SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:0759-1
Rating: important
References: #1189126 #1191580 #1192483 #1194516 #1195254
#1195286 #1195516 #1195543 #1195612 #1195701
#1195897 #1195905 #1195908 #1195947 #1195949
#1195987 #1195995 #1196079 #1196095 #1196132
#1196155 #1196235 #1196584 #1196601 #1196612
#1196776 SLE-23652
Cross-References: CVE-2021-44879 CVE-2022-0001 CVE-2022-0002
CVE-2022-0487 CVE-2022-0492 CVE-2022-0516
CVE-2022-0617 CVE-2022-0644 CVE-2022-0847
CVE-2022-24448 CVE-2022-24958 CVE-2022-24959
CVE-2022-25258 CVE-2022-25375
CVSS scores:
CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0516 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0847 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-24958 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24958 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-25258 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-25258 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-25375 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-25375 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
______________________________________________________________________________
An update that solves 14 vulnerabilities, contains one
feature and has 12 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.
Transient execution side-channel attacks attacking the Branch History
Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch
History Injection" are now mitigated.
The following security bugs were fixed:
- CVE-2022-0001: Fixed Branch History Injection vulnerability
(bsc#1191580).
- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability
(bsc#1191580).
- CVE-2022-0847: Fixed a vulnerability were a local attackers could
overwrite data in arbitrary (read-only) files (bsc#1196584).
- CVE-2022-0617: Fixed a null pointer dereference in UDF file system
functionality. A local user could crash the system by triggering
udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
- CVE-2022-0644: Fixed a denial of service by a local user. A assertion
failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).
- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were
not considered, which lead to a move_data_page NULL pointer dereference
(bsc#1195987).
- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in
drivers/net/hamradio/yam.c (bsc#1195897).
- CVE-2022-0487: A use-after-free vulnerability was found in
rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
(bsc#1194516).
- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
release_agent feature, which allowed bypassing namespace isolation
unexpectedly (bsc#1195543).
- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets
the O_DIRECTORY flag, and tries to open a regular file,
nfs_atomic_open() performs a regular lookup. If a regular file is found,
ENOTDIR should have occured, but the server instead returned
uninitialized data in the file descriptor (bsc#1195612).
- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the
RNDIS_MSG_SET command. Attackers can obtain sensitive information from
kernel memory (bsc#1196235).
- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390
allows kernel memory read/write (bsc#1195516).
- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of
interface OS descriptor requests, which could have lead to memory
corruption (bsc#1196096).
- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf
release (bsc#1195905).
The following non-security bugs were fixed:
- btrfs: check for missing device in btrfs_trim_fs (bsc#1195701).
- gve: Add RX context (jsc#SLE-23652).
- gve: Add a jumbo-frame device option (jsc#SLE-23652).
- gve: Add consumed counts to ethtool stats (jsc#SLE-23652).
- gve: Add optional metadata descriptor type GVE_TXD_MTD (jsc#SLE-23652).
- gve: Correct order of processing device options (jsc#SLE-23652).
- gve: Fix GFP flags when allocing pages (jsc#SLE-23652).
- gve: Implement packet continuation for RX (jsc#SLE-23652).
- gve: Implement suspend/resume/shutdown (jsc#SLE-23652).
- gve: Move the irq db indexes out of the ntfy block struct
(jsc#SLE-23652).
- gve: Recording rx queue before sending to napi (jsc#SLE-23652).
- gve: Update gve_free_queue_page_list signature (jsc#SLE-23652).
- gve: Use kvcalloc() instead of kvzalloc() (jsc#SLE-23652).
- gve: fix for null pointer dereference (jsc#SLE-23652).
- gve: fix the wrong AdminQ buffer queue index check (jsc#SLE-23652).
- gve: fix unmatched u64_stats_update_end() (jsc#SLE-23652).
- gve: remove memory barrier around seqno (jsc#SLE-23652).
- lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584).
- net: tipc: validate domain record count on input (bsc#1195254).
- nfsd: allow delegation state ids to be revoked and then freed
(bsc#1192483).
- nfsd: allow lock state ids to be revoked and then freed (bsc#1192483).
- nfsd: allow open state ids to be revoked and then freed (bsc#1192483).
- nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483).
- nfsd: prepare for supporting admin-revocation of state (bsc#1192483).
- powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for
persistent memory" (bsc#1195995 ltc#196394).
- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-759=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-759=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-759=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-759=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-759=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-759=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-759=1
- SUSE Linux Enterprise Module for Live Patching 15-SP2:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-759=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-759=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-759=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-759=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-759=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-759=1
Package List:
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Manager Server 4.1 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Manager Server 4.1 (x86_64):
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Manager Proxy 4.1 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Manager Proxy 4.1 (x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
- SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-livepatch-5.3.18-24.107.1
kernel-default-livepatch-devel-5.3.18-24.107.1
kernel-livepatch-5_3_18-24_107-default-1-5.5.1
kernel-livepatch-5_3_18-24_107-default-debuginfo-1-5.5.1
kernel-livepatch-SLE15-SP2_Update_25-debugsource-1-5.5.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-24.107.1
cluster-md-kmp-default-debuginfo-5.3.18-24.107.1
dlm-kmp-default-5.3.18-24.107.1
dlm-kmp-default-debuginfo-5.3.18-24.107.1
gfs2-kmp-default-5.3.18-24.107.1
gfs2-kmp-default-debuginfo-5.3.18-24.107.1
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
ocfs2-kmp-default-5.3.18-24.107.1
ocfs2-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
kernel-default-5.3.18-24.107.1
kernel-default-base-5.3.18-24.107.1.9.50.2
kernel-default-debuginfo-5.3.18-24.107.1
kernel-default-debugsource-5.3.18-24.107.1
kernel-default-devel-5.3.18-24.107.1
kernel-default-devel-debuginfo-5.3.18-24.107.1
kernel-obs-build-5.3.18-24.107.1
kernel-obs-build-debugsource-5.3.18-24.107.1
kernel-preempt-5.3.18-24.107.1
kernel-preempt-debuginfo-5.3.18-24.107.1
kernel-preempt-debugsource-5.3.18-24.107.1
kernel-preempt-devel-5.3.18-24.107.1
kernel-preempt-devel-debuginfo-5.3.18-24.107.1
kernel-syms-5.3.18-24.107.1
reiserfs-kmp-default-5.3.18-24.107.1
reiserfs-kmp-default-debuginfo-5.3.18-24.107.1
- SUSE Enterprise Storage 7 (noarch):
kernel-devel-5.3.18-24.107.1
kernel-docs-5.3.18-24.107.1
kernel-macros-5.3.18-24.107.1
kernel-source-5.3.18-24.107.1
References:
https://www.suse.com/security/cve/CVE-2021-44879.html
https://www.suse.com/security/cve/CVE-2022-0001.html
https://www.suse.com/security/cve/CVE-2022-0002.html
https://www.suse.com/security/cve/CVE-2022-0487.html
https://www.suse.com/security/cve/CVE-2022-0492.html
https://www.suse.com/security/cve/CVE-2022-0516.html
https://www.suse.com/security/cve/CVE-2022-0617.html
https://www.suse.com/security/cve/CVE-2022-0644.html
https://www.suse.com/security/cve/CVE-2022-0847.html
https://www.suse.com/security/cve/CVE-2022-24448.html
https://www.suse.com/security/cve/CVE-2022-24958.html
https://www.suse.com/security/cve/CVE-2022-24959.html
https://www.suse.com/security/cve/CVE-2022-25258.html
https://www.suse.com/security/cve/CVE-2022-25375.html
https://bugzilla.suse.com/1189126
https://bugzilla.suse.com/1191580
https://bugzilla.suse.com/1192483
https://bugzilla.suse.com/1194516
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1195286
https://bugzilla.suse.com/1195516
https://bugzilla.suse.com/1195543
https://bugzilla.suse.com/1195612
https://bugzilla.suse.com/1195701
https://bugzilla.suse.com/1195897
https://bugzilla.suse.com/1195905
https://bugzilla.suse.com/1195908
https://bugzilla.suse.com/1195947
https://bugzilla.suse.com/1195949
https://bugzilla.suse.com/1195987
https://bugzilla.suse.com/1195995
https://bugzilla.suse.com/1196079
https://bugzilla.suse.com/1196095
https://bugzilla.suse.com/1196132
https://bugzilla.suse.com/1196155
https://bugzilla.suse.com/1196235
https://bugzilla.suse.com/1196584
https://bugzilla.suse.com/1196601
https://bugzilla.suse.com/1196612
https://bugzilla.suse.com/1196776
SUSE: 2022:0759-1 important: the Linux Kernel
March 8, 2022
An update that solves 14 vulnerabilities, contains one feature and has 12 fixes is now available
Summary
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516). - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096). - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905). The following non-security bugs were fixed: - btrfs: check for missing device in btrfs_trim_fs (bsc#1195701). - gve: Add RX context (jsc#SLE-23652). - gve: Add a jumbo-frame device option (jsc#SLE-23652). - gve: Add consumed counts to ethtool stats (jsc#SLE-23652). - gve: Add optional metadata descriptor type GVE_TXD_MTD (jsc#SLE-23652). - gve: Correct order of processing device options (jsc#SLE-23652). - gve: Fix GFP flags when allocing pages (jsc#SLE-23652). - gve: Implement packet continuation for RX (jsc#SLE-23652). - gve: Implement suspend/resume/shutdown (jsc#SLE-23652). - gve: Move the irq db indexes out of the ntfy block struct (jsc#SLE-23652). - gve: Recording rx queue before sending to napi (jsc#SLE-23652). - gve: Update gve_free_queue_page_list signature (jsc#SLE-23652). - gve: Use kvcalloc() instead of kvzalloc() (jsc#SLE-23652). - gve: fix for null pointer dereference (jsc#SLE-23652). - gve: fix the wrong AdminQ buffer queue index check (jsc#SLE-23652). - gve: fix unmatched u64_stats_update_end() (jsc#SLE-23652). - gve: remove memory barrier around seqno (jsc#SLE-23652). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). - net: tipc: validate domain record count on input (bsc#1195254). - nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483). - nfsd: allow lock state ids to be revoked and then freed (bsc#1192483). - nfsd: allow open state ids to be revoked and then freed (bsc#1192483). - nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483). - nfsd: prepare for supporting admin-revocation of state (bsc#1192483). - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (bsc#1195995 ltc#196394). - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126). - scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).
References
#1189126 #1191580 #1192483 #1194516 #1195254
#1195286 #1195516 #1195543 #1195612 #1195701
#1195897 #1195905 #1195908 #1195947 #1195949
#1195987 #1195995 #1196079 #1196095 #1196132
#1196155 #1196235 #1196584 #1196601 #1196612
#1196776 SLE-23652
Cross- CVE-2021-44879 CVE-2022-0001 CVE-2022-0002
CVE-2022-0487 CVE-2022-0492 CVE-2022-0516
CVE-2022-0617 CVE-2022-0644 CVE-2022-0847
CVE-2022-24448 CVE-2022-24958 CVE-2022-24959
CVE-2022-25258 CVE-2022-25375
CVSS scores:
CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0516 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0847 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-24958 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24958 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-25258 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-25258 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-25375 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-25375 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Module for Live Patching 15-SP2
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
https://www.suse.com/security/cve/CVE-2021-44879.html
https://www.suse.com/security/cve/CVE-2022-0001.html
https://www.suse.com/security/cve/CVE-2022-0002.html
https://www.suse.com/security/cve/CVE-2022-0487.html
https://www.suse.com/security/cve/CVE-2022-0492.html
https://www.suse.com/security/cve/CVE-2022-0516.html
https://www.suse.com/security/cve/CVE-2022-0617.html
https://www.suse.com/security/cve/CVE-2022-0644.html
https://www.suse.com/security/cve/CVE-2022-0847.html
https://www.suse.com/security/cve/CVE-2022-24448.html
https://www.suse.com/security/cve/CVE-2022-24958.html
https://www.suse.com/security/cve/CVE-2022-24959.html
https://www.suse.com/security/cve/CVE-2022-25258.html
https://www.suse.com/security/cve/CVE-2022-25375.html
https://bugzilla.suse.com/1189126
https://bugzilla.suse.com/1191580
https://bugzilla.suse.com/1192483
https://bugzilla.suse.com/1194516
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1195286
https://bugzilla.suse.com/1195516
https://bugzilla.suse.com/1195543
https://bugzilla.suse.com/1195612
https://bugzilla.suse.com/1195701
https://bugzilla.suse.com/1195897
https://bugzilla.suse.com/1195905
https://bugzilla.suse.com/1195908
https://bugzilla.suse.com/1195947
https://bugzilla.suse.com/1195949
https://bugzilla.suse.com/1195987
https://bugzilla.suse.com/1195995
https://bugzilla.suse.com/1196079
https://bugzilla.suse.com/1196095
https://bugzilla.suse.com/1196132
https://bugzilla.suse.com/1196155
https://bugzilla.suse.com/1196235
https://bugzilla.suse.com/1196584
https://bugzilla.suse.com/1196601
https://bugzilla.suse.com/1196612
https://bugzilla.suse.com/1196776
Severity
Announcement ID: SUSE-SU-2022:0759-1
Rating: important
News
HOWTOs
Features
About Us
Powered By
