SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1038-1
Rating:             important
References:         #1176447 #1176774 #1178134 #1179439 #1181147 
                    #1191428 #1192273 #1193787 #1194516 #1194943 
                    #1195051 #1195211 #1195353 #1195403 #1195516 
                    #1195612 #1195897 #1195908 #1195947 #1195949 
                    #1195987 #1196079 #1196095 #1196130 #1196155 
                    #1196299 #1196301 #1196403 #1196468 #1196472 
                    #1196488 #1196627 #1196723 #1196776 #1196779 
                    #1196830 #1196866 #1196868 #1197300 #922815 
                    #998635 
Cross-References:   CVE-2021-0920 CVE-2021-39698 CVE-2021-44879
                    CVE-2021-45402 CVE-2022-0487 CVE-2022-0492
                    CVE-2022-0516 CVE-2022-0617 CVE-2022-0644
                    CVE-2022-23036 CVE-2022-23037 CVE-2022-23038
                    CVE-2022-23039 CVE-2022-23040 CVE-2022-23041
                    CVE-2022-23042 CVE-2022-24448 CVE-2022-24958
                    CVE-2022-24959 CVE-2022-25258 CVE-2022-25636
                    CVE-2022-26490 CVE-2022-26966 CVE-2022-27223
                   
CVSS scores:
                    CVE-2021-0920 (NVD) : 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-0920 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39698 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39698 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-45402 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45402 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
                    CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0492 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0516 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0516 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-24958 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-24958 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-25258 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-25258 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-25636 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-25636 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
                    CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-27223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-27223 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:
                    SUSE Linux Enterprise Micro 5.1
                    SUSE Linux Enterprise Module for Realtime 15-SP3
                    SUSE Linux Enterprise Real Time 15-SP3
______________________________________________________________________________

   An update that solves 24 vulnerabilities and has 17 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2022-25636: Fixed an issue which allowed a local users to gain
     privileges because of a heap out-of-bounds write in nf_dup_netdev.c,
     related to nf_tables_offload (bsc#1196299).
   - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
     attacker with adjacent NFC access could trigger crash the system or
     corrupt system memory (bsc#1196830).
   - CVE-2022-0487: A use-after-free vulnerability was found in
     rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
     (bsc#1194516).
   - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
     release_agent feature, which allowed bypassing namespace isolation
     unexpectedly (bsc#1195543).
   - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390
     allows kernel memory read/write (bsc#1195516).
   - CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY
     flag, and tries to open a regular file, nfs_atomic_open() performs a
     regular lookup. If a regular file is found, ENOTDIR should have occured,
     but the server instead returned uninitialized data in the file
     descriptor (bsc#1195612).
   - CVE-2022-0617: Fixed a null pointer dereference in UDF file system
     functionality. A local user could crash the system by triggering
     udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
   - CVE-2022-0644: Fixed a denial of service by a local user. A assertion
     failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)
   - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of
     interface OS descriptor requests, which could have lead to memory
     corruption (bsc#1196096).
   - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf
     release (bsc#1195905).
   - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in
     drivers/net/hamradio/yam.c (bsc#1195897).
   - CVE-2022-27223: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint
     index was not validated and could have been manipulated by the host for
     out-of-array access (bsc#1197245).
   - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were
     not considered, which lead to a move_data_page NULL pointer dereference
     (bsc#1195987).
   - CVE-2021-0920: Fixed a local privilege escalation due to a
     use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).
   - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which
     allowed attackers to obtain sensitive information from heap memory via
     crafted frame lengths from a device (bsc#1196836).
   - CVE-2021-39698: Fixed a possible memory corruption due to a use after
     free in aio_poll_complete_work. This could lead to local escalation of
     privilege with no additional execution privileges needed. (bsc#1196956)
   - CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did
     not properly update bounds while handling the mov32 instruction, which
     allowed local users to obtain potentially sensitive address information
     (bsc#1196130).
   -
   CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
     CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
     lead to read/write access to memory pages or denial of service. These
     issues are related to the Xen PV device frontend drivers. (bsc#1196488)

   The following non-security bugs were fixed:

   - ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).
   - arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).
   - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions
     (git-fixes).
   - ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).
   - asix: fix uninit-value in asix_mdio_read() (git-fixes).
   - ASoC: cs4265: Fix the duplicated control name (git-fixes).
   - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     (git-fixes).
   - ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).
   - ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).
   - ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
   - batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).
   - batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).
   - batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).
   - blk-mq: do not free tags if the tag_set is used by other device in queue
     initialztion (bsc#1193787).
   - Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE
     (bsc#1196779).
   - bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).
   - bnxt_en: Fix incorrect multicast rx mask setting when not requested
     (git-fixes).
   - bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).
   - bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).
   - bonding: force carrier update when releasing slave (git-fixes).
   - can: gs_usb: change active_channels's type from atomic_t to u8
     (git-fixes).
   - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning (bsc#1196868).
   - cgroup-v1: Correct privileges check in release_agent writes
     (bsc#1196723).
   - clk: jz4725b: fix mmc0 clock gating (git-fixes).
   - constraints: Also adjust disk requirement for x86 and s390.
   - constraints: Increase disk space for aarch64
   - cpufreq: schedutil: Use kobject release() method to free (git-fixes)
   - cpuset: Fix the bug that subpart_cpus updated wrongly in
     update_cpumask() (bsc#1196866).
   - cputime, cpuacct: Include guest time in user time in (git-fixes)
   - dma-direct: Fix potential NULL pointer dereference (bsc#1196472
     ltc#192278).
   - dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).
   - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472
     ltc#192278).
   - drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).
   - drm/edid: Always set RGB444 (git-fixes).
   - drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).
   - drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).
   - drm/i915: Nuke not needed members of dram_info (bsc#1195211).
   - drm/i915: Remove memory frequency calculation (bsc#1195211).
   - drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).
   - drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
   - EDAC/altera: Fix deferred probing (bsc#1178134).
   - EDAC: Fix calculation of returned address and next offset in
     edac_align_ptr() (bsc#1178134).
   - efivars: Respect "block" flag in efivar_entry_set_safe() (git-fixes).
   - exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).
   - exfat: fix incorrect loading of i_blocks for large files (git-fixes).
   - firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).
   - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
   - gpiolib: acpi: Convert ACPI value of debounce to microseconds
     (git-fixes).
   - gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).
   - gpio: tegra186: Fix chip_data type confusion (git-fixes).
   - gpio: ts4900: Do not set DAT and OE together (git-fixes).
   - gtp: remove useless rcu_read_lock() (git-fixes).
   - hamradio: fix macro redefine warning (git-fixes).
   - Hand over the maintainership to SLE15-SP3 maintainers   - HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).
   - HID: add mapping for KEY_DICTATE (git-fixes).
   - i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).
   - iavf: Fix missing check for running netdev (git-fixes).
   - IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).
   - IB/hfi1: Fix early init panic (git-fixes).
   - IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).
   - IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     (git-fixes).
   - IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).
   - ice: initialize local variable 'tlv' (jsc#SLE-12878).
   - igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).
   - igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).
   - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     (git-fixes).
   - iio: adc: men_z188_adc: Fix a resource leak in an error handling path
     (git-fixes).
   - iio: Fix error handling for PM (git-fixes).
   - Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).
   - Input: elan_i2c - fix regulator enable count imbalance after
     suspend/resume (git-fixes).
   - Input: elan_i2c - move regulator_[en|dis]able() out of
     elan_[en|dis]able_power() (git-fixes).
   - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     (git-fixes).
   - mac80211: fix forwarded mesh frames AC & queue selection (git-fixes).
   - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).
   - mac80211_hwsim: report NOACK frames in tx_status (git-fixes).
   - mask out added spinlock in rndis_params (git-fixes).
   - mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
   - net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
     (git-fixes).
   - net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement
     (git-fixes).
   - netfilter: nf_tables: fix memory leak during stateful obj update
     (bsc#1176447).
   - net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).
   - net: hns3: Clear the CMDQ registers before unmapping BAR region
     (git-fixes).
   - net/mlx5e: Fix modify header actions memory leak (git-fixes).
   - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
   - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     (git-fixes).
   - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     (jsc#SLE-15172).
   - net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).
