Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:0756-1 Final 1 1 2022-03-08T18:03:12Z current 2022-03-08T18:03:12Z 2022-03-08T18:03:12Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731). - CVE-2016-10905: Fixed a use-after-free is gfs2_clear_rgrpd() and read_rindex_entry() (bsc#1146312). The following non-security bug was fixed: - net: sched: sch_teql: fix null-pointer dereference (bsc#1190717). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2022-756,SUSE-SLE-SERVER-12-SP2-BCL-2022-756 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ Link for SUSE-SU-2022:0756-1 https://lists.suse.com/pipermail/sle-security-updates/2022-March/010401.html E-Mail link for SUSE-SU-2022:0756-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1146312 SUSE Bug 1146312 https://bugzilla.suse.com/1190717 SUSE Bug 1190717 https://bugzilla.suse.com/1191580 SUSE Bug 1191580 https://bugzilla.suse.com/1193731 SUSE Bug 1193731 https://bugzilla.suse.com/1194463 SUSE Bug 1194463 https://bugzilla.suse.com/1195543 SUSE Bug 1195543 https://bugzilla.suse.com/1195612 SUSE Bug 1195612 https://bugzilla.suse.com/1195908 SUSE Bug 1195908 https://bugzilla.suse.com/1195939 SUSE Bug 1195939 https://bugzilla.suse.com/1196079 SUSE Bug 1196079 https://bugzilla.suse.com/1196612 SUSE Bug 1196612 https://www.suse.com/security/cve/CVE-2016-10905/ SUSE CVE CVE-2016-10905 page https://www.suse.com/security/cve/CVE-2021-0920/ SUSE CVE CVE-2021-0920 page https://www.suse.com/security/cve/CVE-2022-0001/ SUSE CVE CVE-2022-0001 page https://www.suse.com/security/cve/CVE-2022-0002/ SUSE CVE CVE-2022-0002 page https://www.suse.com/security/cve/CVE-2022-0492/ SUSE CVE CVE-2022-0492 page https://www.suse.com/security/cve/CVE-2022-0617/ SUSE CVE CVE-2022-0617 page https://www.suse.com/security/cve/CVE-2022-24448/ SUSE CVE CVE-2022-24448 page SUSE Linux Enterprise Server 12 SP2-BCL cluster-md-kmp-debug-4.4.121-92.169.1 cluster-md-kmp-default-4.4.121-92.169.1 cluster-md-kmp-vanilla-4.4.121-92.169.1 cluster-network-kmp-debug-4.4.121-92.169.1 cluster-network-kmp-default-4.4.121-92.169.1 cluster-network-kmp-vanilla-4.4.121-92.169.1 dlm-kmp-debug-4.4.121-92.169.1 dlm-kmp-default-4.4.121-92.169.1 dlm-kmp-vanilla-4.4.121-92.169.1 gfs2-kmp-debug-4.4.121-92.169.1 gfs2-kmp-default-4.4.121-92.169.1 gfs2-kmp-vanilla-4.4.121-92.169.1 kernel-debug-4.4.121-92.169.1 kernel-debug-base-4.4.121-92.169.1 kernel-debug-devel-4.4.121-92.169.1 kernel-debug-extra-4.4.121-92.169.1 kernel-debug-kgraft-4.4.121-92.169.1 kernel-default-4.4.121-92.169.1 kernel-default-base-4.4.121-92.169.1 kernel-default-devel-4.4.121-92.169.1 kernel-default-extra-4.4.121-92.169.1 kernel-default-kgraft-4.4.121-92.169.1 kernel-default-man-4.4.121-92.169.1 kernel-devel-4.4.121-92.169.1 kernel-docs-4.4.121-92.169.1 kernel-docs-html-4.4.121-92.169.1 kernel-docs-pdf-4.4.121-92.169.1 kernel-macros-4.4.121-92.169.1 kernel-obs-build-4.4.121-92.169.1 kernel-obs-qa-4.4.121-92.169.1 kernel-source-4.4.121-92.169.1 kernel-source-vanilla-4.4.121-92.169.1 kernel-syms-4.4.121-92.169.1 kernel-vanilla-4.4.121-92.169.1 kernel-vanilla-base-4.4.121-92.169.1 kernel-vanilla-devel-4.4.121-92.169.1 kernel-zfcpdump-4.4.121-92.169.1 ocfs2-kmp-debug-4.4.121-92.169.1 ocfs2-kmp-default-4.4.121-92.169.1 ocfs2-kmp-vanilla-4.4.121-92.169.1 kernel-default-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-base-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-devel-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-devel-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-macros-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-source-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-syms-4.4.121-92.169.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry. CVE-2016-10905 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 important 6.1 AV:L/AC:L/Au:N/C:P/I:P/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2016-10905.html CVE-2016-10905 https://bugzilla.suse.com/1146312 SUSE Bug 1146312 In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel CVE-2021-0920 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2021-0920.html CVE-2021-0920 https://bugzilla.suse.com/1193731 SUSE Bug 1193731 https://bugzilla.suse.com/1194463 SUSE Bug 1194463 https://bugzilla.suse.com/1195939 SUSE Bug 1195939 https://bugzilla.suse.com/1199255 SUSE Bug 1199255 https://bugzilla.suse.com/1200084 SUSE Bug 1200084 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-0001 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2022-0001.html CVE-2022-0001 https://bugzilla.suse.com/1191580 SUSE Bug 1191580 https://bugzilla.suse.com/1196901 SUSE Bug 1196901 Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-0002 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2022-0002.html CVE-2022-0002 https://bugzilla.suse.com/1191580 SUSE Bug 1191580 https://bugzilla.suse.com/1196901 SUSE Bug 1196901 A vulnerability was found in the Linux kernel's cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. CVE-2022-0492 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2022-0492.html CVE-2022-0492 https://bugzilla.suse.com/1195543 SUSE Bug 1195543 https://bugzilla.suse.com/1195908 SUSE Bug 1195908 https://bugzilla.suse.com/1196612 SUSE Bug 1196612 https://bugzilla.suse.com/1196776 SUSE Bug 1196776 https://bugzilla.suse.com/1198615 SUSE Bug 1198615 https://bugzilla.suse.com/1199255 SUSE Bug 1199255 https://bugzilla.suse.com/1199615 SUSE Bug 1199615 https://bugzilla.suse.com/1200084 SUSE Bug 1200084 A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. CVE-2022-0617 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 important 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2022-0617.html CVE-2022-0617 https://bugzilla.suse.com/1196079 SUSE Bug 1196079 An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. CVE-2022-24448 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.169.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.169.1 moderate 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220756-1/ https://www.suse.com/security/cve/CVE-2022-24448.html CVE-2022-24448 https://bugzilla.suse.com/1195612 SUSE Bug 1195612