openSUSE 15.3, 15.4 Important: Linux Kernel Security Update (DoS)
opensuse
March 30, 2022
An update that solves 22 vulnerabilities and has 22 fixes is now available
Description
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-25636: Fixed an issue which allowed a local users to gain
privileges because of a heap out-of-bounds write in nf_dup_netdev.c,
related to nf_tables_offload (bsc#1196299).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
attacker with adjacent NFC access could trigger crash the system or
corrupt system memory (bsc#1196830).
- CVE-2022-0487: A use-after-free vulnerability was found in
rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
(bsc#1194516).
- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY
flag, and tries to open a regular file, nfs_atomic_open() performs a
regular lookup. If a regular file is found, ENOTDIR should have occured,
but the server instead returned uninitialized data in the file
descriptor...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1039=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1039=1
Package List
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.60.4
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.60.4
dlm-kmp-preempt-5.3.18-150300.59.60.4
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.60.4
gfs2-kmp-preempt-5.3.18-150300.59.60.4
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.60.4
kernel-preempt-5.3.18-150300.59.60.4
kernel-preempt-debuginfo-5.3.18-150300.59.60.4
kernel-preempt-debugsource-5.3.18-150300.59.60.4
kernel-preempt-devel-5.3.18-150300.59.60.4
kernel-preempt-devel-debuginfo-5.3.18-150300.59.60.4
kernel-preempt-extra-5.3.18-150300.59.60.4
kernel-preempt-extra-debuginfo-5.3.18-150300.59.60.4
kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4
kernel-preempt-optional-5.3.18-150300.59.60.4
kernel-preempt-optional-debuginfo-5.3.18-150300.59.60.4
kselftests-kmp-preempt-5.3.18-150300.59.60.4
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.60.4
ocfs2-kmp-preempt-5.3.18-150300.59.60.4
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.60.4
reiserfs-kmp-preempt-5.3.18-150300.59....
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2021-0920.html
https://www.suse.com/security/cve/CVE-2021-39657.html
https://www.suse.com/security/cve/CVE-2021-39698.html
https://www.suse.com/security/cve/CVE-2021-44879.html
https://www.suse.com/security/cve/CVE-2021-45402.html
https://www.suse.com/security/cve/CVE-2022-0487.html
https://www.suse.com/security/cve/CVE-2022-0617.html
https://www.suse.com/security/cve/CVE-2022-0644.html
https://www.suse.com/security/cve/CVE-2022-23036.html
https://www.suse.com/security/cve/CVE-2022-23037.html
https://www.suse.com/security/cve/CVE-2022-23038.html
https://www.suse.com/security/cve/CVE-2022-23039.html
https://www.suse.com/security/cve/CVE-2022-23040.html
https://www.suse.com/security/cve/CVE-2022-23041.html
https://www.suse.com/security/cve/CVE-2022-23042.html
https://www.suse.com/security/cve/CVE-2022-24448.html
https://www.suse.com/security/cve/CVE-2022-24958.html
https://www.suse.com/security/cve/CVE-2022-24959.html
https://www.suse.com/security/cve/CVE-2022-25258.h...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2022:1039-1
Rating: important
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
ble.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!