SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1255-1
Rating:             important
References:         #1189562 #1194943 #1195051 #1195353 #1196018 
                    #1196114 #1196468 #1196488 #1196514 #1196639 
                    #1196761 #1196830 #1196836 #1196942 #1196973 
                    #1197131 #1197227 #1197331 #1197366 #1197391 
                    #1198031 #1198032 #1198033 SLE-18234 
Cross-References:   CVE-2021-39713 CVE-2021-45868 CVE-2022-0812
                    CVE-2022-0850 CVE-2022-0886 CVE-2022-1016
                    CVE-2022-1048 CVE-2022-23036 CVE-2022-23037
                    CVE-2022-23038 CVE-2022-23039 CVE-2022-23040
                    CVE-2022-23041 CVE-2022-23042 CVE-2022-26490
                    CVE-2022-26966 CVE-2022-28356 CVE-2022-28388
                    CVE-2022-28389 CVE-2022-28390
CVSS scores:
                    CVE-2021-39713 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39713 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
                    CVE-2022-0886 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
                    CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
                    CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
                    CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected Products:
                    SUSE Linux Enterprise High Availability 15
                    SUSE Linux Enterprise High Performance Computing 15
                    SUSE Linux Enterprise High Performance Computing 15-ESPOS
                    SUSE Linux Enterprise High Performance Computing 15-LTSS
                    SUSE Linux Enterprise Module for Live Patching 15
                    SUSE Linux Enterprise Server 15
                    SUSE Linux Enterprise Server 15-LTSS
                    SUSE Linux Enterprise Server for SAP 15
                    SUSE Linux Enterprise Server for SAP Applications 15
______________________________________________________________________________

   An update that solves 20 vulnerabilities, contains one
   feature and has three fixes is now available.

Description:

   The SUSE Linux Enterprise 15 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c
     (bnc#1197391).
   - CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
     netfilter subsystem. This vulnerability gives an attacker a powerful
     primitive that can be used to both read from and write to relative stack
     data, which can lead to arbitrary code execution (bsc#1197227).
   - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
     vulnerability in the Linux kernel (bnc#1198033).
   - CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
     vulnerability in the Linux kernel (bnc#1198032).
   - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
     vulnerability in the Linux kernel (bnc#1198031).
   - CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma
     (bsc#1196639).
   - CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
     use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock
     (bsc#1197331).
   - CVE-2022-0850: Fixed a kernel information leak vulnerability in
     iov_iter.c (bsc#1196761).
   - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which
     allowed attackers to obtain sensitive information from the memory via
     crafted frame lengths from a USB device (bsc#1196836).
   - CVE-2022-0886: Fix possible buffer overflow in ESP transformation
     (bsc#1197131).
   - CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
     which could lead to an use-after-free if there is a corrupted quota file
     (bnc#1197366).
   - CVE-2021-39713: Fixed a race condition in the network scheduling
     subsystem which could lead to a use-after-free (bsc#1196973).
   -
   CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
     CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
     lead to read/write access to memory pages or denial of service. These
     issues are related to the Xen PV device frontend drivers (bsc#1196488).
   - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
     attacker with adjacent NFC access could crash the system or corrupt the
     system memory (bsc#1196830).

   The following non-security bugs were fixed:

   - ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
     (bsc#1196018).
   - macros.kernel-source: Fix coditional expansion. Fixes: bb95fef3cf19
     ("rpm: Use bash for %() expansion (jsc#SLE-18234).")
   - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     (bsc#1196018).
   - net: usb: ax88179_178a: fix packet alignment padding (bsc#1196018).
   - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
   - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
   - sr9700: sanity check for packet length (bsc#1196836).
   - usb: host: xen-hcd: add missing unlock in error path (git-fixes).
   - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
     (bsc#1196488, XSA-396).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 15:

      zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1255=1

   - SUSE Linux Enterprise Server 15-LTSS:

      zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1255=1

   - SUSE Linux Enterprise Module for Live Patching 15:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-1255=1

