SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:0477-1
Rating:             important
References:         #1012382 #1179960 #1183696 #1186207 #1192032 
                    #1192847 #1192877 #1192946 #1193157 #1193440 
                    #1193442 #1193575 #1193669 #1193727 #1193861 
                    #1193864 #1193867 #1194001 #1194087 #1194094 
                    #1194272 #1194302 #1194516 #1194529 #1194880 
                    
Cross-References:   CVE-2018-25020 CVE-2019-0136 CVE-2020-35519
                    CVE-2021-0935 CVE-2021-28711 CVE-2021-28712
                    CVE-2021-28713 CVE-2021-28715 CVE-2021-33098
                    CVE-2021-3564 CVE-2021-39648 CVE-2021-39657
                    CVE-2021-4002 CVE-2021-4083 CVE-2021-4149
                    CVE-2021-4155 CVE-2021-4197 CVE-2021-4202
                    CVE-2021-43976 CVE-2021-45095 CVE-2021-45485
                    CVE-2021-45486 CVE-2022-0330
CVSS scores:
                    CVE-2018-25020 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2019-0136 (NVD) : 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2019-0136 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2020-35519 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-0935 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28711 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28711 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28712 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28712 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28713 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28713 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28715 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28715 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-33098 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-33098 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3564 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3564 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-39648 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-39657 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2021-4002 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
                    CVE-2021-4083 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-4149 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-4197 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
                    CVE-2021-4202 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-43976 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-45485 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45485 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-45486 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-45486 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-0330 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Linux Enterprise Server 12-SP2-BCL
______________________________________________________________________________

   An update that solves 23 vulnerabilities and has two fixes
   is now available.

Description:


   The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a
     mishandling of a long jump over an instruction sequence where inner
     instructions require substantial expansions into multiple BPF
     instructions. This affects kernel/bpf/core.c and net/core/filter.c
     (bnc#1193575).
   - CVE-2019-0136: Fixed insufficient access control in the Intel(R)
     PROSet/Wireless WiFi Software driver that may have allowed an
     unauthenticated user to potentially enable denial of service via
     adjacent access (bnc#1193157).
   - CVE-2020-35519: Fixed out-of-bounds memory access in x25_bind in
     net/x25/af_x25.c. A bounds check failure allowed a local attacker with a
     user account on the system to gain access to out-of-bounds memory,
     leading to a system crash or a leak of internal kernel information
     (bnc#1183696).
   - CVE-2021-0935: Fixed possible out of bounds write in ip6_xmit of
     ip6_output.c due to a use after free. This could lead to local
     escalation of privilege with System execution privileges needed. User
     interaction is not needed for exploitation (bnc#1192032).
   - CVE-2021-28711: Fixed issue with xen/blkfront to harden blkfront against
     event channel storms (XSA-391) (bsc#1193440).
   - CVE-2021-28712: Fixed issue with xen/netfront to harden netfront against
     event channel storms (XSA-391) (bsc#1193440).
   - CVE-2021-28713: Fixed issue with xen/console to harden hvc_xen against
     event channel storms (XSA-391) (bsc#1193440).
   - CVE-2021-28715: Fixed issue with xen/netback to do not queue unlimited
     number of packages (XSA-392) (bsc#1193442).
   - CVE-2021-33098: Fixed improper input validation in the Intel(R) Ethernet
     ixgbe driver that may have allowed an authenticated user to potentially
     cause denial of service via local access (bnc#1192877).
   - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel
     HCI device initialization subsystem that could have been used by
     attaching malicious HCI TTY Bluetooth devices. A local user could use
     this flaw to crash the system (bnc#1186207).
   - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a
     race condition in gadget_dev_desc_UDC_show of configfs.c. This could
     lead to local information disclosure with System execution privileges
     needed. User interaction is not needed for exploitation (bnc#1193861).
   - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check
     in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local
     information disclosure with System execution privileges needed
     (bnc#1193864).
   - CVE-2021-4002: Fixed incorrect TLBs flush in hugetlbfs after
     huge_pmd_unshare (bsc#1192946).
   - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage
     collection for Unix domain socket file handlers when users call close()
     and fget() simultaneouslyand can potentially trigger a race condition
     (bnc#1193727).
   - CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after
     error (bsc#1194001).
   - CVE-2021-4155: Fixed XFS map issue when unwritten blocks in
     XFS_IOC_{ALLOC,FREE}SP just like fallocate (bsc#1194272).
   - CVE-2021-4197: Use cgroup open-time credentials for process migraton
     perm checks (bsc#1194302).
   - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag
     (bsc#1194529).
   - CVE-2021-43976: Fixed insufficient access control in
     drivers/net/wireless/marvell/mwifiex/usb.c that allowed an attacker who
     connect a crafted USB device to cause denial of service (bnc#1192847).
   - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in
     net/phonet/pep.c (bnc#1193867).
   - CVE-2021-45485: Fixed information leak in the IPv6 implementation in
     net/ipv6/output_core.c (bnc#1194094).
   - CVE-2021-45486: Fixed information leak inside the IPv4 implementation
     caused by very small hash table (bnc#1194087).
   - CVE-2022-0330: Fixed flush TLBs before releasing backing store
     (bsc#1194880).


