SUSE: 2022:3282-1 Important: Kernel Fixes for Privilege Escalation

suse

September 15, 2022

An update that solves 12 vulnerabilities and has 23 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948). - CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898). - CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672). - CVE-2022-29581: Fixed improper update of reference count vulnerability in net/sched that allowed a local attacker to cause privilege escalation to root (bnc#1199665). - CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).

Topics Covered

security advisory privilege escalation kernel patch system update SUSE Linux bugfix important advisory

References

#1054914 #1065729 #1120716 #1179310 #1190397

#1191881 #1194535 #1196616 #1197158 #1199617

#1199665 #1201019 #1201264 #1201420 #1201442

#1201610 #1201705 #1201726 #1201948 #1202017

#1202096 #1202154 #1202346 #1202347 #1202393

#1202396 #1202528 #1202577 #1202672 #1202830

#1202897 #1202898 #1203013 #1203098 #1203126

Cross- CVE-2020-36516 CVE-2021-4203 CVE-2022-20368

CVE-2022-20369 CVE-2022-21385 CVE-2022-2588

CVE-2022-26373 CVE-2022-2639 CVE-2022-29581

CVE-2022-2977 CVE-2022-3028 CVE-2022-36879

CVSS scores:

CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

CVE-2020-36516 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:3282-1

Rating: important

Topics Covered

security advisory privilege escalation kernel patch system update SUSE Linux bugfix important advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:3282-1 Important: Kernel Fixes for Privilege Escalation

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:3282-1 Important: Kernel Fixes for Privilege Escalation

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!