CVE-2022-1016

A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...

SUSE-SU-2022:2809-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free bnc1201429. - CVE-2020-36558:...

SUSE-SU-2022:2808-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage bsc1201050. -...

SUSE-SU-2022:2779-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages bsc1199487. -...

SUSE-SU-2022:2761-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005987 fixes several issues. The following security issues were fixed: - CVE-2022-1116: Fixed a integer overflow vulnerability in iouring which allowed a local attacker to cause memory corruption and escalate privileges to root bnc1199647. -...

SUSE-SU-2022:2750-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed a concurrency use-after-free in vgemgemdumbcreate bsc1198742. - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces...

SUSE-SU-2022:2696-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-34918: Fixed a buffer overflow with nftseteleminit that could be used by a local attacker to escalate privileges bnc1201171. - CVE-2022-1679: Fixed a use-after-free in the...

GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.

tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...

CVE-2020-36558

A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault...

SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...

SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

SUSE-SU-2022:2382-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657....

GSD-2022-1002821 drm/plane: Move range check for format_count earlier

drm/plane: Move range check for formatcount earlier This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

SUSE-SU-2022:1940-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9596 fixes several issues. The following security issue was fixed: - CVE-2022-30594: Fixed restriction bypass on setting the PTSUSPENDSECCOMP flag bnc1199602. - Add missing modulemutex lock to module notifier for previous live patches bsc1199834...

SUSE-SU-2022:1849-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5910 fixes several issues. The following security issue was fixed: - CVE-2022-1280: Fixed a use-after-free vulnerability in drmleaseheld in drivers/gpu/drm/drmlease.c. This flaw allowed a local user privilege attacker to cause a denial of service DoS or a...

SUSE-SU-2022:1591-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2464 fixes several issues. The following security issues were fixed: - - CVE-2022-1158: Fixed KVM x86/mmu compare-and-exchange of gPTE via the user address bsc1198133 - CVE-2022-0330: A random memory access flaw was found in the Linux kernel's GPU i915 kern...

SUSE-SU-2022:1402-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-28356: Fixed a refcount bug in llcuibind and llcuiautobind which could allow an unprivileged user to execute a DoS. bnc1197391 - CVE-2022-1016: Fixed...

GSD-2022-1001848 power: supply: wm8350-power: Add missing free in free_charger_irq

power: supply: wm8350-power: Add missing free in freechargerirq This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...

SUSE-SU-2022:1326-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5927 fixes several issues. The following security issues were fixed: - CVE-2022-1016: Fixed a vulnerability in the nftables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from an...

SUSE-SU-2022:1261-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15)

This update for the Linux Kernel 4.12.14-15083 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and ma...