   - SUSE Linux Enterprise High Performance Computing 15-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1255=1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1255=1

   - SUSE Linux Enterprise High Availability 15:

      zypper in -t patch SUSE-SLE-Product-HA-15-2022-1255=1



Package List:

   - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):

      kernel-default-4.12.14-150000.150.89.1
      kernel-default-base-4.12.14-150000.150.89.1
      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      kernel-default-devel-4.12.14-150000.150.89.1
      kernel-default-devel-debuginfo-4.12.14-150000.150.89.1
      kernel-obs-build-4.12.14-150000.150.89.1
      kernel-obs-build-debugsource-4.12.14-150000.150.89.1
      kernel-syms-4.12.14-150000.150.89.1
      kernel-vanilla-base-4.12.14-150000.150.89.1
      kernel-vanilla-base-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debugsource-4.12.14-150000.150.89.1
      reiserfs-kmp-default-4.12.14-150000.150.89.1
      reiserfs-kmp-default-debuginfo-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise Server for SAP 15 (noarch):

      kernel-devel-4.12.14-150000.150.89.1
      kernel-docs-4.12.14-150000.150.89.1
      kernel-macros-4.12.14-150000.150.89.1
      kernel-source-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):

      kernel-default-4.12.14-150000.150.89.1
      kernel-default-base-4.12.14-150000.150.89.1
      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      kernel-default-devel-4.12.14-150000.150.89.1
      kernel-default-devel-debuginfo-4.12.14-150000.150.89.1
      kernel-obs-build-4.12.14-150000.150.89.1
      kernel-obs-build-debugsource-4.12.14-150000.150.89.1
      kernel-syms-4.12.14-150000.150.89.1
      kernel-vanilla-base-4.12.14-150000.150.89.1
      kernel-vanilla-base-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debugsource-4.12.14-150000.150.89.1
      reiserfs-kmp-default-4.12.14-150000.150.89.1
      reiserfs-kmp-default-debuginfo-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise Server 15-LTSS (noarch):

      kernel-devel-4.12.14-150000.150.89.1
      kernel-docs-4.12.14-150000.150.89.1
      kernel-macros-4.12.14-150000.150.89.1
      kernel-source-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise Server 15-LTSS (s390x):

      kernel-default-man-4.12.14-150000.150.89.1
      kernel-zfcpdump-debuginfo-4.12.14-150000.150.89.1
      kernel-zfcpdump-debugsource-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):

      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      kernel-default-livepatch-4.12.14-150000.150.89.1
      kernel-livepatch-4_12_14-150000_150_89-default-1-150000.1.3.1
      kernel-livepatch-4_12_14-150000_150_89-default-debuginfo-1-150000.1.3.1

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):

      kernel-default-4.12.14-150000.150.89.1
      kernel-default-base-4.12.14-150000.150.89.1
      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      kernel-default-devel-4.12.14-150000.150.89.1
      kernel-default-devel-debuginfo-4.12.14-150000.150.89.1
      kernel-obs-build-4.12.14-150000.150.89.1
      kernel-obs-build-debugsource-4.12.14-150000.150.89.1
      kernel-syms-4.12.14-150000.150.89.1
      kernel-vanilla-base-4.12.14-150000.150.89.1
      kernel-vanilla-base-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debugsource-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):

      kernel-devel-4.12.14-150000.150.89.1
      kernel-docs-4.12.14-150000.150.89.1
      kernel-macros-4.12.14-150000.150.89.1
      kernel-source-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):

      kernel-default-4.12.14-150000.150.89.1
      kernel-default-base-4.12.14-150000.150.89.1
      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      kernel-default-devel-4.12.14-150000.150.89.1
      kernel-default-devel-debuginfo-4.12.14-150000.150.89.1
      kernel-obs-build-4.12.14-150000.150.89.1
      kernel-obs-build-debugsource-4.12.14-150000.150.89.1
      kernel-syms-4.12.14-150000.150.89.1
      kernel-vanilla-base-4.12.14-150000.150.89.1
      kernel-vanilla-base-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debuginfo-4.12.14-150000.150.89.1
      kernel-vanilla-debugsource-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):

      kernel-devel-4.12.14-150000.150.89.1
      kernel-docs-4.12.14-150000.150.89.1
      kernel-macros-4.12.14-150000.150.89.1
      kernel-source-4.12.14-150000.150.89.1

   - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-4.12.14-150000.150.89.1
      cluster-md-kmp-default-debuginfo-4.12.14-150000.150.89.1
      dlm-kmp-default-4.12.14-150000.150.89.1
      dlm-kmp-default-debuginfo-4.12.14-150000.150.89.1
      gfs2-kmp-default-4.12.14-150000.150.89.1
      gfs2-kmp-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debuginfo-4.12.14-150000.150.89.1
      kernel-default-debugsource-4.12.14-150000.150.89.1
      ocfs2-kmp-default-4.12.14-150000.150.89.1
      ocfs2-kmp-default-debuginfo-4.12.14-150000.150.89.1


References:

   https://www.suse.com/security/cve/CVE-2021-39713.html
   https://www.suse.com/security/cve/CVE-2021-45868.html
   https://www.suse.com/security/cve/CVE-2022-0812.html
   https://www.suse.com/security/cve/CVE-2022-0850.html
   https://www.suse.com/security/cve/CVE-2022-0886.html
   https://www.suse.com/security/cve/CVE-2022-1016.html
   https://www.suse.com/security/cve/CVE-2022-1048.html
   https://www.suse.com/security/cve/CVE-2022-23036.html
   https://www.suse.com/security/cve/CVE-2022-23037.html
   https://www.suse.com/security/cve/CVE-2022-23038.html
   https://www.suse.com/security/cve/CVE-2022-23039.html
   https://www.suse.com/security/cve/CVE-2022-23040.html
   https://www.suse.com/security/cve/CVE-2022-23041.html
   https://www.suse.com/security/cve/CVE-2022-23042.html
   https://www.suse.com/security/cve/CVE-2022-26490.html
   https://www.suse.com/security/cve/CVE-2022-26966.html
   https://www.suse.com/security/cve/CVE-2022-28356.html
   https://www.suse.com/security/cve/CVE-2022-28388.html
   https://www.suse.com/security/cve/CVE-2022-28389.html
   https://www.suse.com/security/cve/CVE-2022-28390.html
   https://bugzilla.suse.com/1189562
   https://bugzilla.suse.com/1194943
   https://bugzilla.suse.com/1195051
   https://bugzilla.suse.com/1195353
   https://bugzilla.suse.com/1196018
   https://bugzilla.suse.com/1196114
   https://bugzilla.suse.com/1196468
   https://bugzilla.suse.com/1196488
   https://bugzilla.suse.com/1196514
   https://bugzilla.suse.com/1196639
   https://bugzilla.suse.com/1196761
   https://bugzilla.suse.com/1196830
   https://bugzilla.suse.com/1196836
   https://bugzilla.suse.com/1196942
   https://bugzilla.suse.com/1196973
   https://bugzilla.suse.com/1197131
   https://bugzilla.suse.com/1197227
   https://bugzilla.suse.com/1197331
   https://bugzilla.suse.com/1197366
   https://bugzilla.suse.com/1197391
   https://bugzilla.suse.com/1198031
   https://bugzilla.suse.com/1198032
   https://bugzilla.suse.com/1198033

SUSE: 2022:1255-1 important: the Linux Kernel

April 19, 2022
An update that solves 20 vulnerabilities, contains one feature and has three fixes is now available

Summary

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c (bnc#1197391). - CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227). - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033). - CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032). - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031). - CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma (bsc#1196639). - CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331). - CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761). - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836). - CVE-2022-0886: Fix possible buffer overflow in ESP transformation (bsc#1197131). - CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366). - CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free (bsc#1196973). - CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040, CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory (bsc#1196830). The following non-security bugs were fixed: - ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018). - macros.kernel-source: Fix coditional expansion. Fixes: bb95fef3cf19 ("rpm: Use bash for %() expansion (jsc#SLE-18234).") - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018). - net: usb: ax88179_178a: fix packet alignment padding (bsc#1196018). - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`. - sr9700: sanity check for packet length (bsc#1196836). - usb: host: xen-hcd: add missing unlock in error path (git-fixes). - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).

