Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:3294-1 Final 1 1 2022-09-16T16:46:06Z current 2022-09-16T16:46:06Z 2022-09-16T16:46:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107). - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948). - CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898). - CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420). - CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726). - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096). - CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897). - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347). - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346). - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616). - CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374). The following non-security bugs were fixed: - net_sched: cls_route: Disallowed handle of 0 (bsc#1202393). - mm, rmap: Fixed anon_vma->degree ambiguity leading to double-reuse (bsc#1203098). - lightnvm: Removed lightnvm implemenation (bsc#1191881). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2022-3294,SUSE-SLE-SERVER-12-SP2-BCL-2022-3294 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ Link for SUSE-SU-2022:3294-1 https://lists.suse.com/pipermail/sle-security-updates/2022-September/012274.html E-Mail link for SUSE-SU-2022:3294-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1133374 SUSE Bug 1133374 https://bugzilla.suse.com/1191881 SUSE Bug 1191881 https://bugzilla.suse.com/1196616 SUSE Bug 1196616 https://bugzilla.suse.com/1201420 SUSE Bug 1201420 https://bugzilla.suse.com/1201726 SUSE Bug 1201726 https://bugzilla.suse.com/1201948 SUSE Bug 1201948 https://bugzilla.suse.com/1202096 SUSE Bug 1202096 https://bugzilla.suse.com/1202346 SUSE Bug 1202346 https://bugzilla.suse.com/1202347 SUSE Bug 1202347 https://bugzilla.suse.com/1202393 SUSE Bug 1202393 https://bugzilla.suse.com/1202897 SUSE Bug 1202897 https://bugzilla.suse.com/1202898 SUSE Bug 1202898 https://bugzilla.suse.com/1203098 SUSE Bug 1203098 https://bugzilla.suse.com/1203107 SUSE Bug 1203107 https://www.suse.com/security/cve/CVE-2019-3900/ SUSE CVE CVE-2019-3900 page https://www.suse.com/security/cve/CVE-2020-36516/ SUSE CVE CVE-2020-36516 page https://www.suse.com/security/cve/CVE-2022-20368/ SUSE CVE CVE-2022-20368 page https://www.suse.com/security/cve/CVE-2022-20369/ SUSE CVE CVE-2022-20369 page https://www.suse.com/security/cve/CVE-2022-21385/ SUSE CVE CVE-2022-21385 page https://www.suse.com/security/cve/CVE-2022-2588/ SUSE CVE CVE-2022-2588 page https://www.suse.com/security/cve/CVE-2022-26373/ SUSE CVE CVE-2022-26373 page https://www.suse.com/security/cve/CVE-2022-2991/ SUSE CVE CVE-2022-2991 page https://www.suse.com/security/cve/CVE-2022-3028/ SUSE CVE CVE-2022-3028 page https://www.suse.com/security/cve/CVE-2022-36879/ SUSE CVE CVE-2022-36879 page https://www.suse.com/security/cve/CVE-2022-39188/ SUSE CVE CVE-2022-39188 page SUSE Linux Enterprise Server 12 SP2-BCL cluster-md-kmp-debug-4.4.121-92.188.1 cluster-md-kmp-default-4.4.121-92.188.1 cluster-md-kmp-vanilla-4.4.121-92.188.1 cluster-network-kmp-debug-4.4.121-92.188.1 cluster-network-kmp-default-4.4.121-92.188.1 cluster-network-kmp-vanilla-4.4.121-92.188.1 dlm-kmp-debug-4.4.121-92.188.1 dlm-kmp-default-4.4.121-92.188.1 dlm-kmp-vanilla-4.4.121-92.188.1 gfs2-kmp-debug-4.4.121-92.188.1 gfs2-kmp-default-4.4.121-92.188.1 gfs2-kmp-vanilla-4.4.121-92.188.1 kernel-debug-4.4.121-92.188.1 kernel-debug-base-4.4.121-92.188.1 kernel-debug-devel-4.4.121-92.188.1 kernel-debug-extra-4.4.121-92.188.1 kernel-debug-kgraft-4.4.121-92.188.1 kernel-default-4.4.121-92.188.1 kernel-default-base-4.4.121-92.188.1 kernel-default-devel-4.4.121-92.188.1 kernel-default-extra-4.4.121-92.188.1 kernel-default-kgraft-4.4.121-92.188.1 kernel-default-man-4.4.121-92.188.1 kernel-devel-4.4.121-92.188.1 kernel-docs-4.4.121-92.188.1 kernel-docs-html-4.4.121-92.188.1 kernel-docs-pdf-4.4.121-92.188.1 kernel-macros-4.4.121-92.188.1 kernel-obs-build-4.4.121-92.188.1 kernel-obs-qa-4.4.121-92.188.1 kernel-source-4.4.121-92.188.1 kernel-source-vanilla-4.4.121-92.188.1 kernel-syms-4.4.121-92.188.1 kernel-vanilla-4.4.121-92.188.1 kernel-vanilla-base-4.4.121-92.188.1 kernel-vanilla-devel-4.4.121-92.188.1 kernel-zfcpdump-4.4.121-92.188.1 ocfs2-kmp-debug-4.4.121-92.188.1 ocfs2-kmp-default-4.4.121-92.188.1 ocfs2-kmp-vanilla-4.4.121-92.188.1 kernel-default-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-base-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-devel-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-devel-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-macros-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-source-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-syms-4.4.121-92.188.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. CVE-2019-3900 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 low 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2019-3900.html CVE-2019-3900 https://bugzilla.suse.com/1133374 SUSE Bug 1133374 An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. CVE-2020-36516 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 important 4.9 AV:N/AC:M/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2020-36516.html CVE-2020-36516 https://bugzilla.suse.com/1196616 SUSE Bug 1196616 https://bugzilla.suse.com/1196867 SUSE Bug 1196867 https://bugzilla.suse.com/1204092 SUSE Bug 1204092 https://bugzilla.suse.com/1204183 SUSE Bug 1204183 Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel CVE-2022-20368 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-20368.html CVE-2022-20368 https://bugzilla.suse.com/1202346 SUSE Bug 1202346 https://bugzilla.suse.com/1212311 SUSE Bug 1212311 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel CVE-2022-20369 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-20369.html CVE-2022-20369 https://bugzilla.suse.com/1202347 SUSE Bug 1202347 https://bugzilla.suse.com/1212321 SUSE Bug 1212321 A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVE-2022-21385 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-21385.html CVE-2022-21385 https://bugzilla.suse.com/1202897 SUSE Bug 1202897 https://bugzilla.suse.com/1212285 SUSE Bug 1212285 It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. CVE-2022-2588 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-2588.html CVE-2022-2588 https://bugzilla.suse.com/1202096 SUSE Bug 1202096 https://bugzilla.suse.com/1203613 SUSE Bug 1203613 https://bugzilla.suse.com/1204183 SUSE Bug 1204183 https://bugzilla.suse.com/1209225 SUSE Bug 1209225 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-26373 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-26373.html CVE-2022-26373 https://bugzilla.suse.com/1201726 SUSE Bug 1201726 https://bugzilla.suse.com/1209619 SUSE Bug 1209619 A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. CVE-2022-2991 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-2991.html CVE-2022-2991 https://bugzilla.suse.com/1201420 SUSE Bug 1201420 https://bugzilla.suse.com/1203993 SUSE Bug 1203993 https://bugzilla.suse.com/1211495 SUSE Bug 1211495 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. CVE-2022-3028 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-3028.html CVE-2022-3028 https://bugzilla.suse.com/1202898 SUSE Bug 1202898 https://bugzilla.suse.com/1212296 SUSE Bug 1212296 An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. CVE-2022-36879 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-36879.html CVE-2022-36879 https://bugzilla.suse.com/1201948 SUSE Bug 1201948 https://bugzilla.suse.com/1212327 SUSE Bug 1212327 An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. CVE-2022-39188 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.188.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.188.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223294-1/ https://www.suse.com/security/cve/CVE-2022-39188.html CVE-2022-39188 https://bugzilla.suse.com/1203107 SUSE Bug 1203107 https://bugzilla.suse.com/1203116 SUSE Bug 1203116 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 https://bugzilla.suse.com/1209225 SUSE Bug 1209225 https://bugzilla.suse.com/1212326 SUSE Bug 1212326