SUSE-SU-2022:0544-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:0544-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2022:0544-1
- Related
- Published
- 2022-02-21T12:51:44Z
- Modified
- 2022-02-21T12:51:44Z
- Summary
- Security update for the Linux RT Kernel
- Details
-
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254).
- CVE-2021-45095: Fixed refcount leak in pepsockaccept in net/phonet/pep.c (bnc#1193867).
- CVE-2022-22942: Fixed stale file descriptors on failed usercopy (bsc#1195065).
- CVE-2021-22600: Fixed double free bug in packetsetring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bnc#1195184).
- CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcdehdeviceresethandler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864).
- CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadgetdevdescUDCshow of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861).
- CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880).
The following non-security bugs were fixed:
- bpf: Verifer, adjustscalarminmaxvals to always call updateregbounds() (bsc#1194227).
- btrfs: tree-checker: Add EXTENTITEM and METADATAITEM check (bsc#1195009).
- btrfs: tree-checker: annotate all error branches as unlikely (bsc#1195009).
- btrfs: tree-checker: check for BTRFSBLOCKFLAGFULLBACKREF being set improperly (bsc#1195009).
- hvnetvsc: Set neededheadroom according to VF (bsc#1193506).
- net, xdp: Introduce xdpinitbuff utility routine (bsc#1193506).
- net, xdp: Introduce xdppreparebuff utility routine (bsc#1193506).
- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428).
- net: mana: Add RX fencing (bsc#1193506).
- net: mana: Add XDP support (bsc#1193506).
- net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc (bsc#1183405).
- net: sched: add barrier to ensure correct ordering for lockless qdisc (bsc#1183405).
- net: sched: avoid unnecessary seqcount operation for lockless qdisc (bsc#1183405).
- net: sched: fix packet stuck problem for lockless qdisc (bsc#1183405).
- net: sched: fix tx action reschedule issue with stopped queue (bsc#1183405).
- net: sched: fix tx action rescheduling issue during deactivation (bsc#1183405).
- net: sched: replaced invalid qdisc tree flush helper in qdisc_replace (bsc#1183405).
- net_sched: avoid resetting active qdisc for multiple times (bsc#1183405).
- netsched: get rid of unnecessary devqdisc_reset() (bsc#1183405).
- netsched: use qdiscreset() in qdisc_destroy() (bsc#1183405).
- nvme: add 'iopolicy' module parameter (bsc#1177599 bsc#1193096).
- xfrm: fix MTU regression (bsc#1185377, bsc#1194048).
- References
-
- https://www.suse.com/support/update/announcement/2022/suse-su-20220544-1/
- https://bugzilla.suse.com/1177599
- https://bugzilla.suse.com/1183405
- https://bugzilla.suse.com/1185377
- https://bugzilla.suse.com/1187428
- https://bugzilla.suse.com/1188605
- https://bugzilla.suse.com/1193096
- https://bugzilla.suse.com/1193506
- https://bugzilla.suse.com/1193861
- https://bugzilla.suse.com/1193864
- https://bugzilla.suse.com/1193867
- https://bugzilla.suse.com/1194048
- https://bugzilla.suse.com/1194227
- https://bugzilla.suse.com/1194880
- https://bugzilla.suse.com/1195009
- https://bugzilla.suse.com/1195065
- https://bugzilla.suse.com/1195184
- https://bugzilla.suse.com/1195254
- https://www.suse.com/security/cve/CVE-2021-22600
- https://www.suse.com/security/cve/CVE-2021-39648
- https://www.suse.com/security/cve/CVE-2021-39657
- https://www.suse.com/security/cve/CVE-2021-45095
- https://www.suse.com/security/cve/CVE-2022-0330
- https://www.suse.com/security/cve/CVE-2022-22942
Affected packages
SUSE:Real Time Module 15 SP2 / kernel-rt
Package
- Name
- kernel-rt
- Purl
- purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-73.1
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-73.1",
"dlm-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug": "5.3.18-73.1",
"kernel-rt-devel": "5.3.18-73.1",
"cluster-md-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug-devel": "5.3.18-73.1",
"kernel-source-rt": "5.3.18-73.1",
"kernel-rt": "5.3.18-73.1",
"ocfs2-kmp-rt": "5.3.18-73.1",
"gfs2-kmp-rt": "5.3.18-73.1",
"kernel-syms-rt": "5.3.18-73.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-rt_debug
Package
- Name
- kernel-rt_debug
- Purl
- purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-73.1
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-73.1",
"dlm-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug": "5.3.18-73.1",
"kernel-rt-devel": "5.3.18-73.1",
"cluster-md-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug-devel": "5.3.18-73.1",
"kernel-source-rt": "5.3.18-73.1",
"kernel-rt": "5.3.18-73.1",
"ocfs2-kmp-rt": "5.3.18-73.1",
"gfs2-kmp-rt": "5.3.18-73.1",
"kernel-syms-rt": "5.3.18-73.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-source-rt
Package
- Name
- kernel-source-rt
- Purl
- purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-73.1
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-73.1",
"dlm-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug": "5.3.18-73.1",
"kernel-rt-devel": "5.3.18-73.1",
"cluster-md-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug-devel": "5.3.18-73.1",
"kernel-source-rt": "5.3.18-73.1",
"kernel-rt": "5.3.18-73.1",
"ocfs2-kmp-rt": "5.3.18-73.1",
"gfs2-kmp-rt": "5.3.18-73.1",
"kernel-syms-rt": "5.3.18-73.1"
}
]
}
SUSE:Real Time Module 15 SP2 / kernel-syms-rt
Package
- Name
- kernel-syms-rt
- Purl
- purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.18-73.1
Ecosystem specific
{
"binaries": [
{
"kernel-devel-rt": "5.3.18-73.1",
"dlm-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug": "5.3.18-73.1",
"kernel-rt-devel": "5.3.18-73.1",
"cluster-md-kmp-rt": "5.3.18-73.1",
"kernel-rt_debug-devel": "5.3.18-73.1",
"kernel-source-rt": "5.3.18-73.1",
"kernel-rt": "5.3.18-73.1",
"ocfs2-kmp-rt": "5.3.18-73.1",
"gfs2-kmp-rt": "5.3.18-73.1",
"kernel-syms-rt": "5.3.18-73.1"
}
]
}