Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Linux Enterprise 12-SP5: 2022:4273-1 Important Security Update

suse
Calendar Grey November 29, 2022
Dist Suse Esm H88
SUSE-SU-2022:4273-1 delivers crucial kernel updates, addressing security flaws and improving system stability.
An update that solves 21 vulnerabilities and has 11 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated. The following security bugs were fixed: - CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702). - CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788). - CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686). - CVE-2022-3169: Fixed a denial of service flaw which occurs when consecutive requests to NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET are sent (bnc#1203290). - CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),

Topics%20covered

Topics Covered

security advisory denial of service security patch system stability important update kernel fixes SUSE Linux Enterprise

References

#1032323 #1065729 #1196018 #1198702 #1200788

#1202686 #1202972 #1203098 #1203142 #1203198

#1203254 #1203290 #1203322 #1203387 #1203514

#1203802 #1204166 #1204168 #1204241 #1204354

#1204355 #1204402 #1204415 #1204431 #1204439

#1204479 #1204574 #1204635 #1204646 #1204647

#1204653 #1204755

Cross- CVE-2021-4037 CVE-2022-2153 CVE-2022-28748

CVE-2022-2964 CVE-2022-3169 CVE-2022-3424

CVE-2022-3521 CVE-2022-3524 CVE-2022-3542

CVE-2022-3545 CVE-2022-3565 CVE-2022-3586

CVE-2022-3594 CVE-2022-3621 CVE-2022-3629

CVE-2022-3646 CVE-2022-3649 CVE-2022-40307

CVE-2022-40768 CVE-2022-42703 CVE-2022-43750

CVSS scores:

CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2021-4037 (SUS...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:4273-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service security patch system stability important update kernel fixes SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here