Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2022:2840-1
Rating:	important
References:	bsc#1173514 bsc#1196973 bsc#1198829 bsc#1200598 bsc#1200762 bsc#1200910 bsc#1201251 bsc#1201429 bsc#1201635 bsc#1201636 bsc#1201930 bsc#1201940
Cross-References:	CVE-2020-15393 CVE-2020-36557 CVE-2020-36558 CVE-2021-33655 CVE-2021-33656 CVE-2021-39713 CVE-2022-1462 CVE-2022-20166 CVE-2022-2318 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-36946
CVSS scores:	CVE-2020-15393 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2020-15393 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-36557 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-36557 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-36558 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-36558 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-33655 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-33655 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-33656 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H CVE-2021-33656 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-39713 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-39713 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-1462 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-1462 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-20166 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-20166 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-2318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-2318 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-26365 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-26365 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33740 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33740 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33741 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33741 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33742 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33742 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-36946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-36946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3

An update that solves 14 vulnerabilities can now be installed.

Description:

The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2020-15393: CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).
• CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free (bnc#1201429).
• CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
• CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).
• CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT (bnc#1201636).
• CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free. (bnc#1196973)
• CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829).
• CVE-2022-20166: Fixed possible out of bounds write due to sprintf unsafety that could cause local escalation of privilege (bnc#1200598).
• CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).
• CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
• CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940).

The following non-security bugs were fixed:

• kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).
• kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-2840=1

Package List:

• SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 (nosrc x86_64)
  • kernel-default-4.4.180-94.171.1
• SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 (x86_64)
  • kernel-default-debugsource-4.4.180-94.171.1
  • kernel-default-base-4.4.180-94.171.1
  • kernel-default-devel-4.4.180-94.171.1
  • kernel-default-base-debuginfo-4.4.180-94.171.1
  • kernel-syms-4.4.180-94.171.1
  • kernel-default-debuginfo-4.4.180-94.171.1
• SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 (noarch)
  • kernel-macros-4.4.180-94.171.1
  • kernel-devel-4.4.180-94.171.1
  • kernel-source-4.4.180-94.171.1

References:

• https://www.suse.com/security/cve/CVE-2020-15393.html
• https://www.suse.com/security/cve/CVE-2020-36557.html
• https://www.suse.com/security/cve/CVE-2020-36558.html
• https://www.suse.com/security/cve/CVE-2021-33655.html
• https://www.suse.com/security/cve/CVE-2021-33656.html
• https://www.suse.com/security/cve/CVE-2021-39713.html
• https://www.suse.com/security/cve/CVE-2022-1462.html
• https://www.suse.com/security/cve/CVE-2022-20166.html
• https://www.suse.com/security/cve/CVE-2022-2318.html
• https://www.suse.com/security/cve/CVE-2022-26365.html
• https://www.suse.com/security/cve/CVE-2022-33740.html
• https://www.suse.com/security/cve/CVE-2022-33741.html
• https://www.suse.com/security/cve/CVE-2022-33742.html
• https://www.suse.com/security/cve/CVE-2022-36946.html
• https://bugzilla.suse.com/show_bug.cgi?id=1173514
• https://bugzilla.suse.com/show_bug.cgi?id=1196973
• https://bugzilla.suse.com/show_bug.cgi?id=1198829
• https://bugzilla.suse.com/show_bug.cgi?id=1200598
• https://bugzilla.suse.com/show_bug.cgi?id=1200762
• https://bugzilla.suse.com/show_bug.cgi?id=1200910
• https://bugzilla.suse.com/show_bug.cgi?id=1201251
• https://bugzilla.suse.com/show_bug.cgi?id=1201429
• https://bugzilla.suse.com/show_bug.cgi?id=1201635
• https://bugzilla.suse.com/show_bug.cgi?id=1201636
• https://bugzilla.suse.com/show_bug.cgi?id=1201930
• https://bugzilla.suse.com/show_bug.cgi?id=1201940