6+UttY8g11uObLZMIhdnyKwQOqUDhhqqeV5KD59KSgjufXB3z/bgNSxFGs89
C8j36wXVQQa3f38FXSeq85mVoZ1XT378EjiEwJYCPF+L973REf7WCO9vJCc7fTbB
7jDe04IyyN6lnbhufrvGEQGuVfxFB8/Ip6goCce0tvwxHH+i6gtgJP4cj1PRPMvK
TZbNhsuPAlPtf+zrPwuMzOkrpE7KMjeFk7UbeFx4Kj5b1lujv5HFQI8BGbjRueq6
tOgKfRDz81klE1n4IXGv5e/R8LcQ4dDXBZhkIzeFiR2Q/Xd252TWFC9jjIMjt3QW
XChzylHFAHcLWi1eIOCiKuN2CxedvngHyqeOw0TZ73RVm1+tWEnbQjG9CF7LqeKd
/8GKVTUfSAc=
=N3rg
-----END PGP SIGNATURE-----
ESB-2022.1657 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1657
Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221193-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 24 for
SLE 15 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1193-1
Rating: important
References: #1195951 #1197133
Cross-References: CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.12.14-197_89 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1193=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-livepatch-4_12_14-197_89-default-14-150100.2.1
References:
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4U9+NLKJtyKPYoAQj0zRAAnHxYPXaE/mQSzpSszW8nTL/ivFktBEtP
oKF6ggEPzq2xXRpCxUAmI+Pro5sxNH3imLwkw++LGPRNpltsKCxIE75frYeVLsk1
I66ouyZtXVABYELOKMgc/ypEyQCDiq6G+fH2nsoGTWRSvU6opnug5FEBfacfyek6
6LNRGBjATtCcEDY3alR0GCp6lg53kQQPd0vbmKqgdbyaBCjfc8KAm13bRp0YDmN3
+IP7CAxcb7LRAHybFXwn5yuEM5IAOTG8Ya93+Gxz8tZojDwZLsHHoI6tNqMXaEk9
Ea5LPyuM67jQfeFJA6ZPsqXf3+hEWYCelxEDdQFrrnGtkj3BIKSbtycD7NI05Byy
FnQdkO4qix79R0ysZ3F3aPZ/AOGwp4Ro3pPIn3U1hHFq9UElG7N9cOu6MIvf3WvY
xC8qpg9LnDnaOr6HTKrOLsKvEWLzQkSaGimqua6VmncWfDF/7YK1aAISxN9gI3UI
pG0lkd4cawBCmcBL2rX6OPUJA1pGG3/YOelQ3jre9zmgHn4TNqFPcbe8BJchTuN7
4RzO4VQPnaifBdYiDx7W2UReQmmH625xrqRzt3FG6Sff4b3VTLArAKQcr/bOXe9b
JzGkpG37Wj2g9AyczEwcn6ZzrtddaAZ8Udw2MSPa9uKVaTHnMV1hDJUwqw70WBTJ
rSq+o2lOAs8=
=NsyS
-----END PGP SIGNATURE-----
ESB-2022.1656 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1656
Security update for the Linux Kernel (Live Patch 25 for SLE 15)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221248-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 25 for
SLE 15)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1248-1
Rating: important
References: #1197133
Cross-References: CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Live Patching 12-SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.12.14-150_75 fixes one issue.
