Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:0762-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:0762-1

UNKNOWN

Security update for the Linux Kernel

Published Mar 8, 2022

Modified 3 years ago

Fix available

Details

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.

Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.

The following security bugs were fixed:

CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).
CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).
CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).
CVE-2016-10905: Fixed a use-after-free is gfs2_clear_rgrpd() and read_rindex_entry() (bsc#1146312).

Affected Packages

SUSE:HPE Helion OpenStack 8kernel-default

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-default-kgraft

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-source

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:HPE Helion OpenStack 8kgraft-patch-4_4_180-94_156-default

Fixed in:

1-4.3.1

SUSE:HPE Helion OpenStack 8kgraft-patch-SLE12-SP3_Update_43

Fixed in:

1-4.3.1

SUSE:Linux Enterprise High Availability Extension 12 SP3cluster-md-kmp-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise High Availability Extension 12 SP3dlm-kmp-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise High Availability Extension 12 SP3gfs2-kmp-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise High Availability Extension 12 SP3kernel-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise High Availability Extension 12 SP3ocfs2-kmp-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-source

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-BCLkernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-default-kgraft

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-default-man

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-source

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkgraft-patch-4_4_180-94_156-default

Fixed in:

1-4.3.1

SUSE:Linux Enterprise Server 12 SP3-LTSSkgraft-patch-SLE12-SP3_Update_43

Fixed in:

1-4.3.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-default

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-default-kgraft

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-source

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kgraft-patch-4_4_180-94_156-default

Fixed in:

1-4.3.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3kgraft-patch-SLE12-SP3_Update_43

Fixed in:

1-4.3.1

SUSE:OpenStack Cloud 8kernel-default

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-default-kgraft

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-source

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud 8kgraft-patch-4_4_180-94_156-default

Fixed in:

1-4.3.1

SUSE:OpenStack Cloud 8kgraft-patch-SLE12-SP3_Update_43

Fixed in:

1-4.3.1

SUSE:OpenStack Cloud Crowbar 8kernel-default

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-default-base

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-default-devel

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-default-kgraft

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-devel

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-macros

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-source

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kernel-syms

Fixed in:

4.4.180-94.156.1

SUSE:OpenStack Cloud Crowbar 8kgraft-patch-4_4_180-94_156-default

Fixed in:

1-4.3.1

SUSE:OpenStack Cloud Crowbar 8kgraft-patch-SLE12-SP3_Update_43

Fixed in:

1-4.3.1

References

REPORThttps://bugzilla.suse.com/1146312 REPORThttps://bugzilla.suse.com/1185973 REPORThttps://bugzilla.suse.com/1191580 REPORThttps://bugzilla.suse.com/1193731 REPORThttps://bugzilla.suse.com/1194463 REPORThttps://bugzilla.suse.com/1195536 REPORThttps://bugzilla.suse.com/1195543 REPORThttps://bugzilla.suse.com/1195612 REPORThttps://bugzilla.suse.com/1195908 REPORThttps://bugzilla.suse.com/1195939 REPORThttps://bugzilla.suse.com/1196079 REPORThttps://bugzilla.suse.com/1196612 WEBhttps://www.suse.com/security/cve/CVE-2016-10905 WEBhttps://www.suse.com/security/cve/CVE-2021-0920 WEBhttps://www.suse.com/security/cve/CVE-2022-0001 WEBhttps://www.suse.com/security/cve/CVE-2022-0002 WEBhttps://www.suse.com/security/cve/CVE-2022-0492 WEBhttps://www.suse.com/security/cve/CVE-2022-0617 WEBhttps://www.suse.com/security/cve/CVE-2022-24448 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20220762-1/