SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:14905-1
Rating:             important
References:         #1171420 #1179599 #1190025 #1191580 #1193157 
                    #1193669 #1193867 #1194272 #1195109 #1195543 
                    #1195908 #1196079 #1196612 
Cross-References:   CVE-2019-0136 CVE-2020-12770 CVE-2020-27820
                    CVE-2021-3753 CVE-2021-4155 CVE-2021-45095
                    CVE-2022-0001 CVE-2022-0002 CVE-2022-0492
                    CVE-2022-0617
CVSS scores:
                    CVE-2019-0136 (NVD) : 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2019-0136 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2020-12770 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-12770 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
                    CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
                    CVE-2021-3753 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-3753 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Debuginfo 11-SP4
                    SUSE Linux Enterprise Server 11-EXTRA
                    SUSE Linux Enterprise Server 11-SP4-LTSS
______________________________________________________________________________

   An update that solves 10 vulnerabilities and has three
   fixes is now available.

Description:

   The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
   security and bugfixes.


   Transient execution side-channel attacks attacking the Branch History
   Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch
   History Injection" are now mitigated.

   The following security bugs were fixed:

   - CVE-2022-0001: Fixed Branch History Injection vulnerability
     (bsc#1191580).
   - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability
     (bsc#1191580).
   - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases
     (bsc#1171420).
   - CVE-2022-0617: Fixed a null pointer dereference in UDF file system
     functionality. A local user could crash the system by triggering
     udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
   - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
     release_agent feature, which allowed bypassing namespace isolation
     unexpectedly (bsc#1195543).
   - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in
     net/phonet/pep.c (bsc#1193867).
   - CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to
     leak data on the XFS filesystem (bsc#1194272).
   - CVE-2020-27820: Fixed a vulnerability where a use-after-frees in
     nouveau's postclose() handler could happen if removing device
     (bsc#1179599).
   - CVE-2019-0136: Fixed an insufficient access control which allow an
     unauthenticated user to execute a denial of service (bsc#1193157).
   - CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling
     (bsc#1190025).

   The following non-security bugs were fixed:

   - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
   - md: check the return of mddev_find() (bsc#1195109).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4-LTSS:

      zypper in -t patch slessp4-kernel-14905=1

   - SUSE Linux Enterprise Server 11-EXTRA:

      zypper in -t patch slexsp3-kernel-14905=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-kernel-14905=1



Package List:

   - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64):

      kernel-default-3.0.101-108.135.1
      kernel-default-base-3.0.101-108.135.1
      kernel-default-devel-3.0.101-108.135.1
      kernel-source-3.0.101-108.135.1
      kernel-syms-3.0.101-108.135.1
      kernel-trace-3.0.101-108.135.1
      kernel-trace-base-3.0.101-108.135.1
      kernel-trace-devel-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64):

      kernel-ec2-3.0.101-108.135.1
      kernel-ec2-base-3.0.101-108.135.1
      kernel-ec2-devel-3.0.101-108.135.1
      kernel-xen-3.0.101-108.135.1
      kernel-xen-base-3.0.101-108.135.1
      kernel-xen-devel-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (ppc64):

      kernel-bigmem-3.0.101-108.135.1
      kernel-bigmem-base-3.0.101-108.135.1
      kernel-bigmem-devel-3.0.101-108.135.1
      kernel-ppc64-3.0.101-108.135.1
      kernel-ppc64-base-3.0.101-108.135.1
      kernel-ppc64-devel-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (s390x):

      kernel-default-man-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-SP4-LTSS (i586):

      kernel-pae-3.0.101-108.135.1
      kernel-pae-base-3.0.101-108.135.1
      kernel-pae-devel-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

      kernel-xen-extra-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-EXTRA (x86_64):

      kernel-trace-extra-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-EXTRA (ppc64):

      kernel-ppc64-extra-3.0.101-108.135.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586):

      kernel-pae-extra-3.0.101-108.135.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64):

      kernel-default-debuginfo-3.0.101-108.135.1
      kernel-default-debugsource-3.0.101-108.135.1
      kernel-trace-debuginfo-3.0.101-108.135.1
      kernel-trace-debugsource-3.0.101-108.135.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 s390x x86_64):

      kernel-default-devel-debuginfo-3.0.101-108.135.1
      kernel-trace-devel-debuginfo-3.0.101-108.135.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

