SUSE-SU-2022:0756-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731). - CVE-2016-10905: Fixed a use-after-free is gfs2_clear_rgrpd() and read_rindex_entry() (bsc#1146312). The following non-security bug was fixed: - net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).
Affected Systems
- suse•kernel-default&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 4.4.121-92.169.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 4.4.121-92.169.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 4.4.121-92.169.1
References (19)
- https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/
- https://bugzilla.suse.com/1146312
- https://bugzilla.suse.com/1190717
- https://bugzilla.suse.com/1191580
- https://bugzilla.suse.com/1193731
- https://bugzilla.suse.com/1194463
- https://bugzilla.suse.com/1195543
- https://bugzilla.suse.com/1195612
- https://bugzilla.suse.com/1195908
- https://bugzilla.suse.com/1195939
- https://bugzilla.suse.com/1196079
- https://bugzilla.suse.com/1196612
- https://www.suse.com/security/cve/CVE-2016-10905
- https://www.suse.com/security/cve/CVE-2021-0920
- https://www.suse.com/security/cve/CVE-2022-0001
- https://www.suse.com/security/cve/CVE-2022-0002
- https://www.suse.com/security/cve/CVE-2022-0492
- https://www.suse.com/security/cve/CVE-2022-0617
- https://www.suse.com/security/cve/CVE-2022-24448