SUSE: SUSE-SU-2022:0372-1 Critical Note: Kernel Update Threat

suse

February 11, 2022

An update that solves 13 vulnerabilities and has 28 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system (bnc#1186207). - CVE-2020-28097: Fixed out-of-bounds read in vgacon subsystem that mishandled software scrollback (bnc#1187723). - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race

Topics Covered

security advisory kernel update memory corruption critical fix system integrity SUSE Linux remote overflow

References

#1065729 #1071995 #1082555 #1163405 #1177599

#1183405 #1184209 #1186207 #1186222 #1187428

#1187723 #1188605 #1190973 #1192729 #1193096

#1193234 #1193235 #1193242 #1193507 #1193660

#1193727 #1193767 #1193861 #1193864 #1193927

#1194027 #1194227 #1194302 #1194410 #1194493

#1194516 #1194529 #1194814 #1194880 #1194888

#1194965 #1194985 #1195065 #1195073 #1195254

#1195272

Cross- CVE-2020-28097 CVE-2021-3564 CVE-2021-39648

CVE-2021-39657 CVE-2021-4083 CVE-2021-4135

CVE-2021-4197 CVE-2021-4202 CVE-2021-44733

CVE-2022-0322 CVE-2022-0330 CVE-2022-0435

CVE-2022-22942

CVSS scores:

CVE-2020-28097 (NVD) : 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2020-28097 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I...

Read the Full Advisory

Severity

critical

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:0372-1

Rating: critical

Topics Covered

security advisory kernel update memory corruption critical fix system integrity SUSE Linux remote overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: SUSE-SU-2022:0372-1 Critical Note: Kernel Update Threat

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: SUSE-SU-2022:0372-1 Critical Note: Kernel Update Threat

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!