Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

SUSE: 2022:2172-1 Important: Linux Kernel Fixes for Privilege Escalation

suse
Calendar Grey June 24, 2022
Dist Suse Esm H88
Ubuntu releases Critical Patches for the Linux Kernel tackling significant security flaws, reinforcing the integrity of systems.
An update that solves 7 vulnerabilities and has 10 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-1012: Fixed a small table perturb size in the TCP source port generation algorithm which could leads to information leak. (bsc#1199482). - CVE-2022-20141: Fixed an use after free due to improper locking. This bug could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. (bnc#1200604) - CVE-2022-32250: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015) - CVE-2022-1975: Fixed a sleep-in-atomic bug that allows attacker to crash linux kernel by simulating nfc device from user-space. (bsc#1200143)

Topics%20covered

Topics Covered

security advisory update privilege escalation DoS vulnerability kernel SUSE

References

#1177282 #1184924 #1198924 #1199365 #1199482

#1200015 #1200143 #1200144 #1200206 #1200207

#1200249 #1200259 #1200263 #1200343 #1200494

#1200529 #1200604

Cross- CVE-2020-26541 CVE-2022-1012 CVE-2022-1966

CVE-2022-1974 CVE-2022-1975 CVE-2022-20141

CVE-2022-32250

CVSS scores:

CVE-2020-26541 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CVE-2022-1012 (SUSE): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

CVE-2022-1966 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1966 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1974 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1975 (SUSE): 4.5 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2172-1
Rating: important

Topics%20covered

Topics Covered

security advisory update privilege escalation DoS vulnerability kernel SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here