The following security issue was fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-1248=1
o SUSE Linux Enterprise Live Patching 12-SP4:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2022-1249=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):
kernel-livepatch-4_12_14-150_75-default-11-150000.2.1
kernel-livepatch-4_12_14-150_75-default-debuginfo-11-150000.2.1
o SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le s390x x86_64):
kgraft-patch-4_12_14-95_88-default-3-2.1
References:
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4U4ONLKJtyKPYoAQi44xAAoDCs4TU3OsNxMHPk0HH99fRFPG8Fyixp
fRWsi5k6onoFJ/ECQwiRaiNN7cddKZf3zoWIckc5FWcVg3Scrm/NqPrbbXNGleQ5
mOXJ+ZwtHx1s54JrAXMoDFEpJlNZor9BCtoC4QRjsw/FX1Zw3sLQ8qKBT07knY5K
zAUZcqluLocDw5kvCHszcgZg6dJPShRTKsv3iajZYAHtvr2J//P1h2v6bS8lL1za
zNYAyYhULSwTHAoZUxK9RDd8+Wm1+pVrICle2cYgtoUyshIDjpjQY6ae6FEISk9v
7EDkmLMydBBkzN5tepOnWCtPSt/xggtQDlSN0EI+TAS+Vete3Nv+/uIaZK4RREZ8
fZiVYZasyfEOYAYMVGC59zmOa2n7ba0jahKL5xN4OMFe7hjxyUL9nPI7Mxs+yHY7
UJ0cSS70V0ZCo6e+R1zScMIqoOsWcjm2LOe+aQgXU8Vz4L2tm2iOkFJ/y3Od5npB
5usd+iS0n4NGb8fX6bdYRvi669bTdsbdDBtKiDBd5adUwkF0iWWUcDOjiTjwmGNn
oA6oRzWFfN/NGDGiczs88Ut3RWdz6mPR8aNq4EQEBtHhBt2iLpBpco49fJp/MyHK
T9fFq6fisLUpSzCa2EZQvTI5/voW6Pyay/Od2klXlC1mr22DHQoxdmA2XTRbSuCP
KQFVrPQz7ZA=
=8BWF
-----END PGP SIGNATURE-----
ESB-2022.1655 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1655
Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221242-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for
SLE 12 SP5)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1242-1
Rating: important
References: #1195951 #1197133
Cross-References: CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP5
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.12.14-122_103 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-1242=1
SUSE-SLE-Live-Patching-12-SP5-2022-1243=1
SUSE-SLE-Live-Patching-12-SP5-2022-1244=1
SUSE-SLE-Live-Patching-12-SP5-2022-1245=1
Package List:
o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kgraft-patch-4_12_14-122_103-default-6-2.1
kgraft-patch-4_12_14-122_71-default-14-2.1
kgraft-patch-4_12_14-122_74-default-12-2.1
kgraft-patch-4_12_14-122_77-default-12-2.1
References:
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4UzeNLKJtyKPYoAQiLUw/7BRCdUDLyEyq/EhhG/bTemDXWCoyAIocd
G0WD5HndvMvzkRrSX7pA8MxCi8tcsRUQV9t5E8/7nMeSmLwXfHVozXJB84vnnmBG
lTqKCBNUQaSm9FxqnTwS+tQBOCM3pG68GL5MqaNR3z+YTZbVuNc/u0s7dD0jtRmz
dHLCc8jj34zwsbXYTHOso8SF92CCTrPy6Dpb48s3Zgieh6aOrEvWg2rM8XJfZRZB
ywepgZILMw2UvPEl1yOW8a7Ywsvrhoo/n/aRtyeKa6yArOHL6sjUTKC9Y9KYzv2A
xiUefcsMALa2TupmQLupR1rSCkV8q3o9DBoJCRBkc9kEgBgH8iUrLbP4dpx7f/UA
OZ7zn5XuKoytLRAxqaEJ2QyxRUwQkch8xlklzEePTwMsf1jP3TFCUUPs17yVEqnX
p0MGMCqfHIZUspUTMhQk/YT73lzRmHBt8CWRntCrcQMN0qGOpyW24G1lv1n6p+Zk
FbS4FBMe//zix6GjPdWWjxjgVhRI07qPE+1XvbcwGU5+Ax+Jn4E25JM4u/zrSlra
8/XbsLwJe0c7YFfwcm8Xfk3/EZ/NLDKZonrWFaGloh3eh7C9UPTaOzuy1v5Hu0DV
XyAbOTufzf7HER9mUmNyE8nlU3pt55dIAIkbUmlJmpaAgwKxmpe2UAeAcywSFUcP
6ffh6k7sCDg=
=Csdx
-----END PGP SIGNATURE-----
ESB-2022.1654 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1654
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221212-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for
SLE 15 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1212-1
Rating: important
References: #1195951 #1197133
Cross-References: CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.12.14-197_99 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1211=1
SUSE-SLE-Module-Live-Patching-15-SP1-2022-1212=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-livepatch-4_12_14-197_92-default-13-150100.2.1
kernel-livepatch-4_12_14-197_99-default-11-150100.2.1
References:
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4Ur+NLKJtyKPYoAQhiZQ/+Jlw3tTEM4cwWcxesSHO2zM1oUpurXSeb
uYoyVeCMNfl+pG2KJJdz1BL6xDgSdEYxGICNDyEDh3ZyqYz/conAua+6KqIgGoWL
NsTeZisqzZ4HtRR94my3B9wudI5w8T8dAlu15BRx5NmCZWHzfn7UGpuXBwwAjAMk
7scZkWZX+HeyVSGA2+C/tqQwZJsG8dhgIy9ydQo5pu9Y3flQG4n4d3Pxo9C0//fN
xzWoRx+dhKMLy9TKNSzWoYSoxa9yXWhX134yA3ZZTha8CyW1ULgVydo+15HASUgv
ipbQJBs/8IgUYSvAq4Js6NvUZ0Q8qiiIDo/QHv7un5qM0o3C16qo6HFWR3fpWz+H
8QJg6VJjpyzYA3jiR8EYPnEIp8RzV4fFwn1GlamdQVbMv0LykaSv27/XCd+GWVBS
NCJdbpKopm0ZDmnJ/1OABOSUXsFkTVj4VQ5rrzRM3uSLkm1oyek3H0rEW/588Xd3
w5c9aDhWD0G84UW/bj268c74W+O/K7HVZT0MrUdOhps3RU+lg2vTdWbyQAI3/7mE
vcgs5uTavkO5Y42Upkg+GBmdqPSgqZWqtNGNfynLRuvP7poh+In2ldiAJNu7w/dI
bDG7HakgbAJ8sNU4rLRLcAW/59uVE0+jEgUNFQqJS75fV8TWzrCP/D29yElI9Lyx
cF/2C2aGo3o=
=YfIL
-----END PGP SIGNATURE-----
ESB-2022.1653 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1653
Security update for the Linux Kernel (Live Patch 26 for SLE 15)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221230-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for
SLE 15)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1230-1
Rating: important
References: #1197133
Cross-References: CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.12.14-150_78 fixes one issue.