   The following non-security bugs were fixed:

   - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
   - memstick: rtsx_usb_ms: fix UAF
   - moxart: fix potential use-after-free on remove path (bsc1194516).
   - net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
   - ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960).
   - tty: hvc: replace BUG_ON() with negative return value (git-fixes).
   - xen-netfront: do not assume sk_buff_head list is empty in error handling
     (git-fixes).
   - xen-netfront: do not use ~0U as error return value for
     xennet_fill_frags() (git-fixes).
   - xen/blkfront: do not take local copy of a request from the ring page
     (git-fixes).
   - xen/blkfront: do not trust the backend response data blindly (git-fixes).
   - xen/blkfront: read response from backend only once (git-fixes).
   - xen/netfront: disentangle tx_skb_freelist (git-fixes).
   - xen/netfront: do not bug in case of too many frags (bnc#1012382).
   - xen/netfront: do not cache skb_shinfo() (bnc#1012382).
   - xen/netfront: do not read data from request on the ring page (git-fixes).
   - xen/netfront: do not trust the backend response data blindly (git-fixes).
   - xen/netfront: read response from backend only once (git-fixes).
   - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-SP2-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-477=1



Package List:

   - SUSE Linux Enterprise Server 12-SP2-BCL (noarch):

      kernel-devel-4.4.121-92.164.1
      kernel-macros-4.4.121-92.164.1
      kernel-source-4.4.121-92.164.1

   - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):

      kernel-default-4.4.121-92.164.1
      kernel-default-base-4.4.121-92.164.1
      kernel-default-base-debuginfo-4.4.121-92.164.1
      kernel-default-debuginfo-4.4.121-92.164.1
      kernel-default-debugsource-4.4.121-92.164.1
      kernel-default-devel-4.4.121-92.164.1
      kernel-syms-4.4.121-92.164.1


References:

   https://www.suse.com/security/cve/CVE-2018-25020.html
   https://www.suse.com/security/cve/CVE-2019-0136.html
   https://www.suse.com/security/cve/CVE-2020-35519.html
   https://www.suse.com/security/cve/CVE-2021-0935.html
   https://www.suse.com/security/cve/CVE-2021-28711.html
   https://www.suse.com/security/cve/CVE-2021-28712.html
   https://www.suse.com/security/cve/CVE-2021-28713.html
   https://www.suse.com/security/cve/CVE-2021-28715.html
   https://www.suse.com/security/cve/CVE-2021-33098.html
   https://www.suse.com/security/cve/CVE-2021-3564.html
   https://www.suse.com/security/cve/CVE-2021-39648.html
   https://www.suse.com/security/cve/CVE-2021-39657.html
   https://www.suse.com/security/cve/CVE-2021-4002.html
   https://www.suse.com/security/cve/CVE-2021-4083.html
   https://www.suse.com/security/cve/CVE-2021-4149.html
   https://www.suse.com/security/cve/CVE-2021-4155.html
   https://www.suse.com/security/cve/CVE-2021-4197.html
   https://www.suse.com/security/cve/CVE-2021-4202.html
   https://www.suse.com/security/cve/CVE-2021-43976.html
   https://www.suse.com/security/cve/CVE-2021-45095.html
   https://www.suse.com/security/cve/CVE-2021-45485.html
   https://www.suse.com/security/cve/CVE-2021-45486.html
   https://www.suse.com/security/cve/CVE-2022-0330.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1179960
   https://bugzilla.suse.com/1183696
   https://bugzilla.suse.com/1186207
   https://bugzilla.suse.com/1192032
   https://bugzilla.suse.com/1192847
   https://bugzilla.suse.com/1192877
   https://bugzilla.suse.com/1192946
   https://bugzilla.suse.com/1193157
   https://bugzilla.suse.com/1193440
   https://bugzilla.suse.com/1193442
   https://bugzilla.suse.com/1193575
   https://bugzilla.suse.com/1193669
   https://bugzilla.suse.com/1193727
   https://bugzilla.suse.com/1193861
   https://bugzilla.suse.com/1193864
   https://bugzilla.suse.com/1193867
   https://bugzilla.suse.com/1194001
   https://bugzilla.suse.com/1194087
   https://bugzilla.suse.com/1194094
   https://bugzilla.suse.com/1194272
   https://bugzilla.suse.com/1194302
   https://bugzilla.suse.com/1194516
   https://bugzilla.suse.com/1194529
   https://bugzilla.suse.com/1194880

