Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2022:2078-1 Critical: Important Kernel Security Update Released

suse
Calendar Grey June 14, 2022
Dist Suse Esm H88
Explore the vital SUSE Security Update for the Linux Kernel aimed at critical vulnerabilities, improving system security and stability against potential threats.
An update that solves 14 vulnerabilities, contains two features and has 32 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-0168: Fixed a NULL pointer dereference in smb2_ioctl_query_info. (bsc#1197472) - CVE-2022-20008: Fixed bug that allows to read kernel heap memory due to uninitialized data in mmc_blk_read_single of block.c. (bnc#1199564) - CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019) - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow kernel update privilege escalation security fix SUSE Enterprise

References

#1055117 #1061840 #1065729 #1103269 #1118212

#1153274 #1154353 #1156395 #1158266 #1167773

#1176447 #1178134 #1180100 #1183405 #1188885

#1195826 #1196426 #1196478 #1196570 #1196840

#1197446 #1197472 #1197601 #1197675 #1198438

#1198577 #1198971 #1198989 #1199035 #1199052

#1199063 #1199114 #1199314 #1199505 #1199507

#1199564 #1199626 #1199631 #1199650 #1199670

#1199839 #1200019 #1200045 #1200046 #1200192

#1200216 SLE-13521 SLE-16387

Cross- CVE-2019-19377 CVE-2021-33061 CVE-2022-0168

CVE-2022-1184 CVE-2022-1652 CVE-2022-1729

CVE-2022-1972 CVE-2022-20008 CVE-2022-21123

CVE-2022-21125 CVE-2022-21127 CVE-2022-21166

CVE-2022-21180 CVE-2022-30594

CVSS scores:

CVE-2019-19377 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2078-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow kernel update privilege escalation security fix SUSE Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here