References

#1189562 #1194943 #1195051 #1195353 #1196018

#1196114 #1196468 #1196488 #1196514 #1196639

#1196761 #1196830 #1196836 #1196942 #1196973

#1197131 #1197227 #1197331 #1197366 #1197391

#1198031 #1198032 #1198033 SLE-18234

Cross- CVE-2021-39713 CVE-2021-45868 CVE-2022-0812

CVE-2022-0850 CVE-2022-0886 CVE-2022-1016

CVE-2022-1048 CVE-2022-23036 CVE-2022-23037

CVE-2022-23038 CVE-2022-23039 CVE-2022-23040

CVE-2022-23041 CVE-2022-23042 CVE-2022-26490

CVE-2022-26966 CVE-2022-28356 CVE-2022-28388

CVE-2022-28389 CVE-2022-28390

CVSS scores:

CVE-2021-39713 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-39713 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

CVE-2022-0886 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected Products:

SUSE Linux Enterprise High Availability 15

SUSE Linux Enterprise High Performance Computing 15

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Module for Live Patching 15

SUSE Linux Enterprise Server 15

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server for SAP Applications 15

https://www.suse.com/security/cve/CVE-2021-39713.html

https://www.suse.com/security/cve/CVE-2021-45868.html

https://www.suse.com/security/cve/CVE-2022-0812.html

https://www.suse.com/security/cve/CVE-2022-0850.html

https://www.suse.com/security/cve/CVE-2022-0886.html

https://www.suse.com/security/cve/CVE-2022-1016.html

https://www.suse.com/security/cve/CVE-2022-1048.html

https://www.suse.com/security/cve/CVE-2022-23036.html

https://www.suse.com/security/cve/CVE-2022-23037.html

https://www.suse.com/security/cve/CVE-2022-23038.html

https://www.suse.com/security/cve/CVE-2022-23039.html

https://www.suse.com/security/cve/CVE-2022-23040.html

https://www.suse.com/security/cve/CVE-2022-23041.html

https://www.suse.com/security/cve/CVE-2022-23042.html

https://www.suse.com/security/cve/CVE-2022-26490.html

https://www.suse.com/security/cve/CVE-2022-26966.html

https://www.suse.com/security/cve/CVE-2022-28356.html

https://www.suse.com/security/cve/CVE-2022-28388.html

https://www.suse.com/security/cve/CVE-2022-28389.html

https://www.suse.com/security/cve/CVE-2022-28390.html

https://bugzilla.suse.com/1189562

https://bugzilla.suse.com/1194943

https://bugzilla.suse.com/1195051

https://bugzilla.suse.com/1195353

https://bugzilla.suse.com/1196018

https://bugzilla.suse.com/1196114

https://bugzilla.suse.com/1196468

https://bugzilla.suse.com/1196488

https://bugzilla.suse.com/1196514

https://bugzilla.suse.com/1196639

https://bugzilla.suse.com/1196761

https://bugzilla.suse.com/1196830

https://bugzilla.suse.com/1196836

https://bugzilla.suse.com/1196942

https://bugzilla.suse.com/1196973

https://bugzilla.suse.com/1197131

https://bugzilla.suse.com/1197227

https://bugzilla.suse.com/1197331

https://bugzilla.suse.com/1197366

https://bugzilla.suse.com/1197391

https://bugzilla.suse.com/1198031

https://bugzilla.suse.com/1198032

https://bugzilla.suse.com/1198033

Severity
Announcement ID: SUSE-SU-2022:1255-1
Rating: important

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved