SUSE-SU-2022:2750-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed a concurrency use-after-free in vgemgemdumbcreate bsc1198742. - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces...

GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.

tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...

CVE-2020-36558

A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault...

SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...

SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

SUSE-SU-2022:1849-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5910 fixes several issues. The following security issue was fixed: - CVE-2022-1280: Fixed a use-after-free vulnerability in drmleaseheld in drivers/gpu/drm/drmlease.c. This flaw allowed a local user privilege attacker to cause a denial of service DoS or a...

SUSE-SU-2022:1402-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-28356: Fixed a refcount bug in llcuibind and llcuiautobind which could allow an unprivileged user to execute a DoS. bnc1197391 - CVE-2022-1016: Fixed...

SUSE-SU-2022:1261-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15)

This update for the Linux Kernel 4.12.14-15083 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and ma...

SUSE-SU-2022:1223-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005946 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap...

SUSE-SU-2022:1215-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15)

This update for the Linux Kernel 4.12.14-15086 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and ma...

SUSE-SU-2022:1212-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19799 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects...

SUSE-SU-2022:1192-1 Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122113 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and m...

SUSE-SU-2022:0295-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5913 fixes several issues. The following security issues were fixed: - CVE-2022-0185: Incorrect param length parsing in legacyparseparam which could have led to a local privilege escalation bsc1194517. - CVE-2021-4154: Fixed option parsing with cgroups...

SUSE-SU-2022:0292-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2464 fixes several issues. The following security issues were fixed: - CVE-2022-0185: Incorrect param length parsing in legacyparseparam which could have led to a local privilege escalation bsc1194517. - CVE-2021-4154: Fixed option parsing with cgroups...

SUSE-SU-2021:4052-1 Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94150 fixes several issues. The following security issues were fixed: - CVE-2021-0935: In ip6xmit of ip6output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution...

OPENSUSE-SU-2021:3876-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable v...

SUSE-SU-2021:3742-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5919 fixes several issues. The following security issues were fixed: - CVE-2021-34866: Fixed possible eBPF Type Confusion privilege escalation vulnerability via eBPF type confusion bsc1191646. - CVE-2021-41864: Fixed an integer overflow with a resultant...

SUSE-SU-2021:2559-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5910 fixes several issues. The following security issues were fixed: - CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. bsc1188062 - CVE-2021-22555: Fixed an heap out-of-bounds write in...

LSN-0079-1 Kernel Live Patch Security Notice

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.CVE-2021-3600 It was discovered that the virtual file system...

SUSE-SU-2021:2368-1 Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9577 fixes several issues. The following security issues were fixed: - CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. bsc1187687 - CVE-2021-0512: Fixed a...