SUSE: 2022:3408-1 important: the Linux Kernel | LinuxSecurity.com

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:3408-1
Rating:             important
References:         #1177440 #1180153 #1188944 #1191881 #1194535 
                    #1196616 #1197158 #1199482 #1199665 #1201019 
                    #1201420 #1201705 #1201726 #1201948 #1202096 
                    #1202097 #1202154 #1202335 #1202346 #1202347 
                    #1202393 #1202396 #1202672 #1202897 #1202898 
                    #1203098 #1203107 
Cross-References:   CVE-2020-36516 CVE-2021-4203 CVE-2022-1012
                    CVE-2022-20368 CVE-2022-20369 CVE-2022-21385
                    CVE-2022-2588 CVE-2022-26373 CVE-2022-2639
                    CVE-2022-2663 CVE-2022-29581 CVE-2022-2977
                    CVE-2022-3028 CVE-2022-36879 CVE-2022-39188
                   
CVSS scores:
                    CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
                    CVE-2020-36516 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
                    CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-4203 (SUSE): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
                    CVE-2022-1012 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-1012 (SUSE): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
                    CVE-2022-20368 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20368 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-20369 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20369 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-21385 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-21385 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-2588 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-26373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-2639 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2639 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
                    CVE-2022-2663 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
                    CVE-2022-2663 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
                    CVE-2022-29581 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-29581 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2977 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2977 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
                    CVE-2022-3028 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3028 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-36879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-36879 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-39188 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-39188 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE CaaS Platform 4.0
                    SUSE Enterprise Storage 6
                    SUSE Linux Enterprise High Availability 15-SP1
                    SUSE Linux Enterprise High Performance Computing 15-SP1
                    SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
                    SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
                    SUSE Linux Enterprise Module for Live Patching 15-SP1
                    SUSE Linux Enterprise Server 15-SP1
                    SUSE Linux Enterprise Server 15-SP1-BCL
                    SUSE Linux Enterprise Server 15-SP1-LTSS
                    SUSE Linux Enterprise Server for SAP 15-SP1
                    SUSE Linux Enterprise Server for SAP Applications 15-SP1
                    SUSE Linux Enterprise Storage 6
                    SUSE Manager Proxy 4.0
                    SUSE Manager Retail Branch Server 4.0
                    SUSE Manager Server 4.0
                    openSUSE Leap 15.3
                    openSUSE Leap 15.4
______________________________________________________________________________

   An update that solves 15 vulnerabilities and has 12 fixes
   is now available.

Description:


   The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive
   various security and bugfixes.


   The following security bugs were fixed:

   - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where
     an attacker was able to inject data into or terminate a victim's TCP
     session (bnc#1196616).
   - CVE-2021-4203: Fixed use-after-free read flaw that was found in
     sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
     SO_PEERGROUPS race with listen() (bnc#1194535).
   - CVE-2022-1012: Fixed a memory leak problem that was found in the TCP
     source port generation algorithm in net/ipv4/tcp.c (bnc#1199482).
   - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
     (bsc#1202346).
   - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of
     v4l2-mem2mem.c (bnc#1202347).
   - CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed
     unprivileged local users to crash the machine (bnc#1202897).
   - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
   - CVE-2022-26373: Fixed non-transparent sharing of return predictor
     targets between contexts in some Intel Processors (bnc#1201726).
   - CVE-2022-2639: Fixed an integer coercion error that was found in the
     openvswitch kernel module (bnc#1202154).
   - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where
     the message handling could be confused and incorrectly matches the
     message (bnc#1202097).
   - CVE-2022-29581: Fixed improper update of reference count vulnerability
     in net/sched that allowed a local attacker to cause privilege escalation
     to root (bnc#1199665).
   - CVE-2022-2977: Fixed reference counting for struct tpm_chip
     (bsc#1202672).
   - CVE-2022-3028: Fixed race condition that was found in the IP framework
     for transforming packets (XFRM subsystem) (bnc#1202898).
   - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
     net/xfrm/xfrm_policy.c where a refcount could be dropped twice
     (bnc#1201948).
   - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where
     a device driver can free a page while it still has stale TLB entries
     (bnc#1203107).

