SUSE: 2023:0457-2 Urgent: Linux Kernel Vulnerability Patch
suse
February 10, 2022
An update that solves 14 vulnerabilities and has 29 fixes is now available
Summary
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system (bnc#1186207). - CVE-2020-28097: Fixed out-of-bounds read in vgacon subsystem that mishandled software scrollback (bnc#1187723). - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race
Topics Covered
References
#1065729 #1071995 #1082555 #1163405 #1177599
#1183405 #1184209 #1186207 #1186222 #1187428
#1187723 #1188605 #1190973 #1192729 #1193096
#1193234 #1193235 #1193242 #1193507 #1193660
#1193669 #1193727 #1193767 #1193861 #1193864
#1193927 #1194001 #1194027 #1194227 #1194302
#1194410 #1194493 #1194516 #1194529 #1194814
#1194880 #1194888 #1194965 #1194985 #1195065
#1195073 #1195254 #1195272
Cross- CVE-2020-28097 CVE-2021-3564 CVE-2021-39648
CVE-2021-39657 CVE-2021-4083 CVE-2021-4135
CVE-2021-4149 CVE-2021-4197 CVE-2021-4202
CVE-2021-44733 CVE-2022-0322 CVE-2022-0330
CVE-2022-0435 CVE-2022-22942
CVSS scores:
CVE-2020-28097 (NVD) : 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2020-28097 (SUSE): 6.2 CVSS:3...
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2022:0364-1
Rating: critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!