Vulnerability from csaf_suse
Published
2022-02-02 09:02
Modified
2022-02-02 09:02
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-4083: Fixed race condition in Unix domain socket garbage collection that could lead to read memory after free (bsc#1193727).
- CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927).
- CVE-2021-4149: Fixed improper lock operation in btrfs that allowed users to crash the kernel or deadlock the system (bsc#1194001).
- CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302).
- CVE-2021-4202: Fixed race condition in nci_request() that could cause use-after-free (bsc#1194529).
- CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel that occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object (bnc#1193767).
- CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses (bsc#1194094).
- CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c (bnc#1194087).
- CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517).
- CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985).
The following non-security bugs were fixed:
- ext4: Avoid trim error on fs with small groups (bsc#1191271).
- fget: clarify and improve __fget_files() implementation (bsc#1193727).
- kabi/severities: Add a kabi exception for drivers/tee/tee
- kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
- livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).
- media: Revert 'media: uvcvideo: Set unique vdev name based in type' (bsc#1193255).
- moxart: fix potential use-after-free on remove path (bsc#1194516).
- powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (bsc#1193901).
- powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (bsc#1193901).
- tpm: fix potential NULL pointer access in tpm_del_char_device (bsc#1184209, bsc#1193660).
- vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888).
Patchnames
SUSE-2022-289,SUSE-SLE-Module-RT-15-SP2-2022-289,SUSE-SUSE-MicroOS-5.0-2022-289
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-4083: Fixed race condition in Unix domain socket garbage collection that could lead to read memory after free (bsc#1193727).\n- CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927).\n- CVE-2021-4149: Fixed improper lock operation in btrfs that allowed users to crash the kernel or deadlock the system (bsc#1194001).\n- CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302).\n- CVE-2021-4202: Fixed race condition in nci_request() that could cause use-after-free (bsc#1194529).\n- CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel that occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object (bnc#1193767).\n- CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses (bsc#1194094).\n- CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c (bnc#1194087).\n- CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517).\n- CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985).\n\nThe following non-security bugs were fixed:\n\n- ext4: Avoid trim error on fs with small groups (bsc#1191271).\n- fget: clarify and improve __fget_files() implementation (bsc#1193727).\n- kabi/severities: Add a kabi exception for drivers/tee/tee\n- kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).\n- livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).\n- media: Revert \u0027media: uvcvideo: Set unique vdev name based in type\u0027 (bsc#1193255).\n- moxart: fix potential use-after-free on remove path (bsc#1194516).\n- powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (bsc#1193901).\n- powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (bsc#1193901).\n- tpm: fix potential NULL pointer access in tpm_del_char_device (bsc#1184209, bsc#1193660).\n- vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-289,SUSE-SLE-Module-RT-15-SP2-2022-289,SUSE-SUSE-MicroOS-5.0-2022-289",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0289-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0289-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220289-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0289-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2022-February/021587.html"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1184209",
"url": "https://bugzilla.suse.com/1184209"
},
{
"category": "self",
"summary": "SUSE Bug 1191271",
"url": "https://bugzilla.suse.com/1191271"
},
{
"category": "self",
"summary": "SUSE Bug 1193255",
"url": "https://bugzilla.suse.com/1193255"
},
{
"category": "self",
"summary": "SUSE Bug 1193660",
"url": "https://bugzilla.suse.com/1193660"
},
{
"category": "self",
"summary": "SUSE Bug 1193669",
"url": "https://bugzilla.suse.com/1193669"
},
{
"category": "self",
"summary": "SUSE Bug 1193727",
"url": "https://bugzilla.suse.com/1193727"
},
{
"category": "self",
"summary": "SUSE Bug 1193767",
"url": "https://bugzilla.suse.com/1193767"
},
{
"category": "self",
"summary": "SUSE Bug 1193901",
"url": "https://bugzilla.suse.com/1193901"
},
{
"category": "self",
"summary": "SUSE Bug 1193927",
"url": "https://bugzilla.suse.com/1193927"
},
{
"category": "self",
"summary": "SUSE Bug 1194001",
"url": "https://bugzilla.suse.com/1194001"
},
{
"category": "self",
"summary": "SUSE Bug 1194087",
"url": "https://bugzilla.suse.com/1194087"
},
{
"category": "self",
"summary": "SUSE Bug 1194094",
"url": "https://bugzilla.suse.com/1194094"
},
{
"category": "self",
"summary": "SUSE Bug 1194302",
"url": "https://bugzilla.suse.com/1194302"
},
{
"category": "self",
"summary": "SUSE Bug 1194516",
"url": "https://bugzilla.suse.com/1194516"
},
{
"category": "self",
"summary": "SUSE Bug 1194517",
"url": "https://bugzilla.suse.com/1194517"
},
{
"category": "self",
"summary": "SUSE Bug 1194529",
"url": "https://bugzilla.suse.com/1194529"
},
{
"category": "self",
"summary": "SUSE Bug 1194888",
"url": "https://bugzilla.suse.com/1194888"
},
{
"category": "self",
"summary": "SUSE Bug 1194985",
"url": "https://bugzilla.suse.com/1194985"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4083 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4135 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4149 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4197 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4202 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44733 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45485 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45486 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0185 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0322 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0322/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-02-02T09:02:15Z",
"generator": {
"date": "2022-02-02T09:02:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0289-1",
