Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

SUSE 12-SP4: 2022:2808-1 Important: Kernel Fixes and Security Updates

suse
Calendar Grey August 15, 2022
Dist Suse Esm H88
Red Hat Security Patch addresses various vulnerabilities in the Linux kernel, providing solutions and guidelines for users.
An update that solves four vulnerabilities and has 6 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050). - CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635). - CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT (bnc#1201636). - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829). The following non-security bugs were fixed: - Add missing recommends of kernel-install-tools to kernel-source-vanilla (bsc#1200442) - cifs: On cifs_reconnect, resolve the hostname again (bsc#1201926).

Topics%20covered

Topics Covered

security advisory important kernel SUSE bug fixes data leakage issues

References

#1195775 #1195926 #1198484 #1198829 #1200442

#1201050 #1201635 #1201636 #1201926 #1201930

Cross- CVE-2021-26341 CVE-2021-33655 CVE-2021-33656

CVE-2022-1462

CVSS scores:

CVE-2021-26341 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-26341 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2808-1
Rating: important

Topics%20covered

Topics Covered

security advisory important kernel SUSE bug fixes data leakage issues

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here