SUSE Linux Enterprise: 2022 Security Update Critical for RT Kernel

suse

February 21, 2022

An update that solves 6 vulnerabilities and has 11 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867). - CVE-2022-22942: Fixed stale file descriptors on failed usercopy (bsc#1195065). - CVE-2021-22600: Fixed double free bug in packet_set_ring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bnc#1195184). - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local

Topics Covered

security advisory critical fix information disclosure system reboot SUSE Linux Enterprise remote overflow RT Kernel

References

#1177599 #1183405 #1185377 #1187428 #1188605

#1193096 #1193506 #1193861 #1193864 #1193867

#1194048 #1194227 #1194880 #1195009 #1195065

#1195184 #1195254

Cross- CVE-2021-22600 CVE-2021-39648 CVE-2021-39657

CVE-2021-45095 CVE-2022-0330 CVE-2022-22942

CVSS scores:

CVE-2021-22600 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-22600 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-39648 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVE-2021-39657 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity

critical

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:0544-1

Rating: critical

Topics Covered

security advisory critical fix information disclosure system reboot SUSE Linux Enterprise remote overflow RT Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise: 2022 Security Update Critical for RT Kernel

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise: 2022 Security Update Critical for RT Kernel

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!