SUSE-SU-2022:2741-1: important: Security update for the Linux Kernel

sle-security-updates at sle-security-updates at
Wed Aug 10 13:17:02 UTC 2022

   SUSE Security Update: Security update for the Linux Kernel

Announcement ID:    SUSE-SU-2022:2741-1
Rating:             important
References:         #1178134 #1198829 #1199364 #1199647 #1199665 
                    #1199670 #1200521 #1200598 #1200644 #1200651 
                    #1200762 #1200910 #1201196 #1201206 #1201251 
                    #1201381 #1201429 #1201458 #1201635 #1201636 
                    #1201644 #1201664 #1201672 #1201673 #1201676 
                    #1201846 #1201930 #1201940 #1201954 #1201956 
                    #1201958 SLE-24559 
Cross-References:   CVE-2020-36557 CVE-2020-36558 CVE-2021-33655
                    CVE-2021-33656 CVE-2022-1116 CVE-2022-1462
                    CVE-2022-20166 CVE-2022-21505 CVE-2022-2318
                    CVE-2022-26365 CVE-2022-29581 CVE-2022-32250
                    CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
CVSS scores:
                    CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
                    CVE-2022-1116 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-1116 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-20166 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20166 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
                    CVE-2022-21505 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2318 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-2318 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-26365 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-26365 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-29581 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-29581 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-32250 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-32250 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-33740 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33740 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-33741 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33741 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-33742 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2022-33742 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
                    CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise High Performance Computing 15-SP3
                    SUSE Linux Enterprise Module for Public Cloud 15-SP3
                    SUSE Linux Enterprise Server 15-SP3
                    SUSE Linux Enterprise Server for SAP Applications 15-SP3
                    SUSE Linux Enterprise Storage 7.1
                    SUSE Manager Proxy 4.2
                    SUSE Manager Retail Branch Server 4.2
                    SUSE Manager Server 4.2
                    openSUSE Leap 15.3

   An update that solves 16 vulnerabilities, contains one
   feature and has 15 fixes is now available.


   The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
   security bugfixes.

   The following security bugs were fixed:

   - CVE-2022-36946: Fixed an incorrect packet trucation operation which
     could lead to denial of service (bnc#1201940).
   - CVE-2022-29581: Fixed improper update of reference count in net/sched
     that could cause root privilege escalation (bnc#1199665).
   - CVE-2022-20166: Fixed several possible memory safety issues due to
     unsafe operations (bsc#1200598).
   - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could
     lead to a NULL pointer dereference and general protection fault
   - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl
     and closing/opening of TTYs that could lead to a use-after-free
   - CVE-2021-33655: Fixed an out of bounds write by ioctl cmd
     FBIOPUT_VSCREENINFO (bnc#1201635).
   - CVE-2021-33656: Fixed an out of bounds write related to ioctl cmd
     PIO_FONT (bnc#1201636).
   - CVE-2022-21505: Fixed a kernel lockdown bypass via IMA policy
   - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TTY subsystem
   - CVE-2022-1116: Fixed an integer overflow vulnerability in io_uring which
     allowed a local attacker to escalate privileges to root (bnc#1199647).-
     CVE-2022-2318: Fixed a use-after-free vulnerability in the timer handler
     in Rose subsystem that allowed unprivileged attackers to crash the
     system (bsc#1201251).
   - CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed
     multiple potential data leaks with Block and Network devices when using
     untrusted backends (bsc#1200762).

   The following non-security bugs were fixed:

   - Fixed a system crash related to the recent RETBLEED mitigation
     (bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676).
   - qla2xxx: drop patch which prevented nvme port discovery (bsc#1200651
     bsc#1200644 bsc#1201954 bsc#1201958).
   - kvm: emulate: do not adjust size of fastop and setcc subroutines
   - bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature
   - bpf: enable BPF type format (BTF) (jsc#SLE-24559).
   - nfs: avoid NULL pointer dereference when there is unflushed data
   - hv_netvsc: Add (more) validation for untrusted Hyper-V values
   - hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).
   - hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
   - hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer
   - hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364).
   - kvm/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
   - lkdtm: Disable return thunks in rodata.c (bsc#1178134).
   - net, xdp: Introduce __xdp_build_skb_from_frame utility routine
   - net, xdp: Introduce xdp_build_skb_from_frame utility routine
   - nvme: consider also host_iface when checking ip options (bsc#1199670).
   - powerpc/mobility: wait for memory transfer to complete (bsc#1201846
   - powerpc/pseries/mobility: set NMI watchdog factor during an LPM
     (bsc#1201846 ltc#198761).
   - powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846
   - scsi: lpfc: Copyright updates for patches (bsc#1201956).
   - scsi: lpfc: Fix attempted FA-PWWN usage after feature disable
   - scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test
     (bsc#1201956 bsc#1200521).
   - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE
   - scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb()
   - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed
     user input (bsc#1201956).
   - scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into
     lpfc_sli_prep_abort_xri() (bsc#1201956).
   - scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
   - scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after
     VMID (bsc#1201956).
   - scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration
   - scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb
   - scsi: lpfc: Update lpfc version to (bsc#1201956).
   - scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
   - scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).
   - scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
   - scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).
   - scsi: qla2xxx: Fix response queue handler reading stale packets
   - scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
   - scsi: qla2xxx: Update manufacturer details (bsc#1201958).
   - scsi: qla2xxx: Update version to (bsc#1201958).
   - scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).
   - scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
   - watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).
   - x86/bugs: Remove apostrophe typo (bsc#1178134).
   - x86/entry: Remove skip_r11rcx (bsc#1201644).
   - x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134).
   - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-SLE-15.3-2022-2741=1

   - SUSE Linux Enterprise Module for Public Cloud 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-2741=1

Package List:

   - openSUSE Leap 15.3 (noarch):


   - openSUSE Leap 15.3 (x86_64):


   - SUSE Linux Enterprise Module for Public Cloud 15-SP3 (x86_64):


   - SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):



More information about the sle-security-updates mailing list