Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE Linux Enterprise 12 SP5: 2022:4272-1 Important: Kernel Update

suse
Calendar Grey November 29, 2022
Dist Suse Esm H88
SUSE Linux Kernel update resolves 20 vulnerabilities, implementing critical patches to bolster system defenses and improve overall reliability.
An update that solves 20 vulnerabilities and has 11 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702). - CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788). - CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686). - CVE-2022-3169: Fixed a denial of service flaw which occurs when consecutive requests to NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET are sent (bnc#1203290). - CVE-2022-3521: Fixed race condition in kcm_tx_work() in

Topics%20covered

Topics Covered

security advisory denial of service security issue kernel update important system fix SUSE Linux

References

#1032323 #1065729 #1198702 #1200788 #1202686

#1202972 #1203098 #1203142 #1203198 #1203254

#1203290 #1203322 #1203387 #1203514 #1203802

#1204166 #1204168 #1204241 #1204354 #1204355

#1204402 #1204415 #1204431 #1204439 #1204479

#1204574 #1204635 #1204646 #1204647 #1204653

#1204755

Cross- CVE-2021-4037 CVE-2022-2153 CVE-2022-2964

CVE-2022-3169 CVE-2022-3424 CVE-2022-3521

CVE-2022-3524 CVE-2022-3542 CVE-2022-3545

CVE-2022-3565 CVE-2022-3586 CVE-2022-3594

CVE-2022-3621 CVE-2022-3629 CVE-2022-3646

CVE-2022-3649 CVE-2022-40307 CVE-2022-40768

CVE-2022-42703 CVE-2022-43750

CVSS scores:

CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:4272-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service security issue kernel update important system fix SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here