SUSE-SU-2022:1257-1

Advisory lineage Upstream: 33 Downstream: 0
Published: 19 Apr 2022, 09:03
Last modified:04 Feb 2026, 04:11

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Apr 2022, 09:03
Published
Vulnerability first disclosed
04 Feb 2026, 04:11
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823). - CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032). - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033). - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031). - CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331). - CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation (bnc#1197702). - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462). - CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366). - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836). - CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731). - CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image (bsc#1196079). - CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235). - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018). - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155) - CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761). - CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227). The following non-security bugs were fixed: - cifs: use the correct max-length for dentry_path_raw() (bsc#1196196). - gve: multiple bugfixes (jsc#SLE-23652). - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). - netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389). - powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639). - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126). - scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).

Affected Systems

  • susekernel-rt_debug&distro=SUSE Real Time Module 15 SP2

    < 5.3.18-150200.79.2

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.0

    < 5.3.18-150200.79.2

  • susekernel-rt&distro=SUSE Real Time Module 15 SP2

    < 5.3.18-150200.79.2

  • susekernel-source-rt&distro=SUSE Real Time Module 15 SP2

    < 5.3.18-150200.79.2

  • susekernel-syms-rt&distro=SUSE Real Time Module 15 SP2

    < 5.3.18-150200.79.1

References (76)