SUSE: 2022:2720-1 Important: 7 Kernel Security Fixes and More

suse

August 9, 2022

An update that solves 7 vulnerabilities and has 18 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940). - CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598). - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910). - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of TTYs could lead to a use-after-free (bnc#1201429). - CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636).

Topics Covered

security advisory system protection SUSE Linux memory safety important update kernel security issue

References

#1103269 #1114648 #1190812 #1195775 #1195926

#1198484 #1198829 #1200442 #1200598 #1200644

#1200651 #1200910 #1201196 #1201381 #1201429

#1201635 #1201636 #1201644 #1201651 #1201742

#1201752 #1201930 #1201940 #1201954 #1201958

Cross- CVE-2020-36557 CVE-2020-36558 CVE-2021-33655

CVE-2021-33656 CVE-2022-1462 CVE-2022-20166

CVE-2022-36946

CVSS scores:

CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:2720-1

Rating: important

Topics Covered

security advisory system protection SUSE Linux memory safety important update kernel security issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2720-1 Important: 7 Kernel Security Fixes and More

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2720-1 Important: 7 Kernel Security Fixes and More

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!