Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2022:2376-1 Important: Linux Kernel Security Flaws Addressed

suse
Calendar Grey July 12, 2022
Dist Suse Esm H88
Canonical has issued a security patch for Ubuntu's Kernel, fixing 10 vulnerabilities with essential updates. Restart your machine!
An update that solves 9 vulnerabilities and has 40 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657). - CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that could be used by a local attacker to escalate privileges (bnc#1201171). - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050). - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).

Topics%20covered

Topics Covered

security advisory patch local escalation SUSE Linux security flaws Linux kernel system reboot

References

#1065729 #1179195 #1180814 #1185762 #1192761

#1193629 #1194013 #1195504 #1195775 #1196901

#1197362 #1197754 #1198020 #1199487 #1199489

#1199657 #1200217 #1200263 #1200442 #1200571

#1200599 #1200600 #1200608 #1200619 #1200622

#1200692 #1200806 #1200807 #1200809 #1200810

#1200813 #1200816 #1200820 #1200821 #1200822

#1200825 #1200828 #1200829 #1200925 #1201050

#1201080 #1201143 #1201147 #1201149 #1201160

#1201171 #1201177 #1201193 #1201222

Cross- CVE-2021-26341 CVE-2021-4157 CVE-2022-1679

CVE-2022-20132 CVE-2022-20154 CVE-2022-29900

CVE-2022-29901 CVE-2022-33981 CVE-2022-34918

CVSS scores:

CVE-2021-26341 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-26341 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2376-1
Rating: important

Topics%20covered

Topics Covered

security advisory patch local escalation SUSE Linux security flaws Linux kernel system reboot

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here