SUSE-SU-2022:0764-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20220764-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:0764-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:0764-1
Related
Published
2022-03-09T13:32:59Z
Modified
2022-03-09T13:32:59Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.

Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.

The following security bugs were fixed:

  • CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).
  • CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).
  • CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584).

The following non-security bugs were fixed:

  • btrfs: check for missing device in btrfstrimfs (bsc#1195701).
  • lib/ioviter: initialize 'flags' in new pipebuffer (bsc#1196584).
  • nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483).
  • nfsd: allow open state ids to be revoked and then freed (bsc#1192483).
  • nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483).
  • nfsd: prepare for supporting admin-revocation of state (bsc#1192483).
  • powerpc/pseries/ddw: Revert 'Extend upper limit for huge DMA window for persistent memory' (bsc#1195995 ltc#196394).
References

Affected packages

SUSE:Real Time Module 15 SP2 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-76.1",
            "dlm-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug": "5.3.18-76.1",
            "kernel-rt-devel": "5.3.18-76.1",
            "cluster-md-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug-devel": "5.3.18-76.1",
            "kernel-source-rt": "5.3.18-76.1",
            "kernel-rt": "5.3.18-76.1",
            "ocfs2-kmp-rt": "5.3.18-76.1",
            "gfs2-kmp-rt": "5.3.18-76.1",
            "kernel-syms-rt": "5.3.18-76.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-76.1",
            "dlm-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug": "5.3.18-76.1",
            "kernel-rt-devel": "5.3.18-76.1",
            "cluster-md-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug-devel": "5.3.18-76.1",
            "kernel-source-rt": "5.3.18-76.1",
            "kernel-rt": "5.3.18-76.1",
            "ocfs2-kmp-rt": "5.3.18-76.1",
            "gfs2-kmp-rt": "5.3.18-76.1",
            "kernel-syms-rt": "5.3.18-76.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-76.1",
            "dlm-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug": "5.3.18-76.1",
            "kernel-rt-devel": "5.3.18-76.1",
            "cluster-md-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug-devel": "5.3.18-76.1",
            "kernel-source-rt": "5.3.18-76.1",
            "kernel-rt": "5.3.18-76.1",
            "ocfs2-kmp-rt": "5.3.18-76.1",
            "gfs2-kmp-rt": "5.3.18-76.1",
            "kernel-syms-rt": "5.3.18-76.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-76.1",
            "dlm-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug": "5.3.18-76.1",
            "kernel-rt-devel": "5.3.18-76.1",
            "cluster-md-kmp-rt": "5.3.18-76.1",
            "kernel-rt_debug-devel": "5.3.18-76.1",
            "kernel-source-rt": "5.3.18-76.1",
            "kernel-rt": "5.3.18-76.1",
            "ocfs2-kmp-rt": "5.3.18-76.1",
            "gfs2-kmp-rt": "5.3.18-76.1",
            "kernel-syms-rt": "5.3.18-76.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.0 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-76.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-76.1"
        }
    ]
}