The following security issue was fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-1230=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):
kernel-livepatch-4_12_14-150_78-default-6-150000.2.1
kernel-livepatch-4_12_14-150_78-default-debuginfo-6-150000.2.1
References:
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4Um+NLKJtyKPYoAQh0jA//eM2kRz8mGAn4MF9Noockm4IbXmqvmm0l
J/6TwG2hF4jiuvmyLDBM7xckrzbdm6LIAd4tHyYBux8HOnTmurnrROuc/u0lQ84F
cO41n2NTLdU8XdQtQxFOm1o1kWKov6U1PadjIlwf1m14WjJyGrny+xMLd3xbL/qx
0WDZkIHaL7Vdkey9cyRZQxZlSNXrh1FvFYkSnG1dQdQ8FU8weSeje/cMPz7OpWcJ
dSv16P2/wM9pdxxrNMihvhWOL/jkZg2UfR+h0sxr3g1kOvfPCoOim8ymuXwtcfei
A0pOkSfwaFTcyW9hdhTwYs9MFSYWds75TWnqfPCFP0mq4+32uZJ12cvC+hJO5cB9
dCDubFfD4AHNLoAvCsXhq9cN/sp18KWh6z7J1defA7oZq4rMur6/lsHIRGUcZikY
R60BJ8kbZZRZZg/hh+f1no3ktTMRofTYlBCm6IMXZ3V7DIDVMvkGHRiXPRjjEyE6
UZleFXrubXuMRdtjjMUokv15V6NvR6e/Pb/Pdy0eI/wJdZjn2mUwPY0B948syDN9
Qm8uQmM7Ru9AyiHEMC0boBRrZTct5gBFkFU1ZopcSCgRAqOqhJgoo4rlRcPA7gkj
aYzdtMyKWx/t38exj/20S5/zdmHvq28wKsxo8oNjbCjSkr4bBXpjJ5bGdaKptkId
CtHYZPTQWQo=
=BDLu
-----END PGP SIGNATURE-----
ESB-2022.1652 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1652
Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666 CVE-2022-22942
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221189-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for
SLE 12 SP5)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1189-1
Rating: important
References: #1195951 #1197133
Cross-References: CVE-2022-22942 CVE-2022-27666
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP5
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.12.14-122_106 fixes several issues.
The following security issues were fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
o CVE-2022-22942: Fixed stale file descriptors on failed usercopy. (bsc#
1195065)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-1185=1
SUSE-SLE-Live-Patching-12-SP5-2022-1186=1
SUSE-SLE-Live-Patching-12-SP5-2022-1187=1
SUSE-SLE-Live-Patching-12-SP5-2022-1188=1
SUSE-SLE-Live-Patching-12-SP5-2022-1189=1
SUSE-SLE-Live-Patching-12-SP5-2022-1191=1
Package List:
o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kgraft-patch-4_12_14-122_106-default-4-2.1
kgraft-patch-4_12_14-122_66-default-15-2.1
kgraft-patch-4_12_14-122_80-default-11-2.1
kgraft-patch-4_12_14-122_83-default-10-2.1
kgraft-patch-4_12_14-122_91-default-8-2.1
kgraft-patch-4_12_14-122_98-default-6-2.1
References:
o https://www.suse.com/security/cve/CVE-2022-22942.html
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1195951
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4UhuNLKJtyKPYoAQgdgQ/+KZzqtCRGvR5r1DW1P4qqH3aIX48sYOf5
b+IvDTNr9XX/HyxIblrfMvs8m/APRrWDh9eeGsTWFJOd+FSns5G4esdi/AHkkZxn
cfg1KNvDXpDGRYWrhHtm24ro1HaBmpNSY2M4c1SpZ80aGyHOisoAWzzpbHJtIjRv
ITmqN4Re930ZIH5Rr8mPC4e3gnDN8a7vnhI7m70AvimYWdnpPmQFGnLmHW+YiRcv
Tgmyp3bMc5fu/gVkf6zh8Jp/5puPk+bMtEoHtwxfVsT59BarzCBhGrPz14Ftauz8
cj6YQ67qdP1wfee/7/CuSSLLOuF8yTC8FaVJkfSQFL9ZGZiC/9R28wgSS+p4/Lvg
4AjQhIhow+MO4qeTWBjRd+u55u5THol/hUYPdLSPgSx/2OhN1GMeyYEWQDOzye68
LdsM7oKw5oRG0PGhYTxCRehUveBZgxVb6V2IwyqSZeb+QJwTMWJG0NMVoAeV+2rC
Grtq/uLgj39BDkJAVtOCOLBlBkmpc6bf61Fkr16XDFeICL77CUD6yH6uNgIguevk
j871Gmed7ZOQ7b8/qSGOSYO3i+35jyhOHBuJnG9W7ImS/wA+e/TYu9sb3b67uqFA
f5d7QArgIPq8PlHYqYlbKugr07+QqnJSin8QESYY7JOvO+bbyCAV1CB/IZe7R/Yi
OJmlj6N+0JY=
=tzgm
-----END PGP SIGNATURE-----
ESB-2022.1651 - [SUSE] kernel: CVSS (Max): 7.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.1651
Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5)
19 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-27666
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20221215-1
Comment: CVSS (Max): 7.7 CVE-2022-27666 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel (Live Patch 28 for
SLE 12 SP5)
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1215-1
Rating: important
References: #1197133
Cross-References: CVE-2022-27666
Affected Products:
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Live Patching 12-SP5
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.12.14-122_110 fixes one issue.
The following security issue was fixed:
o CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal user
privilege to overwrite kernel heap objects and may cause a local privilege
escalation. (bnc#1197462)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Live Patching 15:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-1199=1
SUSE-SLE-Module-Live-Patching-15-2022-1215=1
o SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-1210=1
Package List:
o SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):
kernel-livepatch-4_12_14-150_72-default-14-150000.2.1
kernel-livepatch-4_12_14-150_72-default-debuginfo-14-150000.2.1
kernel-livepatch-4_12_14-150_86-default-2-150000.2.1
kernel-livepatch-4_12_14-150_86-default-debuginfo-2-150000.2.1
o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kgraft-patch-4_12_14-122_110-default-3-2.1
References:
o https://www.suse.com/security/cve/CVE-2022-27666.html
o https://bugzilla.suse.com/1197133
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYl4UbuNLKJtyKPYoAQjT1Q/5AZoi2+/G5tpK8tYfr0LpjsA+VWdBrLQL
kGR6gu930jzHe+akGtFv275PPWH4rKPPN0vHOv9cQwTnz8S3ZAKmrpOQzKeN62qI
nleH9/34hVP9U0QDm2stBD8ejj6//DQS60gTxfttEcieFODxZhundpPs06R/CtEE
Cy7xEn1yn9mrgKJadZzi+92zxnGKF2JPRl9JN7xeGnZl0IB259GJFI4AIZ2mMnLe
uVhDwdgS840KkrcfA5LGqSteedULauD/zQW3lsXBbkhQoDMWBOoEFAUARl7FH0Mj
8TKhIvw3cvQq01XxEsLJx11ROsztFPiZ+iyd0l41X8CDCZXHsHs7zkGlol5Fx/Ue
zzquzsWitZC4ChcjNVc9m5QY7iBEC/AukUaVSAq3fjKlb9h5Tf7WXfjZb+Osq8iJ
ogZodFXlw5m2mADl+KHqGFy9qhfDjIGYTvDZauhRi8pT7+tDKBS16kSb+lwGtkB9
strwk4E4pcmb8tr3yYxDyRG4zzUi3zvJLD8BUz08MgBPjxBZWKPJH/kj60XCCNz+
B9aheJYI2OBDB+OIjAAlhHYTlFDZ9dG3aZS3TxO4whnP9TgJsuRtbA7R6kmxvho3
zP+s7VbwsRXOcHu1kVXIlOu6lhlnke44/Wh+SXcY0Iz/I/3ueSn5UWQqohmDz7L+
EVcj9E/QYpM=
=66Ce
-----END PGP SIGNATURE-----