SUSE: 2022:0477-1 important: the Linux Kernel

February 17, 2022
An update that solves 23 vulnerabilities and has two fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. This affects kernel/bpf/core.c and net/core/filter.c (bnc#1193575). - CVE-2019-0136: Fixed insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver that may have allowed an unauthenticated user to potentially enable denial of service via adjacent access (bnc#1193157). - CVE-2020-35519: Fixed out-of-bounds memory access in x25_bind in net/x25/af_x25.c. A bounds check failure allowed a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information (bnc#1183696). - CVE-2021-0935: Fixed possible out of bounds write in ip6_xmit of ip6_output.c due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1192032). - CVE-2021-28711: Fixed issue with xen/blkfront to harden blkfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28712: Fixed issue with xen/netfront to harden netfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28713: Fixed issue with xen/console to harden hvc_xen against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28715: Fixed issue with xen/netback to do not queue unlimited number of packages (XSA-392) (bsc#1193442). - CVE-2021-33098: Fixed improper input validation in the Intel(R) Ethernet ixgbe driver that may have allowed an authenticated user to potentially cause denial of service via local access (bnc#1192877). - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system (bnc#1186207). - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861). - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864). - CVE-2021-4002: Fixed incorrect TLBs flush in hugetlbfs after huge_pmd_unshare (bsc#1192946). - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers when users call close() and fget() simultaneouslyand can potentially trigger a race condition (bnc#1193727). - CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after error (bsc#1194001). - CVE-2021-4155: Fixed XFS map issue when unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (bsc#1194272). - CVE-2021-4197: Use cgroup open-time credentials for process migraton perm checks (bsc#1194302). - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag (bsc#1194529). - CVE-2021-43976: Fixed insufficient access control in drivers/net/wireless/marvell/mwifiex/usb.c that allowed an attacker who connect a crafted USB device to cause denial of service (bnc#1192847). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867). - CVE-2021-45485: Fixed information leak in the IPv6 implementation in net/ipv6/output_core.c (bnc#1194094). - CVE-2021-45486: Fixed information leak inside the IPv4 implementation caused by very small hash table (bnc#1194087). - CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880). The following non-security bugs were fixed: - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - memstick: rtsx_usb_ms: fix UAF - moxart: fix potential use-after-free on remove path (bsc1194516). - net/x25: fix a race in x25_bind() (networking-stable-19_03_15). - ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960). - tty: hvc: replace BUG_ON() with negative return value (git-fixes). - xen-netfront: do not assume sk_buff_head list is empty in error handling (git-fixes). - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() (git-fixes). - xen/blkfront: do not take local copy of a request from the ring page (git-fixes). - xen/blkfront: do not trust the backend response data blindly (git-fixes). - xen/blkfront: read response from backend only once (git-fixes). - xen/netfront: disentangle tx_skb_freelist (git-fixes). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen/netfront: do not cache skb_shinfo() (bnc#1012382). - xen/netfront: do not read data from request on the ring page (git-fixes). - xen/netfront: do not trust the backend response data blindly (git-fixes). - xen/netfront: read response from backend only once (git-fixes). - xen: sync include/xen/interface/io/ring.h with Xen's newest version (git-fixes).