   The following non-security bugs were fixed:

   - rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
   - cifs: fix error paths in cifs_tree_connect() (bsc#1177440).
   - cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share
     (bsc#1188944).
   - cifs: report error instead of invalid when revalidating a dentry fails
     (bsc#1177440).
   - cifs: skip trailing separators of prefix paths (bsc#1188944).
   - kernel-obs-build: include qemu_fw_cfg (boo#1201705)
   - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420
     ZDI-CAN-17325).
   - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
   - mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes,
     bsc#1203098).
   - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
     (git-fixes, bsc#1203098).
   - net_sched: cls_route: disallow handle of 0 (bsc#1202393).
   - net_sched: cls_route: disallow handle of 0 (bsc#1202393).
   - objtool: Add --backtrace support (bsc#1202396).
   - objtool: Add support for intra-function calls (bsc#1202396).
   - objtool: Allow no-op CFI ops in alternatives (bsc#1202396).
   - objtool: Convert insn type to enum (bsc#1202396).
   - objtool: Do not use ignore flag for fake jumps (bsc#1202396).
   - objtool: Fix !CFI insn_state propagation (bsc#1202396).
   - objtool: Fix ORC vs alternatives (bsc#1202396).
   - objtool: Fix sibling call detection (bsc#1202396).
   - objtool: Make handle_insn_ops() unconditional (bsc#1202396).
   - objtool: Remove INSN_STACK (bsc#1202396).
   - objtool: Remove check preventing branches within alternative
     (bsc#1202396).
   - objtool: Rename elf_open() to prevent conflict with libelf from
     elftoolchain (bsc#1202396).
   - objtool: Rename struct cfi_state (bsc#1202396).
   - objtool: Rework allocating stack_ops on decode (bsc#1202396).
   - objtool: Rewrite alt->skip_orig (bsc#1202396).
   - objtool: Set insn->func for alternatives (bsc#1202396).
   - objtool: Support conditional retpolines (bsc#1202396).
   - objtool: Support multiple stack_op per instruction (bsc#1202396).
   - objtool: Track original function across branches (bsc#1202396).
   - objtool: Uniquely identify alternative instruction groups (bsc#1202396).
   - objtool: Use Elf_Scn typedef instead of assuming struct name
     (bsc#1202396).
   - tcp: add some entropy in __inet_hash_connect() (bsc#1180153 bsc#1202335).
   - tcp: change source port randomizarion at connect() time (bsc#1180153
     bsc#1202335).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.4:

      zypper in -t patch openSUSE-SLE-15.4-2022-3408=1

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-SLE-15.3-2022-3408=1

   - SUSE Linux Enterprise Server for SAP 15-SP1:

      zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3408=1

   - SUSE Linux Enterprise Server 15-SP1-LTSS:

      zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3408=1

   - SUSE Linux Enterprise Server 15-SP1-BCL:

      zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3408=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-3408=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3408=1

   - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3408=1

   - SUSE Linux Enterprise High Availability 15-SP1:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-3408=1

   - SUSE Enterprise Storage 6:

      zypper in -t patch SUSE-Storage-6-2022-3408=1

   - SUSE CaaS Platform 4.0:

      To install this update, use the SUSE CaaS Platform 'skuba' tool. It
      will inform you if it detects new updates and let you then trigger
      updating of the complete cluster in a controlled way.



Package List:

   - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-4.12.14-150100.197.123.1
      kernel-vanilla-base-4.12.14-150100.197.123.1
      kernel-vanilla-base-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-debugsource-4.12.14-150100.197.123.1
      kernel-vanilla-devel-4.12.14-150100.197.123.1
      kernel-vanilla-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-livepatch-devel-4.12.14-150100.197.123.1

   - openSUSE Leap 15.4 (ppc64le x86_64):

      kernel-debug-base-4.12.14-150100.197.123.1
      kernel-debug-base-debuginfo-4.12.14-150100.197.123.1

   - openSUSE Leap 15.4 (x86_64):

      kernel-kvmsmall-base-4.12.14-150100.197.123.1
      kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.123.1

   - openSUSE Leap 15.4 (s390x):

      kernel-default-man-4.12.14-150100.197.123.1
      kernel-zfcpdump-man-4.12.14-150100.197.123.1

   - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-4.12.14-150100.197.123.1
      kernel-vanilla-base-4.12.14-150100.197.123.1
      kernel-vanilla-base-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-debugsource-4.12.14-150100.197.123.1
      kernel-vanilla-devel-4.12.14-150100.197.123.1
      kernel-vanilla-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-vanilla-livepatch-devel-4.12.14-150100.197.123.1

   - openSUSE Leap 15.3 (ppc64le x86_64):

      kernel-debug-base-4.12.14-150100.197.123.1
      kernel-debug-base-debuginfo-4.12.14-150100.197.123.1

   - openSUSE Leap 15.3 (x86_64):

      kernel-kvmsmall-base-4.12.14-150100.197.123.1
      kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.123.1

   - openSUSE Leap 15.3 (s390x):

      kernel-default-man-4.12.14-150100.197.123.1
      kernel-zfcpdump-man-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1
      reiserfs-kmp-default-4.12.14-150100.197.123.1
      reiserfs-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1
      reiserfs-kmp-default-4.12.14-150100.197.123.1
      reiserfs-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):

      kernel-default-man-4.12.14-150100.197.123.1
      kernel-zfcpdump-debuginfo-4.12.14-150100.197.123.1
      kernel-zfcpdump-debugsource-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server 15-SP1-BCL (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1
      reiserfs-kmp-default-4.12.14-150100.197.123.1
      reiserfs-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):

      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-livepatch-4.12.14-150100.197.123.1
      kernel-default-livepatch-devel-4.12.14-150100.197.123.1
      kernel-livepatch-4_12_14-150100_197_123-default-1-150100.3.3.1

   - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-4.12.14-150100.197.123.1
      cluster-md-kmp-default-debuginfo-4.12.14-150100.197.123.1
      dlm-kmp-default-4.12.14-150100.197.123.1
      dlm-kmp-default-debuginfo-4.12.14-150100.197.123.1
      gfs2-kmp-default-4.12.14-150100.197.123.1
      gfs2-kmp-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      ocfs2-kmp-default-4.12.14-150100.197.123.1
      ocfs2-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE Enterprise Storage 6 (aarch64 x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1
      reiserfs-kmp-default-4.12.14-150100.197.123.1
      reiserfs-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE Enterprise Storage 6 (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1

   - SUSE CaaS Platform 4.0 (x86_64):

      kernel-default-4.12.14-150100.197.123.1
      kernel-default-base-4.12.14-150100.197.123.1
      kernel-default-base-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debuginfo-4.12.14-150100.197.123.1
      kernel-default-debugsource-4.12.14-150100.197.123.1
      kernel-default-devel-4.12.14-150100.197.123.1
      kernel-default-devel-debuginfo-4.12.14-150100.197.123.1
      kernel-obs-build-4.12.14-150100.197.123.1
      kernel-obs-build-debugsource-4.12.14-150100.197.123.1
      kernel-syms-4.12.14-150100.197.123.1
      reiserfs-kmp-default-4.12.14-150100.197.123.1
      reiserfs-kmp-default-debuginfo-4.12.14-150100.197.123.1

   - SUSE CaaS Platform 4.0 (noarch):

      kernel-devel-4.12.14-150100.197.123.1
      kernel-docs-4.12.14-150100.197.123.1
      kernel-macros-4.12.14-150100.197.123.1
      kernel-source-4.12.14-150100.197.123.1


References:

   https://www.suse.com/security/cve/CVE-2020-36516.html
   https://www.suse.com/security/cve/CVE-2021-4203.html
   https://www.suse.com/security/cve/CVE-2022-1012.html
   https://www.suse.com/security/cve/CVE-2022-20368.html
   https://www.suse.com/security/cve/CVE-2022-20369.html
   https://www.suse.com/security/cve/CVE-2022-21385.html
   https://www.suse.com/security/cve/CVE-2022-2588.html
   https://www.suse.com/security/cve/CVE-2022-26373.html
   https://www.suse.com/security/cve/CVE-2022-2639.html
   https://www.suse.com/security/cve/CVE-2022-2663.html
   https://www.suse.com/security/cve/CVE-2022-29581.html
   https://www.suse.com/security/cve/CVE-2022-2977.html
   https://www.suse.com/security/cve/CVE-2022-3028.html
   https://www.suse.com/security/cve/CVE-2022-36879.html
   https://www.suse.com/security/cve/CVE-2022-39188.html
   https://bugzilla.suse.com/1177440
   https://bugzilla.suse.com/1180153
   https://bugzilla.suse.com/1188944
   https://bugzilla.suse.com/1191881
   https://bugzilla.suse.com/1194535
   https://bugzilla.suse.com/1196616
   https://bugzilla.suse.com/1197158
   https://bugzilla.suse.com/1199482
   https://bugzilla.suse.com/1199665
   https://bugzilla.suse.com/1201019
   https://bugzilla.suse.com/1201420
   https://bugzilla.suse.com/1201705
   https://bugzilla.suse.com/1201726
   https://bugzilla.suse.com/1201948
   https://bugzilla.suse.com/1202096
   https://bugzilla.suse.com/1202097
   https://bugzilla.suse.com/1202154
   https://bugzilla.suse.com/1202335
   https://bugzilla.suse.com/1202346
   https://bugzilla.suse.com/1202347
   https://bugzilla.suse.com/1202393
   https://bugzilla.suse.com/1202396
   https://bugzilla.suse.com/1202672
   https://bugzilla.suse.com/1202897
   https://bugzilla.suse.com/1202898
   https://bugzilla.suse.com/1203098
   https://bugzilla.suse.com/1203107

SUSE: 2022:3408-1 important: the Linux Kernel

September 26, 2022
An update that solves 15 vulnerabilities and has 12 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616). - CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535). - CVE-2022-1012: Fixed a memory leak problem that was found in the TCP source port generation algorithm in net/ipv4/tcp.c (bnc#1199482). - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346). - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347). - CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897). - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096). - CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726). - CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154). - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097). - CVE-2022-29581: Fixed improper update of reference count vulnerability in net/sched that allowed a local attacker to cause privilege escalation to root (bnc#1199665). - CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672). - CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898). - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948). - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107). The following non-security bugs were fixed: - rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019). - cifs: fix error paths in cifs_tree_connect() (bsc#1177440). - cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share (bsc#1188944). - cifs: report error instead of invalid when revalidating a dentry fails (bsc#1177440). - cifs: skip trailing separators of prefix paths (bsc#1188944). - kernel-obs-build: include qemu_fw_cfg (boo#1201705) - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325). - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158). - mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes, bsc#1203098). - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098). - net_sched: cls_route: disallow handle of 0 (bsc#1202393). - net_sched: cls_route: disallow handle of 0 (bsc#1202393). - objtool: Add --backtrace support (bsc#1202396). - objtool: Add support for intra-function calls (bsc#1202396). - objtool: Allow no-op CFI ops in alternatives (bsc#1202396). - objtool: Convert insn type to enum (bsc#1202396). - objtool: Do not use ignore flag for fake jumps (bsc#1202396). - objtool: Fix !CFI insn_state propagation (bsc#1202396). - objtool: Fix ORC vs alternatives (bsc#1202396). - objtool: Fix sibling call detection (bsc#1202396). - objtool: Make handle_insn_ops() unconditional (bsc#1202396). - objtool: Remove INSN_STACK (bsc#1202396). - objtool: Remove check preventing branches within alternative (bsc#1202396). - objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (bsc#1202396). - objtool: Rename struct cfi_state (bsc#1202396). - objtool: Rework allocating stack_ops on decode (bsc#1202396). - objtool: Rewrite alt->skip_orig (bsc#1202396). - objtool: Set insn->func for alternatives (bsc#1202396). - objtool: Support conditional retpolines (bsc#1202396). - objtool: Support multiple stack_op per instruction (bsc#1202396). - objtool: Track original function across branches (bsc#1202396). - objtool: Uniquely identify alternative instruction groups (bsc#1202396). - objtool: Use Elf_Scn typedef instead of assuming struct name (bsc#1202396). - tcp: add some entropy in __inet_hash_connect() (bsc#1180153 bsc#1202335). - tcp: change source port randomizarion at connect() time (bsc#1180153 bsc#1202335).

