SUSE-SU-2022:0544-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20220544-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:0544-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:0544-1
Related
Published
2022-02-21T12:51:44Z
Modified
2022-02-21T12:51:44Z
Summary
Security update for the Linux RT Kernel
Details

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254).
  • CVE-2021-45095: Fixed refcount leak in pepsockaccept in net/phonet/pep.c (bnc#1193867).
  • CVE-2022-22942: Fixed stale file descriptors on failed usercopy (bsc#1195065).
  • CVE-2021-22600: Fixed double free bug in packetsetring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bnc#1195184).
  • CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcdehdeviceresethandler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864).
  • CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadgetdevdescUDCshow of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861).
  • CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880).

The following non-security bugs were fixed:

  • bpf: Verifer, adjustscalarminmaxvals to always call updateregbounds() (bsc#1194227).
  • btrfs: tree-checker: Add EXTENTITEM and METADATAITEM check (bsc#1195009).
  • btrfs: tree-checker: annotate all error branches as unlikely (bsc#1195009).
  • btrfs: tree-checker: check for BTRFSBLOCKFLAGFULLBACKREF being set improperly (bsc#1195009).
  • hvnetvsc: Set neededheadroom according to VF (bsc#1193506).
  • net, xdp: Introduce xdpinitbuff utility routine (bsc#1193506).
  • net, xdp: Introduce xdppreparebuff utility routine (bsc#1193506).
  • net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428).
  • net: mana: Add RX fencing (bsc#1193506).
  • net: mana: Add XDP support (bsc#1193506).
  • net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc (bsc#1183405).
  • net: sched: add barrier to ensure correct ordering for lockless qdisc (bsc#1183405).
  • net: sched: avoid unnecessary seqcount operation for lockless qdisc (bsc#1183405).
  • net: sched: fix packet stuck problem for lockless qdisc (bsc#1183405).
  • net: sched: fix tx action reschedule issue with stopped queue (bsc#1183405).
  • net: sched: fix tx action rescheduling issue during deactivation (bsc#1183405).
  • net: sched: replaced invalid qdisc tree flush helper in qdisc_replace (bsc#1183405).
  • net_sched: avoid resetting active qdisc for multiple times (bsc#1183405).
  • netsched: get rid of unnecessary devqdisc_reset() (bsc#1183405).
  • netsched: use qdiscreset() in qdisc_destroy() (bsc#1183405).
  • nvme: add 'iopolicy' module parameter (bsc#1177599 bsc#1193096).
  • xfrm: fix MTU regression (bsc#1185377, bsc#1194048).
References

Affected packages

SUSE:Real Time Module 15 SP2 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-73.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-73.1",
            "dlm-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug": "5.3.18-73.1",
            "kernel-rt-devel": "5.3.18-73.1",
            "cluster-md-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug-devel": "5.3.18-73.1",
            "kernel-source-rt": "5.3.18-73.1",
            "kernel-rt": "5.3.18-73.1",
            "ocfs2-kmp-rt": "5.3.18-73.1",
            "gfs2-kmp-rt": "5.3.18-73.1",
            "kernel-syms-rt": "5.3.18-73.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-73.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-73.1",
            "dlm-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug": "5.3.18-73.1",
            "kernel-rt-devel": "5.3.18-73.1",
            "cluster-md-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug-devel": "5.3.18-73.1",
            "kernel-source-rt": "5.3.18-73.1",
            "kernel-rt": "5.3.18-73.1",
            "ocfs2-kmp-rt": "5.3.18-73.1",
            "gfs2-kmp-rt": "5.3.18-73.1",
            "kernel-syms-rt": "5.3.18-73.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-73.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-73.1",
            "dlm-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug": "5.3.18-73.1",
            "kernel-rt-devel": "5.3.18-73.1",
            "cluster-md-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug-devel": "5.3.18-73.1",
            "kernel-source-rt": "5.3.18-73.1",
            "kernel-rt": "5.3.18-73.1",
            "ocfs2-kmp-rt": "5.3.18-73.1",
            "gfs2-kmp-rt": "5.3.18-73.1",
            "kernel-syms-rt": "5.3.18-73.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-73.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-73.1",
            "dlm-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug": "5.3.18-73.1",
            "kernel-rt-devel": "5.3.18-73.1",
            "cluster-md-kmp-rt": "5.3.18-73.1",
            "kernel-rt_debug-devel": "5.3.18-73.1",
            "kernel-source-rt": "5.3.18-73.1",
            "kernel-rt": "5.3.18-73.1",
            "ocfs2-kmp-rt": "5.3.18-73.1",
            "gfs2-kmp-rt": "5.3.18-73.1",
            "kernel-syms-rt": "5.3.18-73.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.0 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-73.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-73.1"
        }
    ]
}