Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Linux 15 SP3: 2022:2892-1 Critical: Kernel Denial of Service

suse
Calendar Grey August 25, 2022
Dist Suse Esm H88
A critical update for SUSE Linux Kernel resolves multiple issues affecting system stability. Immediate action recommended.
An update that solves 17 vulnerabilities, contains one feature and has 26 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds write in reserve_sfa_size() (bsc#1202154). - CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method (bnc#1196616). - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940). - CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665). - CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598). - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow privilege escalation kernel fix critical security SUSE Linux

References

#1178134 #1196616 #1196867 #1198829 #1199364

#1199647 #1199648 #1199665 #1199670 #1199695

#1200521 #1200598 #1200644 #1200651 #1200762

#1200910 #1201196 #1201206 #1201251 #1201381

#1201429 #1201442 #1201458 #1201635 #1201636

#1201644 #1201645 #1201664 #1201672 #1201673

#1201676 #1201742 #1201752 #1201846 #1201930

#1201940 #1201941 #1201954 #1201956 #1201958

#1202087 #1202154 #1202312 SLE-24559

Cross- CVE-2020-36516 CVE-2020-36557 CVE-2020-36558

CVE-2021-33655 CVE-2021-33656 CVE-2022-1116

CVE-2022-1462 CVE-2022-20166 CVE-2022-21505

CVE-2022-2318 CVE-2022-26365 CVE-2022-2639

CVE-2022-29581 CVE-2022-33740 CVE-2022-33741

CVE-2022-33742 CVE-2022-36946

CVSS scores:

CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2892-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow privilege escalation kernel fix critical security SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here