      kernel-ec2-debuginfo-3.0.101-108.135.1
      kernel-ec2-debugsource-3.0.101-108.135.1
      kernel-xen-debuginfo-3.0.101-108.135.1
      kernel-xen-debugsource-3.0.101-108.135.1
      kernel-xen-devel-debuginfo-3.0.101-108.135.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):

      kernel-bigmem-debuginfo-3.0.101-108.135.1
      kernel-bigmem-debugsource-3.0.101-108.135.1
      kernel-ppc64-debuginfo-3.0.101-108.135.1
      kernel-ppc64-debugsource-3.0.101-108.135.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586):

      kernel-pae-debuginfo-3.0.101-108.135.1
      kernel-pae-debugsource-3.0.101-108.135.1
      kernel-pae-devel-debuginfo-3.0.101-108.135.1


References:

   https://www.suse.com/security/cve/CVE-2019-0136.html
   https://www.suse.com/security/cve/CVE-2020-12770.html
   https://www.suse.com/security/cve/CVE-2020-27820.html
   https://www.suse.com/security/cve/CVE-2021-3753.html
   https://www.suse.com/security/cve/CVE-2021-4155.html
   https://www.suse.com/security/cve/CVE-2021-45095.html
   https://www.suse.com/security/cve/CVE-2022-0001.html
   https://www.suse.com/security/cve/CVE-2022-0002.html
   https://www.suse.com/security/cve/CVE-2022-0492.html
   https://www.suse.com/security/cve/CVE-2022-0617.html
   https://bugzilla.suse.com/1171420
   https://bugzilla.suse.com/1179599
   https://bugzilla.suse.com/1190025
   https://bugzilla.suse.com/1191580
   https://bugzilla.suse.com/1193157
   https://bugzilla.suse.com/1193669
   https://bugzilla.suse.com/1193867
   https://bugzilla.suse.com/1194272
   https://bugzilla.suse.com/1195109
   https://bugzilla.suse.com/1195543
   https://bugzilla.suse.com/1195908
   https://bugzilla.suse.com/1196079
   https://bugzilla.suse.com/1196612

SUSE: 2022:14905-1 important: the Linux Kernel

March 8, 2022
An update that solves 10 vulnerabilities and has three fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bsc#1193867). - CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to leak data on the XFS filesystem (bsc#1194272). - CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device (bsc#1179599). - CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service (bsc#1193157). - CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025). The following non-security bugs were fixed: - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - md: check the return of mddev_find() (bsc#1195109).

References

#1171420 #1179599 #1190025 #1191580 #1193157

#1193669 #1193867 #1194272 #1195109 #1195543

#1195908 #1196079 #1196612

Cross- CVE-2019-0136 CVE-2020-12770 CVE-2020-27820

CVE-2021-3753 CVE-2021-4155 CVE-2021-45095

CVE-2022-0001 CVE-2022-0002 CVE-2022-0492

CVE-2022-0617

CVSS scores:

CVE-2019-0136 (NVD) : 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2019-0136 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2020-12770 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2020-12770 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L

CVE-2021-3753 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-3753 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Server 11-SP4-LTSS

https://www.suse.com/security/cve/CVE-2019-0136.html

https://www.suse.com/security/cve/CVE-2020-12770.html

https://www.suse.com/security/cve/CVE-2020-27820.html

https://www.suse.com/security/cve/CVE-2021-3753.html

https://www.suse.com/security/cve/CVE-2021-4155.html

https://www.suse.com/security/cve/CVE-2021-45095.html

https://www.suse.com/security/cve/CVE-2022-0001.html

https://www.suse.com/security/cve/CVE-2022-0002.html

https://www.suse.com/security/cve/CVE-2022-0492.html

https://www.suse.com/security/cve/CVE-2022-0617.html

https://bugzilla.suse.com/1171420

https://bugzilla.suse.com/1179599

https://bugzilla.suse.com/1190025

https://bugzilla.suse.com/1191580

https://bugzilla.suse.com/1193157

https://bugzilla.suse.com/1193669

https://bugzilla.suse.com/1193867

https://bugzilla.suse.com/1194272

https://bugzilla.suse.com/1195109

https://bugzilla.suse.com/1195543

https://bugzilla.suse.com/1195908

https://bugzilla.suse.com/1196079

https://bugzilla.suse.com/1196612

Severity
Announcement ID: SUSE-SU-2022:14905-1
Rating: important

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved