SUSE: 2022:2721-2 Critical: Kernel Vulnerability Resolution

suse

August 9, 2022

An update that fixes 14 vulnerabilities is now available

Summary

The SUSE Linux Enterprise 12 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940). - CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598). - CVE-2020-15393: Fixed a memory leak in the usbtest driver which could lead to denial of service (bnc#1173514). - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910). - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of TTYs could lead to a use-after-free (bnc#1201429).

Topics Covered

security advisory denial of service important linux kernel suse linux

References

#1173514 #1196973 #1198829 #1200598 #1200762

#1200910 #1201251 #1201429 #1201635 #1201636

#1201742 #1201752 #1201930 #1201940

Cross- CVE-2020-15393 CVE-2020-36557 CVE-2020-36558

CVE-2021-33655 CVE-2021-33656 CVE-2021-39713

CVE-2022-1462 CVE-2022-20166 CVE-2022-2318

CVE-2022-26365 CVE-2022-33740 CVE-2022-33741

CVE-2022-33742 CVE-2022-36946

CVSS scores:

CVE-2020-15393 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-15393 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:2721-1

Rating: important

Topics Covered

security advisory denial of service important linux kernel suse linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2721-2 Critical: Kernel Vulnerability Resolution

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2721-2 Critical: Kernel Vulnerability Resolution

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!