"initial_release_date": "2022-02-02T09:02:15Z",
"revision_history": [
{
"date": "2022-02-02T09:02:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-68.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-68.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-68.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-68.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-68.1.noarch",
"product_id": "kernel-source-rt-5.3.18-68.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-68.1.x86_64",
"product_id": "kernel-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-68.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-68.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-68.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-68.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-68.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-68.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-68.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-68.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-68.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-68.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-68.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-68.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-68.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP2",
"product": {
"name": "SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-68.1.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-68.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-rt_debug-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-68.1.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-68.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-68.1.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-68.1.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4083"
}
],
"notes": [
{
"category": "general",
"text": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4083",
"url": "https://www.suse.com/security/cve/CVE-2021-4083"
},
{
"category": "external",
"summary": "SUSE Bug 1193727 for CVE-2021-4083",
"url": "https://bugzilla.suse.com/1193727"
},
{
"category": "external",
"summary": "SUSE Bug 1194460 for CVE-2021-4083",
"url": "https://bugzilla.suse.com/1194460"
},
{
"category": "external",
"summary": "SUSE Bug 1196722 for CVE-2021-4083",
"url": "https://bugzilla.suse.com/1196722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "important"
}
],
"title": "CVE-2021-4083"
},
{
"cve": "CVE-2021-4135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4135"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak vulnerability was found in the Linux kernel\u0027s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4135",
"url": "https://www.suse.com/security/cve/CVE-2021-4135"
},
{
"category": "external",
"summary": "SUSE Bug 1193927 for CVE-2021-4135",
"url": "https://bugzilla.suse.com/1193927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-4135"
},
{
"cve": "CVE-2021-4149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4149"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4149",
"url": "https://www.suse.com/security/cve/CVE-2021-4149"
},
{
"category": "external",
"summary": "SUSE Bug 1194001 for CVE-2021-4149",
"url": "https://bugzilla.suse.com/1194001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-4149"
},
{
"cve": "CVE-2021-4197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4197"
}
],
"notes": [
{
"category": "general",
"text": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4197",
"url": "https://www.suse.com/security/cve/CVE-2021-4197"
},
{
"category": "external",
"summary": "SUSE Bug 1194302 for CVE-2021-4197",
"url": "https://bugzilla.suse.com/1194302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-4197"
},
{
"cve": "CVE-2021-4202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4202"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4202",
"url": "https://www.suse.com/security/cve/CVE-2021-4202"
},
{
"category": "external",
"summary": "SUSE Bug 1194529 for CVE-2021-4202",
"url": "https://bugzilla.suse.com/1194529"
},
{
"category": "external",
"summary": "SUSE Bug 1194533 for CVE-2021-4202",
"url": "https://bugzilla.suse.com/1194533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-4202"
},
{
"cve": "CVE-2021-44733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44733"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44733",
"url": "https://www.suse.com/security/cve/CVE-2021-44733"
},
{
"category": "external",
"summary": "SUSE Bug 1193767 for CVE-2021-44733",
"url": "https://bugzilla.suse.com/1193767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-44733"
},
{
"cve": "CVE-2021-45485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45485"
}
],
"notes": [
{
"category": "general",
"text": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45485",
"url": "https://www.suse.com/security/cve/CVE-2021-45485"
},
{
"category": "external",
"summary": "SUSE Bug 1194094 for CVE-2021-45485",
"url": "https://bugzilla.suse.com/1194094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "low"
}
],
"title": "CVE-2021-45485"
},
{
"cve": "CVE-2021-45486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45486"
}
],
"notes": [
{
"category": "general",
"text": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45486",
"url": "https://www.suse.com/security/cve/CVE-2021-45486"
},
{
"category": "external",
"summary": "SUSE Bug 1194087 for CVE-2021-45486",
"url": "https://bugzilla.suse.com/1194087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "low"
}
],
"title": "CVE-2021-45486"
},
{
"cve": "CVE-2022-0185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0185"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0185",
"url": "https://www.suse.com/security/cve/CVE-2022-0185"
},
{
"category": "external",
"summary": "SUSE Bug 1194517 for CVE-2022-0185",
"url": "https://bugzilla.suse.com/1194517"
},
{
"category": "external",
"summary": "SUSE Bug 1194737 for CVE-2022-0185",
"url": "https://bugzilla.suse.com/1194737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "important"
}
],
"title": "CVE-2022-0185"
},
{
"cve": "CVE-2022-0322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0322"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0322",
"url": "https://www.suse.com/security/cve/CVE-2022-0322"
},
{
"category": "external",
"summary": "SUSE Bug 1194985 for CVE-2022-0322",
"url": "https://bugzilla.suse.com/1194985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-68.1.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-68.1.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-02T09:02:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-0322"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.