References

#1012382 #1179960 #1183696 #1186207 #1192032

#1192847 #1192877 #1192946 #1193157 #1193440

#1193442 #1193575 #1193669 #1193727 #1193861

#1193864 #1193867 #1194001 #1194087 #1194094

#1194272 #1194302 #1194516 #1194529 #1194880

Cross- CVE-2018-25020 CVE-2019-0136 CVE-2020-35519

CVE-2021-0935 CVE-2021-28711 CVE-2021-28712

CVE-2021-28713 CVE-2021-28715 CVE-2021-33098

CVE-2021-3564 CVE-2021-39648 CVE-2021-39657

CVE-2021-4002 CVE-2021-4083 CVE-2021-4149

CVE-2021-4155 CVE-2021-4197 CVE-2021-4202

CVE-2021-43976 CVE-2021-45095 CVE-2021-45485

CVE-2021-45486 CVE-2022-0330

CVSS scores:

CVE-2018-25020 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2019-0136 (NVD) : 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2019-0136 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2020-35519 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-0935 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-28711 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVE-2021-28711 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-28712 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVE-2021-28712 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-28713 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVE-2021-28713 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-28715 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVE-2021-28715 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-33098 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-33098 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-3564 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-3564 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-39648 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVE-2021-39657 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVE-2021-4002 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVE-2021-4083 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-4149 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-4197 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE-2021-4202 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-43976 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2021-45485 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45485 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2021-45486 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2021-45486 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-0330 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2018-25020.html

https://www.suse.com/security/cve/CVE-2019-0136.html

https://www.suse.com/security/cve/CVE-2020-35519.html

https://www.suse.com/security/cve/CVE-2021-0935.html

https://www.suse.com/security/cve/CVE-2021-28711.html

https://www.suse.com/security/cve/CVE-2021-28712.html

https://www.suse.com/security/cve/CVE-2021-28713.html

https://www.suse.com/security/cve/CVE-2021-28715.html

https://www.suse.com/security/cve/CVE-2021-33098.html

https://www.suse.com/security/cve/CVE-2021-3564.html

https://www.suse.com/security/cve/CVE-2021-39648.html

https://www.suse.com/security/cve/CVE-2021-39657.html

https://www.suse.com/security/cve/CVE-2021-4002.html

https://www.suse.com/security/cve/CVE-2021-4083.html

https://www.suse.com/security/cve/CVE-2021-4149.html

https://www.suse.com/security/cve/CVE-2021-4155.html

https://www.suse.com/security/cve/CVE-2021-4197.html

https://www.suse.com/security/cve/CVE-2021-4202.html

https://www.suse.com/security/cve/CVE-2021-43976.html

https://www.suse.com/security/cve/CVE-2021-45095.html

https://www.suse.com/security/cve/CVE-2021-45485.html

https://www.suse.com/security/cve/CVE-2021-45486.html

https://www.suse.com/security/cve/CVE-2022-0330.html

https://bugzilla.suse.com/1012382

https://bugzilla.suse.com/1179960

https://bugzilla.suse.com/1183696

https://bugzilla.suse.com/1186207

https://bugzilla.suse.com/1192032

https://bugzilla.suse.com/1192847

https://bugzilla.suse.com/1192877

https://bugzilla.suse.com/1192946

https://bugzilla.suse.com/1193157

https://bugzilla.suse.com/1193440

https://bugzilla.suse.com/1193442

https://bugzilla.suse.com/1193575

https://bugzilla.suse.com/1193669

https://bugzilla.suse.com/1193727

https://bugzilla.suse.com/1193861

https://bugzilla.suse.com/1193864

https://bugzilla.suse.com/1193867

https://bugzilla.suse.com/1194001

https://bugzilla.suse.com/1194087

https://bugzilla.suse.com/1194094

https://bugzilla.suse.com/1194272

https://bugzilla.suse.com/1194302

https://bugzilla.suse.com/1194516

https://bugzilla.suse.com/1194529

https://bugzilla.suse.com/1194880

Severity
Announcement ID: SUSE-SU-2022:0477-1
Rating: important

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved