SUSE: 2022:2809-1 important: the Linux Kernel | LinuxSecurity.com

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:2809-1
Rating:             important
References:         #1114648 #1194013 #1195478 #1195775 #1196472 
                    #1196901 #1197362 #1198829 #1199487 #1199489 
                    #1199647 #1199648 #1199657 #1200263 #1200442 
                    #1200571 #1200599 #1200604 #1200605 #1200608 
                    #1200619 #1200692 #1200762 #1200905 #1200910 
                    #1201050 #1201080 #1201251 #1201429 #1201458 
                    #1201635 #1201636 #1201644 #1201664 #1201672 
                    #1201673 #1201676 #1201742 #1201752 #1201930 
                    #1201940 
Cross-References:   CVE-2020-36557 CVE-2020-36558 CVE-2021-26341
                    CVE-2021-33655 CVE-2021-33656 CVE-2021-4157
                    CVE-2022-1116 CVE-2022-1462 CVE-2022-1679
                    CVE-2022-20132 CVE-2022-20141 CVE-2022-20154
                    CVE-2022-21505 CVE-2022-2318 CVE-2022-26365
                    CVE-2022-29900 CVE-2022-29901 CVE-2022-33740
                    CVE-2022-33741 CVE-2022-33742 CVE-2022-33981
                    CVE-2022-36946
CVSS scores:
                    CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-26341 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2021-26341 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
                    CVE-2021-4157 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-4157 (SUSE): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
                    CVE-2022-1116 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-1116 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-1679 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-1679 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20132 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-20132 (SUSE): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
                    CVE-2022-20141 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20141 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20154 (NVD) : 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-21505 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2318 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-2318 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-26365 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-26365 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-29900 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-29900 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-29901 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-29901 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-33740 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33740 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-33741 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33741 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-33742 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33742 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-33981 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-33981 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Enterprise Storage 7
                    SUSE Linux Enterprise High Availability 15-SP2
                    SUSE Linux Enterprise High Performance Computing 15-SP2
                    SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
                    SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
                    SUSE Linux Enterprise Module for Live Patching 15-SP2
                    SUSE Linux Enterprise Server 15-SP2
                    SUSE Linux Enterprise Server 15-SP2-BCL
                    SUSE Linux Enterprise Server 15-SP2-LTSS
                    SUSE Linux Enterprise Server for SAP 15-SP2
                    SUSE Linux Enterprise Server for SAP Applications 15-SP2
                    SUSE Linux Enterprise Storage 7
                    SUSE Manager Proxy 4.1
                    SUSE Manager Retail Branch Server 4.1
                    SUSE Manager Server 4.1
______________________________________________________________________________

   An update that solves 22 vulnerabilities and has 19 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl
     and closing/opening of ttys could lead to a use-after-free (bnc#1201429).
   - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could
     lead to a NULL pointer dereference and general protection fault
     (bnc#1200910).
   - CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS
     subsystem, related to the replication of files with NFS. A user could
     potentially crash the system or escalate privileges on the system
     (bsc#1194013).
   - CVE-2021-26341: Some AMD CPUs may transiently execute beyond
     unconditional direct branches, which may potentially result in data
     leakage (bsc#1201050).
   - CVE-2021-33655: Fixed memory out of bounds write by ioctl cmd
     FBIOPUT_VSCREENINFO (bnc#1201635).
   - CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd
     PIO_FONT (bnc#1201636).
   - CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which
     allowed a local attacker to cause memory corruption and escalate
     privileges to root (bnc#1199647).
   - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe
     subsystem. This flaw allowed a local user to crash the system or read
     unauthorized random data from memory. (bnc#1198829)
   - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in
     the way a user forces the ath9k_htc_wait_for_target function to fail
     with some input messages (bsc#1199487).
   - CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer
     handler in net/rose/rose_timer.c that allow attackers to crash the
     system without any privileges (bsc#1201251).
   - CVE-2022-20132: Fixed out of bounds read due to improper input
     validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
   - CVE-2022-20141: Fixed a possible use after free due to improper locking
     in ip_check_mc_rcu() (bsc#1200604).
   - CVE-2022-20154: Fixed a use after free due to a race condition in
     lock_sock_nested of sock.c. This could lead to local escalation of
     privilege with System execution privileges needed (bsc#1200599).
   - CVE-2022-21505: Fixed kexec lockdown bypass with ima policy
     (bsc#1201458).
   - CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed
     multiple potential data leaks with Block and Network devices when using
     untrusted backends (bsc#1200762).
   - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre
     like Branch Target Buffer attack, that can leak arbitrary kernel
     information (bsc#1199657).
   - CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
   - CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that
     could lead to remote DoS (bnc#1201940).

