Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2022:1038-1 Important: Kernel Security Update To Prevent Escalation

suse
Calendar Grey March 30, 2022
Dist Suse Esm H88
An Arch Linux update resolving 18 vulnerabilities and enhancements for the Kernel. A restart is advisable post-installation.
An update that solves 24 vulnerabilities and has 17 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).

Topics%20covered

Topics Covered

security advisory buffer overflow privilege escalation DoS kernel security system update SUSE

References

#1176447 #1176774 #1178134 #1179439 #1181147

#1191428 #1192273 #1193787 #1194516 #1194943

#1195051 #1195211 #1195353 #1195403 #1195516

#1195612 #1195897 #1195908 #1195947 #1195949

#1195987 #1196079 #1196095 #1196130 #1196155

#1196299 #1196301 #1196403 #1196468 #1196472

#1196488 #1196627 #1196723 #1196776 #1196779

#1196830 #1196866 #1196868 #1197300 #922815

#998635

Cross- CVE-2021-0920 CVE-2021-39698 CVE-2021-44879

CVE-2021-45402 CVE-2022-0487 CVE-2022-0492

CVE-2022-0516 CVE-2022-0617 CVE-2022-0644

CVE-2022-23036 CVE-2022-23037 CVE-2022-23038

CVE-2022-23039 CVE-2022-23040 CVE-2022-23041

CVE-2022-23042 CVE-2022-24448 CVE-2022-24958

CVE-2022-24959 CVE-2022-25258 CVE-2022-25636

CVE-2022-2...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:1038-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow privilege escalation DoS kernel security system update SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here