References

#1177440 #1180153 #1188944 #1191881 #1194535

#1196616 #1197158 #1199482 #1199665 #1201019

#1201420 #1201705 #1201726 #1201948 #1202096

#1202097 #1202154 #1202335 #1202346 #1202347

#1202393 #1202396 #1202672 #1202897 #1202898

#1203098 #1203107

Cross- CVE-2020-36516 CVE-2021-4203 CVE-2022-1012

CVE-2022-20368 CVE-2022-20369 CVE-2022-21385

CVE-2022-2588 CVE-2022-26373 CVE-2022-2639

CVE-2022-2663 CVE-2022-29581 CVE-2022-2977

CVE-2022-3028 CVE-2022-36879 CVE-2022-39188

CVSS scores:

CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

CVE-2020-36516 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2021-4203 (SUSE): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L

CVE-2022-1012 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CVE-2022-1012 (SUSE): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

CVE-2022-20368 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20368 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-20369 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20369 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-21385 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-21385 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-2588 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-26373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-2639 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-2639 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CVE-2022-2663 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-2663 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CVE-2022-29581 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-29581 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-2977 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-2977 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

CVE-2022-3028 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-3028 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-36879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-36879 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2022-39188 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-39188 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE CaaS Platform 4.0

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Availability 15-SP1

SUSE Linux Enterprise High Performance Computing 15-SP1

SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS

SUSE Linux Enterprise Module for Live Patching 15-SP1

SUSE Linux Enterprise Server 15-SP1

SUSE Linux Enterprise Server 15-SP1-BCL

SUSE Linux Enterprise Server 15-SP1-LTSS

SUSE Linux Enterprise Server for SAP 15-SP1

SUSE Linux Enterprise Server for SAP Applications 15-SP1

SUSE Linux Enterprise Storage 6

SUSE Manager Proxy 4.0

SUSE Manager Retail Branch Server 4.0

SUSE Manager Server 4.0

openSUSE Leap 15.3

openSUSE Leap 15.4

https://www.suse.com/security/cve/CVE-2020-36516.html

https://www.suse.com/security/cve/CVE-2021-4203.html

https://www.suse.com/security/cve/CVE-2022-1012.html

https://www.suse.com/security/cve/CVE-2022-20368.html

https://www.suse.com/security/cve/CVE-2022-20369.html

https://www.suse.com/security/cve/CVE-2022-21385.html

https://www.suse.com/security/cve/CVE-2022-2588.html

https://www.suse.com/security/cve/CVE-2022-26373.html

https://www.suse.com/security/cve/CVE-2022-2639.html

https://www.suse.com/security/cve/CVE-2022-2663.html

https://www.suse.com/security/cve/CVE-2022-29581.html

https://www.suse.com/security/cve/CVE-2022-2977.html

https://www.suse.com/security/cve/CVE-2022-3028.html

https://www.suse.com/security/cve/CVE-2022-36879.html

https://www.suse.com/security/cve/CVE-2022-39188.html

https://bugzilla.suse.com/1177440

https://bugzilla.suse.com/1180153

https://bugzilla.suse.com/1188944

https://bugzilla.suse.com/1191881

https://bugzilla.suse.com/1194535

https://bugzilla.suse.com/1196616

https://bugzilla.suse.com/1197158

https://bugzilla.suse.com/1199482

https://bugzilla.suse.com/1199665

https://bugzilla.suse.com/1201019

https://bugzilla.suse.com/1201420

https://bugzilla.suse.com/1201705

https://bugzilla.suse.com/1201726

https://bugzilla.suse.com/1201948

https://bugzilla.suse.com/1202096

https://bugzilla.suse.com/1202097

https://bugzilla.suse.com/1202154

https://bugzilla.suse.com/1202335

https://bugzilla.suse.com/1202346

https://bugzilla.suse.com/1202347

https://bugzilla.suse.com/1202393

https://bugzilla.suse.com/1202396

https://bugzilla.suse.com/1202672

https://bugzilla.suse.com/1202897

https://bugzilla.suse.com/1202898

https://bugzilla.suse.com/1203098

https://bugzilla.suse.com/1203107

Severity
Announcement ID: SUSE-SU-2022:3408-1
Rating: important

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.