Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2022:2700-1 Critical: Linux Kernel Live Patch 26 for SLE 15 SP2

suse
Calendar Grey August 8, 2022
Dist Suse Esm H88
SUSE Security Update resolves various vulnerabilities in the Linux Kernel (Live Patch 25 for SLE 12 SP4), incorporating critical corrections.
An update that fixes 6 vulnerabilities is now available

Summary

This update for the Linux Kernel 4.12.14-95_93 fixes several issues. The following security issues were fixed: - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033) - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830) - CVE-2022-1419: Fixed a concurrency use-after-free in vgem_gem_dumb_create (bsc#1198742). - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031). - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).

Topics%20covered

Topics Covered

security advisory critical important system patch SUSE Linux Kernel live patch

References

#1200605 #1201080 #1201517 #1201655 #1201656

#1201657

Cross- CVE-2022-1419 CVE-2022-1679 CVE-2022-20141

CVE-2022-26490 CVE-2022-28389 CVE-2022-28390

CVSS scores:

CVE-2022-1419 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1419 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1679 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1679 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20141 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20141 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26490 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2699-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical important system patch SUSE Linux Kernel live patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here