SUSE Linux Enterprise 11 SP4 Security Update: Important Kernel Update

suse

March 8, 2022

An update that solves 10 vulnerabilities and has three fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)

Topics Covered

security advisory denial of service kernel update privilege escalation SUSE Linux importance

References

#1171420 #1179599 #1190025 #1191580 #1193157

#1193669 #1193867 #1194272 #1195109 #1195543

#1195908 #1196079 #1196612

Cross- CVE-2019-0136 CVE-2020-12770 CVE-2020-27820

CVE-2021-3753 CVE-2021-4155 CVE-2021-45095

CVE-2022-0001 CVE-2022-0002 CVE-2022-0492

CVE-2022-0617

CVSS scores:

CVE-2019-0136 (NVD) : 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2019-0136 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVE-2020-12770 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2020-12770 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L

CVE-2021-3753 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:14905-1

Rating: important

Topics Covered

security advisory denial of service kernel update privilege escalation SUSE Linux importance

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 11 SP4 Security Update: Important Kernel Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 11 SP4 Security Update: Important Kernel Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!