openSUSE: 2022:0198-1 Critical: Kernel Local Privilege Escalation
opensuse
January 26, 2022
An update that solves 10 vulnerabilities and has 33 fixes is now available
Description
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-0185: Incorrect param length parsing in legacy_parse_param
which could have led to a local privilege escalation (bsc#1194517).
- CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk
(bsc#1194985).
- CVE-2021-4197: Fixed a cgroup issue where lower privileged processes
could write to fds of lower privileged ones that could lead to privilege
escalation (bsc#1194302).
- CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the
Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and general protection fault) because of the missing
initialization for nft_set_elem_expr_alloc. A local user can set a
netfilter table expression in their own namespace (bnc#1194518).
- CVE-2021-4135: Fixed an information leak in the...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-198=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-198=1
Package List
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.43.1
dtb-zte-5.3.18-150300.59.43.1
- openSUSE Leap 15.4 (x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.43.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.43.1
dlm-kmp-preempt-5.3.18-150300.59.43.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.43.1
gfs2-kmp-preempt-5.3.18-150300.59.43.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.43.1
kernel-preempt-5.3.18-150300.59.43.1
kernel-preempt-debuginfo-5.3.18-150300.59.43.1
kernel-preempt-debugsource-5.3.18-150300.59.43.1
kernel-preempt-devel-5.3.18-150300.59.43.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.43.1
kernel-preempt-extra-5.3.18-150300.59.43.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.43.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.43.1
kernel-preempt-optional-5.3.18-150300.59.43.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.43.1
kselftests-kmp-preempt-5.3.18-150300.59.43.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.43.1
ocfs2-kmp-preempt-5.3.18-150300.59.43.1
ocfs2-k...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2021-4083.html
https://www.suse.com/security/cve/CVE-2021-4135.html
https://www.suse.com/security/cve/CVE-2021-4149.html
https://www.suse.com/security/cve/CVE-2021-4197.html
https://www.suse.com/security/cve/CVE-2021-4202.html
https://www.suse.com/security/cve/CVE-2021-45485.html
https://www.suse.com/security/cve/CVE-2021-45486.html
https://www.suse.com/security/cve/CVE-2021-46283.html
https://www.suse.com/security/cve/CVE-2022-0185.html
https://www.suse.com/security/cve/CVE-2022-0322.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1154492
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1167773
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1177437
https://bugzilla.suse.com/1190256
https://bugzilla.suse.com/1191271
https://bugzilla.suse.com/1191929
https://bugzilla.suse.com/1192931
https://bugzilla.suse.com/1193255
https://bugzill...
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2022:0198-1
Rating: important
Affected Products:
openSUSE Leap 15.4
openSUSE Leap 15.3
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!