Lucene search

K
suseSuseOPENSUSE-SU-2022:0768-1
HistoryMar 08, 2022 - 12:00 a.m.

Security update for the Linux Kernel (important)

2022-03-0800:00:00
lists.opensuse.org
25

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

An update that solves 9 vulnerabilities and has 6 fixes is
now available.

Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
security and bugfixes.

Transient execution side-channel attacks attacking the Branch History
Buffer (BHB), named “Branch Target Injection” and “Intra-Mode Branch
History Injection” are now mitigated.

The following security bugs were fixed:

  • CVE-2022-0001: Fixed Branch History Injection vulnerability
    (bsc#1191580).
  • CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability
    (bsc#1191580).
  • CVE-2022-0617: Fixed a null pointer dereference in UDF file system
    functionality. A local user could crash the system by triggering
    udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
  • CVE-2022-0644: Fixed a denial of service by a local user. A assertion
    failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).
  • CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were
    not considered, which lead to a move_data_page NULL pointer dereference
    (bsc#1195987).
  • CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in
    drivers/net/hamradio/yam.c (bsc#1195897).
  • CVE-2022-0487: A use-after-free vulnerability was found in
    rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
    (bsc#1194516).
  • CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
    release_agent feature, which allowed bypassing namespace isolation
    unexpectedly (bsc#1195543).
  • CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets
    the O_DIRECTORY flag, and tries to open a regular file,
    nfs_atomic_open() performs a regular lookup. If a regular file is found,
    ENOTDIR should have occured, but the server instead returned
    uninitialized data in the file descriptor (bsc#1195612).

The following non-security bugs were fixed:

  • crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).
  • lib/iov_iter: initialize “flags” in new pipe_buffer (bsc#1196584).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:

    zypper in -t patch openSUSE-SLE-15.4-2022-768=1

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2022-768=1

Rows per page:
1-10 of 161

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C