SUSE: 2022:1651-1 important: Linux Kernel Security Flaws Fixed

suse

May 12, 2022

An update that solves 13 vulnerabilities and has 20 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-7755: Fixed an issue in the fd_locked_ioctl function in drivers/block/floppy.c. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR (bnc#1084513). - CVE-2019-20811: Fixed issue in rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, where a reference count is mishandled (bnc#1172456). - CVE-2021-20292: Fixed object validation prior to performing operations

Topics Covered

security advisory security issue important kernel system update operating system SUSE Linux

References

#1028340 #1065729 #1071995 #1084513 #1114648

#1121726 #1129770 #1137728 #1172456 #1183723

#1187055 #1191647 #1191958 #1194625 #1196018

#1196247 #1196657 #1196901 #1197075 #1197343

#1197663 #1197888 #1197914 #1198217 #1198228

#1198400 #1198413 #1198516 #1198660 #1198687

#1198742 #1198825 #1199012

Cross- CVE-2018-7755 CVE-2019-20811 CVE-2021-20292

CVE-2021-20321 CVE-2021-38208 CVE-2021-43389

CVE-2022-1011 CVE-2022-1280 CVE-2022-1353

CVE-2022-1419 CVE-2022-1516 CVE-2022-23960

CVE-2022-28748

CVSS scores:

CVE-2018-7755 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2018-7755 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2019-20811 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:1651-1

Rating: important

Topics Covered

security advisory security issue important kernel system update operating system SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:1651-1 important: Linux Kernel Security Flaws Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:1651-1 important: Linux Kernel Security Flaws Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!