   - net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).
   - net/mlx5: Fix possible deadlock on rule deletion (git-fixes).
   - net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).
   - net/mlx5: Update the list of the PCI supported devices (git-fixes).
   - net: phy: DP83822: clear MISR2 register to disable interrupts
     (git-fixes).
   - net/sched: act_ct: Fix flow table lookup after ct clear or switching
     zones (jsc#SLE-15172).
   - netsec: ignore 'phy-mode' device property on ACPI systems (git-fixes).
   - net: sfc: Replace in_interrupt() usage (git-fixes).
   - net: tipc: validate domain record count on input (bsc#1195254).
   - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     (git-fixes).
   - NFC: port100: fix use-after-free in port100_send_complete (git-fixes).
   - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     (git-fixes).
   - nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).
   - ntb: intel: fix port config status offset for SPR (git-fixes).
   - nvme: fix a possible use-after-free in controller reset during load
     (git-fixes).
   - nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).
   - nvme-rdma: fix possible use-after-free in transport error_recovery work
     (git-fixes).
   - nvme-tcp: fix possible use-after-free in transport error_recovery work
     (git-fixes).
   - powerpc/dma: Fallback to dma_ops when persistent memory present
     (bsc#1196472 ltc#192278).
   - powerpc/fadump: register for fadump as early as possible (bsc#1179439
     ltc#190038).
   - powerpc/mm: Remove dcache flush from memory remove (bsc#1196433
     ltc#196449).
   - powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).
   - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
     (bsc#1196472 ltc#192278).
   - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW
     with pending cmd-bit" (git-fixes).
   - RDMA/cma: Do not change route.addr.src_addr outside state checks
     (bsc#1181147).
   - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty
     entry (git-fixes).
   - RDMA/cma: Remove open coding of overflow checking for private_data_len
     (git-fixes).
   - RDMA/core: Do not infoleak GRH fields (git-fixes).
   - RDMA/core: Let ib_find_gid() continue search even after empty entry
     (git-fixes).
   - RDMA/cxgb4: Set queue pair state when being queried (git-fixes).
   - RDMA/hns: Validate the pkey index (git-fixes).
   - RDMA/ib_srp: Fix a deadlock (git-fixes).
   - RDMA/mlx4: Do not continue event handler after memory allocation failure
     (git-fixes).
   - RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).
   - RDMA/rxe: Fix a typo in opcode name (git-fixes).
   - RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).
   - RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).
   - RDMA/uverbs: Remove the unnecessary assignment (git-fixes).
   - README.BRANCH: Add Frederic Weisbecker as branch maintainer
   - README.BRANCH: Remove Davidlohr Bueso as a branch maintainer
   - rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
   - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
   - sched/core: Mitigate race (git-fixes)
   - scsi: bnx2fc: Flush destroy_work queue before calling
     bnx2fc_interface_put() (git-fixes).
   - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).
   - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     (git-fixes).
   - scsi: nsp_cs: Check of ioremap return value (git-fixes).
   - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).
   - scsi: smartpqi: Add PCI IDs (bsc#1196627).
   - scsi: ufs: Fix race conditions related to driver data (git-fixes).
   - selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).
   - soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY)
     (git-fixes).
   - soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).
   - soc: fsl: qe: Check of ioremap return value (git-fixes).
   - spi: spi-zynq-qspi: Fix a NULL pointer dereference in
     zynq_qspi_exec_mem_op() (git-fixes).
   - sr9700: sanity check for packet length (bsc#1196836).
   - staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
   - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     (bnc#1195403).
   - tracing: Fix return value of __setup handlers (git-fixes).
   - tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).
   - tty: n_gsm: fix proper link termination after failed open (git-fixes).
   - usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
   - usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
   - usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
   - usb: dwc2: use well defined macros for power_down (git-fixes).
   - usb: dwc3: gadget: Let the interrupt handler disable bottom halves
     (git-fixes).
   - usb: dwc3: meson-g12a: Disable the regulator in the error handling path
     of the probe (git-fixes).
   - usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).
   - usb: gadget: rndis: add spinlock for rndis response list (git-fixes).
   - USB: gadget: validate endpoint index for xilinx udc (git-fixes).
   - USB: gadget: validate interface OS descriptor requests (git-fixes).
   - usb: host: xen-hcd: add missing unlock in error path (git-fixes).
   - USB: hub: Clean up use of port initialization schemes and retries
     (git-fixes).
   - usb: hub: Fix locking issues with address0_mutex (git-fixes).
   - usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).
   - USB: serial: option: add support for DW5829e (git-fixes).
   - USB: serial: option: add Telit LE910R1 compositions (git-fixes).
   - USB: zaurus: support another broken Zaurus (git-fixes).
   - vrf: Fix fast path output packet handling with async Netfilter rules
     (git-fixes).
   - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
     (bsc#1196488, XSA-396).
   - xhci: Prevent futile URB re-submissions due to incorrect return value
     (git-fixes).
   - xhci: re-initialize the HC during resume if HCE was set (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Realtime 15-SP3:

      zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-1038=1

   - SUSE Linux Enterprise Micro 5.1:

      zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1038=1



Package List:

   - SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):

      cluster-md-kmp-rt-5.3.18-150300.82.1
      cluster-md-kmp-rt-debuginfo-5.3.18-150300.82.1
      dlm-kmp-rt-5.3.18-150300.82.1
      dlm-kmp-rt-debuginfo-5.3.18-150300.82.1
      gfs2-kmp-rt-5.3.18-150300.82.1
      gfs2-kmp-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-5.3.18-150300.82.1
      kernel-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-debugsource-5.3.18-150300.82.1
      kernel-rt-devel-5.3.18-150300.82.1
      kernel-rt-devel-debuginfo-5.3.18-150300.82.1
      kernel-rt_debug-debuginfo-5.3.18-150300.82.1
      kernel-rt_debug-debugsource-5.3.18-150300.82.1
      kernel-rt_debug-devel-5.3.18-150300.82.1
      kernel-rt_debug-devel-debuginfo-5.3.18-150300.82.1
      kernel-syms-rt-5.3.18-150300.82.1
      ocfs2-kmp-rt-5.3.18-150300.82.1
      ocfs2-kmp-rt-debuginfo-5.3.18-150300.82.1

   - SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):

      kernel-devel-rt-5.3.18-150300.82.1
      kernel-source-rt-5.3.18-150300.82.1

   - SUSE Linux Enterprise Micro 5.1 (x86_64):

      kernel-rt-5.3.18-150300.82.1
      kernel-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-debugsource-5.3.18-150300.82.1


References:

   https://www.suse.com/security/cve/CVE-2021-0920.html
   https://www.suse.com/security/cve/CVE-2021-39698.html
   https://www.suse.com/security/cve/CVE-2021-44879.html
   https://www.suse.com/security/cve/CVE-2021-45402.html
   https://www.suse.com/security/cve/CVE-2022-0487.html
   https://www.suse.com/security/cve/CVE-2022-0492.html
   https://www.suse.com/security/cve/CVE-2022-0516.html
   https://www.suse.com/security/cve/CVE-2022-0617.html
   https://www.suse.com/security/cve/CVE-2022-0644.html
   https://www.suse.com/security/cve/CVE-2022-23036.html
   https://www.suse.com/security/cve/CVE-2022-23037.html
   https://www.suse.com/security/cve/CVE-2022-23038.html
   https://www.suse.com/security/cve/CVE-2022-23039.html
   https://www.suse.com/security/cve/CVE-2022-23040.html
   https://www.suse.com/security/cve/CVE-2022-23041.html
   https://www.suse.com/security/cve/CVE-2022-23042.html
   https://www.suse.com/security/cve/CVE-2022-24448.html
   https://www.suse.com/security/cve/CVE-2022-24958.html
   https://www.suse.com/security/cve/CVE-2022-24959.html
   https://www.suse.com/security/cve/CVE-2022-25258.html
   https://www.suse.com/security/cve/CVE-2022-25636.html
   https://www.suse.com/security/cve/CVE-2022-26490.html
   https://www.suse.com/security/cve/CVE-2022-26966.html
   https://www.suse.com/security/cve/CVE-2022-27223.html
   https://bugzilla.suse.com/1176447
   https://bugzilla.suse.com/1176774
   https://bugzilla.suse.com/1178134
   https://bugzilla.suse.com/1179439
   https://bugzilla.suse.com/1181147
   https://bugzilla.suse.com/1191428
   https://bugzilla.suse.com/1192273
   https://bugzilla.suse.com/1193787
   https://bugzilla.suse.com/1194516
   https://bugzilla.suse.com/1194943
   https://bugzilla.suse.com/1195051
   https://bugzilla.suse.com/1195211
   https://bugzilla.suse.com/1195353
   https://bugzilla.suse.com/1195403
   https://bugzilla.suse.com/1195516
   https://bugzilla.suse.com/1195612
   https://bugzilla.suse.com/1195897
   https://bugzilla.suse.com/1195908
   https://bugzilla.suse.com/1195947
   https://bugzilla.suse.com/1195949
   https://bugzilla.suse.com/1195987
   https://bugzilla.suse.com/1196079
   https://bugzilla.suse.com/1196095
   https://bugzilla.suse.com/1196130
   https://bugzilla.suse.com/1196155
   https://bugzilla.suse.com/1196299
   https://bugzilla.suse.com/1196301
   https://bugzilla.suse.com/1196403
   https://bugzilla.suse.com/1196468
   https://bugzilla.suse.com/1196472
   https://bugzilla.suse.com/1196488
   https://bugzilla.suse.com/1196627
   https://bugzilla.suse.com/1196723
   https://bugzilla.suse.com/1196776
   https://bugzilla.suse.com/1196779
   https://bugzilla.suse.com/1196830
   https://bugzilla.suse.com/1196866
   https://bugzilla.suse.com/1196868
   https://bugzilla.suse.com/1197300
   https://bugzilla.suse.com/922815
   https://bugzilla.suse.com/998635

SUSE: 2022:1038-1 important: the Linux Kernel

March 30, 2022
An update that solves 24 vulnerabilities and has 17 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516). - CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155) - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096). - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-27223: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint index was not validated and could have been manipulated by the host for out-of-array access (bsc#1197245). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731). - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from heap memory via crafted frame lengths from a device (bsc#1196836). - CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956) - CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130). - CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040, CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488) The following non-security bugs were fixed: - ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes). - arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes). - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes). - ARM: Fix kgdb breakpoint for Thumb2 (git-fixes). - asix: fix uninit-value in asix_mdio_read() (git-fixes). - ASoC: cs4265: Fix the duplicated control name (git-fixes). - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes). - ASoC: rt5682: do not block workqueue if card is unbound (git-fixes). - ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes). - ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes). - batman-adv: Do not expect inter-netns unique iflink indices (git-fixes). - batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes). - batman-adv: Request iflink once in batadv-on-batadv check (git-fixes). - blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787). - Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779). - bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649). - bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes). - bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes). - bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes). - bonding: force carrier update when releasing slave (git-fixes). - can: gs_usb: change active_channels's type from atomic_t to u8 (git-fixes). - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning (bsc#1196868). - cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723). - clk: jz4725b: fix mmc0 clock gating (git-fixes). - constraints: Also adjust disk requirement for x86 and s390. - constraints: Increase disk space for aarch64 - cpufreq: schedutil: Use kobject release() method to free (git-fixes) - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866). - cputime, cpuacct: Include guest time in user time in (git-fixes) - dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278). - dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes). - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278). - drm/amdgpu: disable MMHUB PG for Picasso (git-fixes). - drm/edid: Always set RGB444 (git-fixes). - drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211). - drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211). - drm/i915: Nuke not needed members of dram_info (bsc#1195211). - drm/i915: Remove memory frequency calculation (bsc#1195211). - drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211). - drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes). - EDAC/altera: Fix deferred probing (bsc#1178134). - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134). - efivars: Respect "block" flag in efivar_entry_set_safe() (git-fixes). - exfat: fix i_blocks for files truncated over 4 GiB (git-fixes). - exfat: fix incorrect loading of i_blocks for large files (git-fixes). - firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes). - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes). - gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes). - gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes). - gpio: tegra186: Fix chip_data type confusion (git-fixes). - gpio: ts4900: Do not set DAT and OE together (git-fixes). - gtp: remove useless rcu_read_lock() (git-fixes). - hamradio: fix macro redefine warning (git-fixes). - Hand over the maintainership to SLE15-SP3 maintainers - HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes). - HID: add mapping for KEY_DICTATE (git-fixes). - i2c: bcm2835: Avoid clock stretching timeouts (git-fixes). - iavf: Fix missing check for running netdev (git-fixes). - IB/hfi1: Correct guard on eager buffer deallocation (git-fixes). - IB/hfi1: Fix early init panic (git-fixes). - IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes). - IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes). - IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes). - ice: initialize local variable 'tlv' (jsc#SLE-12878). - igc: igc_read_phy_reg_gpy: drop premature return (git-fixes). - igc: igc_write_phy_reg_gpy: drop premature return (git-fixes). - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits (git-fixes). - iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes). - iio: Fix error handling for PM (git-fixes). - Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes). - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes). - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes). - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes). - mac80211: fix forwarded mesh frames AC & queue selection (git-fixes). - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes). - mac80211_hwsim: report NOACK frames in tx_status (git-fixes). - mask out added spinlock in rndis_params (git-fixes). - mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes). - net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes). - net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes). - netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447). - net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447). - net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes). - net/mlx5e: Fix modify header actions memory leak (git-fixes). - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes). - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172). - net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes). - net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes). - net/mlx5: Fix possible deadlock on rule deletion (git-fixes). - net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes). - net/mlx5: Update the list of the PCI supported devices (git-fixes). - net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes). - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172). - netsec: ignore 'phy-mode' device property on ACPI systems (git-fixes). - net: sfc: Replace in_interrupt() usage (git-fixes). - net: tipc: validate domain record count on input (bsc#1195254). - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes). - NFC: port100: fix use-after-free in port100_send_complete (git-fixes). - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes). - nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes). - ntb: intel: fix port config status offset for SPR (git-fixes). - nvme: fix a possible use-after-free in controller reset during load (git-fixes). - nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787). - nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes). - nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes). - powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). - powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038). - powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449). - powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449). - powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278). - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with pending cmd-bit" (git-fixes). - RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147). - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes). - RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes). - RDMA/core: Do not infoleak GRH fields (git-fixes). - RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes). - RDMA/cxgb4: Set queue pair state when being queried (git-fixes). - RDMA/hns: Validate the pkey index (git-fixes). - RDMA/ib_srp: Fix a deadlock (git-fixes). - RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes). - RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176). - RDMA/rxe: Fix a typo in opcode name (git-fixes). - RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes). - RDMA/uverbs: Check for null return of kmalloc_array (git-fixes). - RDMA/uverbs: Remove the unnecessary assignment (git-fixes). - README.BRANCH: Add Frederic Weisbecker as branch maintainer - README.BRANCH: Remove Davidlohr Bueso as a branch maintainer - rpm/arch-symbols,guards,*driver: Replace Novell with SUSE. - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`. - sched/core: Mitigate race (git-fixes) - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes). - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes). - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes). - scsi: nsp_cs: Check of ioremap return value (git-fixes). - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes). - scsi: smartpqi: Add PCI IDs (bsc#1196627). - scsi: ufs: Fix race conditions related to driver data (git-fixes). - selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774). - soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes). - soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes). - soc: fsl: qe: Check of ioremap return value (git-fixes). - spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes). - sr9700: sanity check for packet length (bsc#1196836). - staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes). - SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403). - tracing: Fix return value of __setup handlers (git-fixes). - tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes). - tty: n_gsm: fix proper link termination after failed open (git-fixes). - usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes). - usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes). - usb: dwc2: gadget: Fix kill_all_requests race (git-fixes). - usb: dwc2: use well defined macros for power_down (git-fixes). - usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes). - usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes). - usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes). - usb: gadget: rndis: add spinlock for rndis response list (git-fixes). - USB: gadget: validate endpoint index for xilinx udc (git-fixes). - USB: gadget: validate interface OS descriptor requests (git-fixes). - usb: host: xen-hcd: add missing unlock in error path (git-fixes). - USB: hub: Clean up use of port initialization schemes and retries (git-fixes). - usb: hub: Fix locking issues with address0_mutex (git-fixes). - usb: hub: Fix usb enumeration issue due to address0 race (git-fixes). - USB: serial: option: add support for DW5829e (git-fixes). - USB: serial: option: add Telit LE910R1 compositions (git-fixes). - USB: zaurus: support another broken Zaurus (git-fixes). - vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes). - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396). - xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes). - xhci: re-initialize the HC during resume if HCE was set (git-fixes).

References

#1176447 #1176774 #1178134 #1179439 #1181147

#1191428 #1192273 #1193787 #1194516 #1194943

#1195051 #1195211 #1195353 #1195403 #1195516

#1195612 #1195897 #1195908 #1195947 #1195949

#1195987 #1196079 #1196095 #1196130 #1196155

#1196299 #1196301 #1196403 #1196468 #1196472

#1196488 #1196627 #1196723 #1196776 #1196779

#1196830 #1196866 #1196868 #1197300 #922815

#998635

Cross- CVE-2021-0920 CVE-2021-39698 CVE-2021-44879

CVE-2021-45402 CVE-2022-0487 CVE-2022-0492

CVE-2022-0516 CVE-2022-0617 CVE-2022-0644

CVE-2022-23036 CVE-2022-23037 CVE-2022-23038

CVE-2022-23039 CVE-2022-23040 CVE-2022-23041

CVE-2022-23042 CVE-2022-24448 CVE-2022-24958

CVE-2022-24959 CVE-2022-25258 CVE-2022-25636

CVE-2022-26490 CVE-2022-26966 CVE-2022-27223

CVSS scores:

CVE-2021-0920 (NVD) : 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2021-0920 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-39698 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-39698 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2021-45402 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45402 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0492 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0516 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0516 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-24958 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-24958 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-25258 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-25258 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-25636 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-25636 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2022-27223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-27223 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Module for Realtime 15-SP3

SUSE Linux Enterprise Real Time 15-SP3

https://www.suse.com/security/cve/CVE-2021-0920.html

https://www.suse.com/security/cve/CVE-2021-39698.html

https://www.suse.com/security/cve/CVE-2021-44879.html

https://www.suse.com/security/cve/CVE-2021-45402.html

https://www.suse.com/security/cve/CVE-2022-0487.html

https://www.suse.com/security/cve/CVE-2022-0492.html

https://www.suse.com/security/cve/CVE-2022-0516.html

https://www.suse.com/security/cve/CVE-2022-0617.html

https://www.suse.com/security/cve/CVE-2022-0644.html

https://www.suse.com/security/cve/CVE-2022-23036.html

https://www.suse.com/security/cve/CVE-2022-23037.html

https://www.suse.com/security/cve/CVE-2022-23038.html

https://www.suse.com/security/cve/CVE-2022-23039.html

https://www.suse.com/security/cve/CVE-2022-23040.html

https://www.suse.com/security/cve/CVE-2022-23041.html

https://www.suse.com/security/cve/CVE-2022-23042.html

https://www.suse.com/security/cve/CVE-2022-24448.html

https://www.suse.com/security/cve/CVE-2022-24958.html

https://www.suse.com/security/cve/CVE-2022-24959.html

https://www.suse.com/security/cve/CVE-2022-25258.html

https://www.suse.com/security/cve/CVE-2022-25636.html

https://www.suse.com/security/cve/CVE-2022-26490.html

https://www.suse.com/security/cve/CVE-2022-26966.html

https://www.suse.com/security/cve/CVE-2022-27223.html

https://bugzilla.suse.com/1176447

https://bugzilla.suse.com/1176774

https://bugzilla.suse.com/1178134

https://bugzilla.suse.com/1179439

https://bugzilla.suse.com/1181147

https://bugzilla.suse.com/1191428

https://bugzilla.suse.com/1192273

https://bugzilla.suse.com/1193787

https://bugzilla.suse.com/1194516

https://bugzilla.suse.com/1194943

https://bugzilla.suse.com/1195051

https://bugzilla.suse.com/1195211

https://bugzilla.suse.com/1195353

https://bugzilla.suse.com/1195403

https://bugzilla.suse.com/1195516

https://bugzilla.suse.com/1195612

https://bugzilla.suse.com/1195897

https://bugzilla.suse.com/1195908

https://bugzilla.suse.com/1195947

https://bugzilla.suse.com/1195949

https://bugzilla.suse.com/1195987

https://bugzilla.suse.com/1196079

https://bugzilla.suse.com/1196095

https://bugzilla.suse.com/1196130

https://bugzilla.suse.com/1196155

https://bugzilla.suse.com/1196299

https://bugzilla.suse.com/1196301

https://bugzilla.suse.com/1196403

https://bugzilla.suse.com/1196468

https://bugzilla.suse.com/1196472

https://bugzilla.suse.com/1196488

https://bugzilla.suse.com/1196627

https://bugzilla.suse.com/1196723

https://bugzilla.suse.com/1196776

https://bugzilla.suse.com/1196779

https://bugzilla.suse.com/1196830

https://bugzilla.suse.com/1196866

https://bugzilla.suse.com/1196868

https://bugzilla.suse.com/1197300

https://bugzilla.suse.com/922815

https://bugzilla.suse.com/998635

Severity
Announcement ID: SUSE-SU-2022:1038-1
Rating: important

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved