Lucene search

K
osvGoogleOSV:RLSA-2022:6460
HistorySep 13, 2022 - 7:37 a.m.

Moderate: kernel security, bug fix, and enhancement update

2022-09-1307:37:13
Google
osv.dev
11
kernel
linux
security
bug fix
enhancement
cve
sbdr
sbds
drpw
bz
kvm
qemu-kvm
amd
intel
hyper-v
alsa
ice
iavf
iommu
vt-d

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

25.3%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)

  • Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)

  • Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)

  • slub corruption during LPM of hnv interface (BZ#2081250)

  • Affinity broken due to vector space exhaustion (BZ#2084646)

  • ‘rmmod pmt_telemetry’ panics on ADL-P IOTG (BZ#2091079)

  • Unable to boot Rocky Linux-8.6 on Brazos max. config (Install is success) (BZ#2092241)

  • kernel crash after reboot of T14/G2 AMD laptop (mt7921e module) (BZ#2095654)

  • mt7921: free resources on pci_probe error path (BZ#2101684)

  • NLM should be more defensive if underlying FS changes fl_owner (BZ#2102099)

  • Rocky Linux8/async-pf Guest call trace when reboot after postcopy migration with high stress workload (BZ#2105340)

  • execve exit tracepoint not called (BZ#2106662)

  • QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)

  • KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)

  • KVM selftests fail to compile (BZ#2107655)

  • Some monitor have no display with AMD W6400 when boot into OS. (BZ#2109826)

  • Percpu counter usage is gradually getting increasing during podman container recreation. (BZ#2110039)

  • multipath failed to recover after EEH hit on flavafish adapter on Denali(qla2xxx/flavafish/Rocky Linux8.6/Denali) (BZ#2110768)

  • soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)

  • trouble re-assigning MACs to VFs, ice stricter than other drivers (BZ#2111936)

  • Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)

  • Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117026)

  • Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)

  • kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)

  • ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)

  • bridge over bond over ice ports has no connection (BZ#2118580)

  • Fix max VLANs available for VF (BZ#2118581)

  • offline selftest failed (BZ#2118582)

  • INTEL NVMUpdate utility ver 3.20 is failing to update firmware on E810-XXVDA4T (WPC) (BZ#2118583)

  • VM configured with failover interface will coredump after been migrating from source host to target host(only iavf driver) (BZ#2118705)

  • Fix max VLANs available for untrusted VF (BZ#2118707)

  • Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset (BZ#2120776)

Enhancement(s):

  • KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)

  • KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)

  • ice: Driver Update (BZ#2102359)

  • iavf: Driver Update (BZ#2102360)

  • iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

25.3%