   The following non-security bugs were fixed:

   - bcache: avoid unnecessary soft lockup in kworker update_writeback_rate()
     (bsc#1197362).
   - blk-mq: Fix wrong wakeup batch configuration which will cause hang
     (bsc#1200263).
   - blk-mq: clear active_queues before clearing BLK_MQ_F_TAG_QUEUE_SHARED
     (bsc#1200263).
   - blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
   - dma-direct: Fix potential NULL pointer dereference (bsc#1196472
     ltc#192278).
   - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472
     ltc#192278).
   - dma-mapping: add a dma_ops_bypass flag to struct device (bsc#1196472
     ltc#192278).
   - dma-mapping: move the remaining DMA API calls out of line (bsc#1196472
     ltc#192278).
   - dma: kABI: Add back removed exports (bsc#1196472 ltc#192278).
   - exec: Force single empty string when argv is empty (bsc#1200571).
   - fsnotify: invalidate dcache before IN_DELETE event (bsc#1195478
     bsc#1200905).
   - kvm: emulate: Fix SETcc emulation function offsets with SLS
     (bsc#1201930).
   - kvm: emulate: do not adjust size of fastop and setcc subroutines
     (bsc#1201930).
   - powerpc/dma: Fallback to dma_ops when persistent memory present
     (bsc#1196472 ltc#192278).
   - powerpc/pseries/iommu: Create defines for operations in ibm,
     ddw-applicable (bsc#1196472 ltc#192278).
   - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
     (bsc#1196472 ltc#192278).
   - powerpc/pseries/iommu: Update call to ibm, query-pe-dma-windows
     (bsc#1196472 ltc#192278).
   - powerpc: dma: kABI workaround for moving around dma_bypass bit
     (bsc#1196472 ltc#192278).
   - powerpc: use the generic dma_ops_bypass mode (bsc#1196472 ltc#192278).
   - vmxnet3: fix minimum vectors alloc issue (bsc#1199489).
   - x86/bugs: Remove apostrophe typo (bsc#1114648).
   - x86/entry: Remove skip_r11rcx (bsc#1201644).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2809=1

   - SUSE Manager Retail Branch Server 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2809=1

   - SUSE Manager Proxy 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2809=1

   - SUSE Linux Enterprise Server for SAP 15-SP2:

      zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2809=1

   - SUSE Linux Enterprise Server 15-SP2-LTSS:

      zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2809=1

   - SUSE Linux Enterprise Server 15-SP2-BCL:

      zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2809=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP2:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-2809=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2809=1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2809=1

   - SUSE Linux Enterprise High Availability 15-SP2:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-2809=1

   - SUSE Enterprise Storage 7:

      zypper in -t patch SUSE-Storage-7-2022-2809=1



Package List:

   - SUSE Manager Server 4.1 (ppc64le s390x x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Manager Server 4.1 (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Manager Server 4.1 (x86_64):

      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1

   - SUSE Manager Retail Branch Server 4.1 (x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Manager Retail Branch Server 4.1 (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Manager Proxy 4.1 (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Manager Proxy 4.1 (x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):

      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):

      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server 15-SP2-BCL (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-livepatch-5.3.18-150200.24.126.1
      kernel-default-livepatch-devel-5.3.18-150200.24.126.1
      kernel-livepatch-5_3_18-150200_24_126-default-1-150200.5.5.1
      kernel-livepatch-5_3_18-150200_24_126-default-debuginfo-1-150200.5.5.1
      kernel-livepatch-SLE15-SP2_Update_29-debugsource-1-150200.5.5.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1

   - SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150200.24.126.1
      cluster-md-kmp-default-debuginfo-5.3.18-150200.24.126.1
      dlm-kmp-default-5.3.18-150200.24.126.1
      dlm-kmp-default-debuginfo-5.3.18-150200.24.126.1
      gfs2-kmp-default-5.3.18-150200.24.126.1
      gfs2-kmp-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      ocfs2-kmp-default-5.3.18-150200.24.126.1
      ocfs2-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Enterprise Storage 7 (aarch64 x86_64):

      kernel-default-5.3.18-150200.24.126.1
      kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
      kernel-default-debuginfo-5.3.18-150200.24.126.1
      kernel-default-debugsource-5.3.18-150200.24.126.1
      kernel-default-devel-5.3.18-150200.24.126.1
      kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-obs-build-5.3.18-150200.24.126.1
      kernel-obs-build-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-5.3.18-150200.24.126.1
      kernel-preempt-debuginfo-5.3.18-150200.24.126.1
      kernel-preempt-debugsource-5.3.18-150200.24.126.1
      kernel-preempt-devel-5.3.18-150200.24.126.1
      kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
      kernel-syms-5.3.18-150200.24.126.1
      reiserfs-kmp-default-5.3.18-150200.24.126.1
      reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1

   - SUSE Enterprise Storage 7 (noarch):

      kernel-devel-5.3.18-150200.24.126.1
      kernel-docs-5.3.18-150200.24.126.1
      kernel-macros-5.3.18-150200.24.126.1
      kernel-source-5.3.18-150200.24.126.1


References:

   https://www.suse.com/security/cve/CVE-2020-36557.html
   https://www.suse.com/security/cve/CVE-2020-36558.html
   https://www.suse.com/security/cve/CVE-2021-26341.html
   https://www.suse.com/security/cve/CVE-2021-33655.html
   https://www.suse.com/security/cve/CVE-2021-33656.html
   https://www.suse.com/security/cve/CVE-2021-4157.html
   https://www.suse.com/security/cve/CVE-2022-1116.html
   https://www.suse.com/security/cve/CVE-2022-1462.html
   https://www.suse.com/security/cve/CVE-2022-1679.html
   https://www.suse.com/security/cve/CVE-2022-20132.html
   https://www.suse.com/security/cve/CVE-2022-20141.html
   https://www.suse.com/security/cve/CVE-2022-20154.html
   https://www.suse.com/security/cve/CVE-2022-21505.html
   https://www.suse.com/security/cve/CVE-2022-2318.html
   https://www.suse.com/security/cve/CVE-2022-26365.html
   https://www.suse.com/security/cve/CVE-2022-29900.html
   https://www.suse.com/security/cve/CVE-2022-29901.html
   https://www.suse.com/security/cve/CVE-2022-33740.html
   https://www.suse.com/security/cve/CVE-2022-33741.html
   https://www.suse.com/security/cve/CVE-2022-33742.html
   https://www.suse.com/security/cve/CVE-2022-33981.html
   https://www.suse.com/security/cve/CVE-2022-36946.html
   https://bugzilla.suse.com/1114648
   https://bugzilla.suse.com/1194013
   https://bugzilla.suse.com/1195478
   https://bugzilla.suse.com/1195775
   https://bugzilla.suse.com/1196472
   https://bugzilla.suse.com/1196901
   https://bugzilla.suse.com/1197362
   https://bugzilla.suse.com/1198829
   https://bugzilla.suse.com/1199487
   https://bugzilla.suse.com/1199489
   https://bugzilla.suse.com/1199647
   https://bugzilla.suse.com/1199648
   https://bugzilla.suse.com/1199657
   https://bugzilla.suse.com/1200263
   https://bugzilla.suse.com/1200442
   https://bugzilla.suse.com/1200571
   https://bugzilla.suse.com/1200599
   https://bugzilla.suse.com/1200604
   https://bugzilla.suse.com/1200605
   https://bugzilla.suse.com/1200608
   https://bugzilla.suse.com/1200619
   https://bugzilla.suse.com/1200692
   https://bugzilla.suse.com/1200762
   https://bugzilla.suse.com/1200905
   https://bugzilla.suse.com/1200910
   https://bugzilla.suse.com/1201050
   https://bugzilla.suse.com/1201080
   https://bugzilla.suse.com/1201251
   https://bugzilla.suse.com/1201429
   https://bugzilla.suse.com/1201458
   https://bugzilla.suse.com/1201635
   https://bugzilla.suse.com/1201636
   https://bugzilla.suse.com/1201644
   https://bugzilla.suse.com/1201664
   https://bugzilla.suse.com/1201672
   https://bugzilla.suse.com/1201673
   https://bugzilla.suse.com/1201676
   https://bugzilla.suse.com/1201742
   https://bugzilla.suse.com/1201752
   https://bugzilla.suse.com/1201930
   https://bugzilla.suse.com/1201940

SUSE: 2022:2809-1 important: the Linux Kernel

August 15, 2022
An update that solves 22 vulnerabilities and has 19 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free (bnc#1201429). - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910). - CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013). - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050). - CVE-2021-33655: Fixed memory out of bounds write by ioctl cmd FBIOPUT_VSCREENINFO (bnc#1201635). - CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636). - CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647). - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem. This flaw allowed a local user to crash the system or read unauthorized random data from memory. (bnc#1198829) - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487). - CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251). - CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619). - CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604). - CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599). - CVE-2022-21505: Fixed kexec lockdown bypass with ima policy (bsc#1201458). - CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762). - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657). - CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692) - CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940). The following non-security bugs were fixed: - bcache: avoid unnecessary soft lockup in kworker update_writeback_rate() (bsc#1197362). - blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#1200263). - blk-mq: clear active_queues before clearing BLK_MQ_F_TAG_QUEUE_SHARED (bsc#1200263). - blk-mq: fix tag_get wait task can't be awakened (bsc#1200263). - dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278). - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278). - dma-mapping: add a dma_ops_bypass flag to struct device (bsc#1196472 ltc#192278). - dma-mapping: move the remaining DMA API calls out of line (bsc#1196472 ltc#192278). - dma: kABI: Add back removed exports (bsc#1196472 ltc#192278). - exec: Force single empty string when argv is empty (bsc#1200571). - fsnotify: invalidate dcache before IN_DELETE event (bsc#1195478 bsc#1200905). - kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930). - kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930). - powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). - powerpc/pseries/iommu: Create defines for operations in ibm, ddw-applicable (bsc#1196472 ltc#192278). - powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278). - powerpc/pseries/iommu: Update call to ibm, query-pe-dma-windows (bsc#1196472 ltc#192278). - powerpc: dma: kABI workaround for moving around dma_bypass bit (bsc#1196472 ltc#192278). - powerpc: use the generic dma_ops_bypass mode (bsc#1196472 ltc#192278). - vmxnet3: fix minimum vectors alloc issue (bsc#1199489). - x86/bugs: Remove apostrophe typo (bsc#1114648). - x86/entry: Remove skip_r11rcx (bsc#1201644).

References

#1114648 #1194013 #1195478 #1195775 #1196472

#1196901 #1197362 #1198829 #1199487 #1199489

#1199647 #1199648 #1199657 #1200263 #1200442

#1200571 #1200599 #1200604 #1200605 #1200608

#1200619 #1200692 #1200762 #1200905 #1200910

#1201050 #1201080 #1201251 #1201429 #1201458

#1201635 #1201636 #1201644 #1201664 #1201672

#1201673 #1201676 #1201742 #1201752 #1201930

#1201940

Cross- CVE-2020-36557 CVE-2020-36558 CVE-2021-26341

CVE-2021-33655 CVE-2021-33656 CVE-2021-4157

CVE-2022-1116 CVE-2022-1462 CVE-2022-1679

CVE-2022-20132 CVE-2022-20141 CVE-2022-20154

CVE-2022-21505 CVE-2022-2318 CVE-2022-26365

CVE-2022-29900 CVE-2022-29901 CVE-2022-33740

CVE-2022-33741 CVE-2022-33742 CVE-2022-33981

CVE-2022-36946

CVSS scores:

CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-26341 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-26341 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

CVE-2021-4157 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-4157 (SUSE): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

CVE-2022-1116 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1116 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-1679 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-1679 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20132 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2022-20132 (SUSE): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

CVE-2022-20141 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20141 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20154 (NVD) : 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-21505 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-2318 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-2318 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-26365 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-26365 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CVE-2022-29900 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-29900 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-29901 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-29901 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-33740 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-33740 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CVE-2022-33741 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-33741 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CVE-2022-33742 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2022-33742 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CVE-2022-33981 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVE-2022-33981 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Enterprise Storage 7

SUSE Linux Enterprise High Availability 15-SP2

SUSE Linux Enterprise High Performance Computing 15-SP2

SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS

SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS

SUSE Linux Enterprise Module for Live Patching 15-SP2

SUSE Linux Enterprise Server 15-SP2

SUSE Linux Enterprise Server 15-SP2-BCL

SUSE Linux Enterprise Server 15-SP2-LTSS

SUSE Linux Enterprise Server for SAP 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15-SP2

SUSE Linux Enterprise Storage 7

SUSE Manager Proxy 4.1

SUSE Manager Retail Branch Server 4.1

SUSE Manager Server 4.1

https://www.suse.com/security/cve/CVE-2020-36557.html

https://www.suse.com/security/cve/CVE-2020-36558.html

https://www.suse.com/security/cve/CVE-2021-26341.html

https://www.suse.com/security/cve/CVE-2021-33655.html

https://www.suse.com/security/cve/CVE-2021-33656.html

https://www.suse.com/security/cve/CVE-2021-4157.html

https://www.suse.com/security/cve/CVE-2022-1116.html

https://www.suse.com/security/cve/CVE-2022-1462.html

https://www.suse.com/security/cve/CVE-2022-1679.html

https://www.suse.com/security/cve/CVE-2022-20132.html

https://www.suse.com/security/cve/CVE-2022-20141.html

https://www.suse.com/security/cve/CVE-2022-20154.html

https://www.suse.com/security/cve/CVE-2022-21505.html

https://www.suse.com/security/cve/CVE-2022-2318.html

https://www.suse.com/security/cve/CVE-2022-26365.html

https://www.suse.com/security/cve/CVE-2022-29900.html

https://www.suse.com/security/cve/CVE-2022-29901.html

https://www.suse.com/security/cve/CVE-2022-33740.html

https://www.suse.com/security/cve/CVE-2022-33741.html

https://www.suse.com/security/cve/CVE-2022-33742.html

https://www.suse.com/security/cve/CVE-2022-33981.html

https://www.suse.com/security/cve/CVE-2022-36946.html

https://bugzilla.suse.com/1114648

https://bugzilla.suse.com/1194013

https://bugzilla.suse.com/1195478

https://bugzilla.suse.com/1195775

https://bugzilla.suse.com/1196472

https://bugzilla.suse.com/1196901

https://bugzilla.suse.com/1197362

https://bugzilla.suse.com/1198829

https://bugzilla.suse.com/1199487

https://bugzilla.suse.com/1199489

https://bugzilla.suse.com/1199647

https://bugzilla.suse.com/1199648

https://bugzilla.suse.com/1199657

https://bugzilla.suse.com/1200263

https://bugzilla.suse.com/1200442

https://bugzilla.suse.com/1200571

https://bugzilla.suse.com/1200599

https://bugzilla.suse.com/1200604

https://bugzilla.suse.com/1200605

https://bugzilla.suse.com/1200608

https://bugzilla.suse.com/1200619

https://bugzilla.suse.com/1200692

https://bugzilla.suse.com/1200762

https://bugzilla.suse.com/1200905

https://bugzilla.suse.com/1200910

https://bugzilla.suse.com/1201050

https://bugzilla.suse.com/1201080

https://bugzilla.suse.com/1201251

https://bugzilla.suse.com/1201429

https://bugzilla.suse.com/1201458

https://bugzilla.suse.com/1201635

https://bugzilla.suse.com/1201636

https://bugzilla.suse.com/1201644

https://bugzilla.suse.com/1201664

https://bugzilla.suse.com/1201672

https://bugzilla.suse.com/1201673

https://bugzilla.suse.com/1201676

https://bugzilla.suse.com/1201742

https://bugzilla.suse.com/1201752

https://bugzilla.suse.com/1201930

https://bugzilla.suse.com/1201940

Severity
Announcement ID: SUSE-SU-2022:2809-1
Rating: important

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.