SUSE-SU-2022:3282-1
Vulnerability from csaf_suse - Published: 2022-09-15 13:33 - Updated: 2022-09-15 13:33Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).
- CVE-2022-29581: Fixed improper update of reference count vulnerability in net/sched that allowed a local attacker to cause privilege escalation to root (bnc#1199665).
- CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed possible out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
The following non-security bugs were fixed:
- 9p: migrate from sync_inode to filemap_fdatawrite_wbc (bsc#1202528).
- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
- Fix releasing of old bundles in xfrm_bundle_lookup() (bsc#1201264 bsc#1190397 bsc#1199617).
- KABI: cgroup: Restore KABI of css_set (bsc#1201610).
- KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729).
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
- KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (bsc#1120716).
- KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes).
- KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
- Revert 'USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set' (git-fixes).
- Revert 'r8152: adjust the settings about MAC clock speed down for RTL8153' (git-fixes).
- SUNRPC: Fix READ_PLUS crasher (git-fixes).
- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
- USB: new quirk for Dell Gen 2 devices (git-fixes).
- USB: serial: io_ti: add Agilent E5805A support (git-fixes).
- add Kirk Allan as branch maintainer
- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (git-fixes).
- btrfs: Convert fs_info->free_chunk_space to atomic64_t (bsc#1202528).
- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1202528).
- btrfs: add a trace point for reserve tickets (bsc#1202528).
- btrfs: adjust the flush trace point to include the source (bsc#1202528).
- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1202528).
- btrfs: check worker before need_preemptive_reclaim (bsc#1202528).
- btrfs: do not do preemptive flushing if the majority is global rsv (bsc#1202528).
- btrfs: do not include the global rsv size in the preemptive used amount (bsc#1202528).
- btrfs: enable a tracepoint when we fail tickets (bsc#1202528).
- btrfs: handle preemptive delalloc flushing slightly differently (bsc#1202528).
- btrfs: implement space clamping for preemptive flushing (bsc#1202528).
- btrfs: improve preemptive background space flushing (bsc#1202528).
- btrfs: include delalloc related info in dump space info tracepoint (bsc#1202528).
- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1202528).
- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1202528).
- btrfs: only clamp the first time we have to start flushing (bsc#1202528).
- btrfs: only ignore delalloc if delalloc is much smaller than ordered (bsc#1202528).
- btrfs: reduce the preemptive flushing threshold to 90% (bsc#1202528).
- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1202528).
- btrfs: rename need_do_async_reclaim (bsc#1202528).
- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1202528).
- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1202528).
- btrfs: rip out may_commit_transaction (bsc#1202528).
- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1202528).
- btrfs: simplify the logic in need_preemptive_flushing (bsc#1202528).
- btrfs: take into account global rsv in need_preemptive_reclaim (bsc#1202528).
- btrfs: use delalloc_bytes to determine flush amount for shrink_delalloc (bsc#1202528).
- btrfs: use percpu_read_positive instead of sum_positive for need_preempt (bsc#1202528).
- btrfs: use the filemap_fdatawrite_wbc helper for delalloc shrinking (bsc#1202528).
- btrfs: use the global rsv size in the preemptive thresh calculation (bsc#1202528).
- btrfs: wait on async extents when flushing delalloc (bsc#1202528).
- btrfs: wake up async_delalloc_pages waiters after submit (bsc#1202528).
- ceph: do not truncate file in atomic_open (bsc#1202830).
- cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610).
- check sk_peer_cred pointer before put_cred() call
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes).
- crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of (git-fixes).
- cxgb4: fix endian conversions for L4 ports in filters (git-fixes).
- cxgb4: move handling L2T ARP failures to caller (git-fixes).
- cxgb4: parse TC-U32 key values and masks natively (git-fixes).
- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
- drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX (git-fixes).
- fs: add a filemap_fdatawrite_wbc helper (bsc#1202528).
- fuse: limit nsec (bsc#1203126).
- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes).
- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
- kabi/severities: add mlx5 internal symbols
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325).
- md-raid: destroy the bitmap after destroying the thread (git-fixes).
- md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
- mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes, bsc#1203098).
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098).
- mvpp2: fix panic on module removal (git-fixes).
- mvpp2: refactor the HW checksum setup (git-fixes).
- net/mlx5: Clear LAG notifier pointer after unregister (git-fixes).
- net/mlx5: Fix auto group size calculation (git-fixes).
- net/mlx5: Imply MLXFW in mlx5_core (git-fixes).
- net/mlx5e: Use the inner headers to determine tc/pedit offload limitation on decap flows (git-fixes).
- net: dsa: mt7530: Change the LINK bit to reflect the link status (git-fixes).
- net: emaclite: Simplify if-else statements (git-fixes).
- net: ll_temac: Add more error handling of dma_map_single() calls (git-fixes).
- net: ll_temac: Enable DMA when ready, not before (git-fixes).
- net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure (git-fixes).
- net: ll_temac: Fix iommu/swiotlb leak (git-fixes).
- net: ll_temac: Fix support for 64-bit platforms (git-fixes).
- net: ll_temac: Fix support for little-endian platforms (git-fixes).
- net: ll_temac: Fix typo bug for 32-bit (git-fixes).
- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes).
- net: stmmac: gmac4: bitrev32 returns u32 (git-fixes).
- net: usb: lan78xx: Connect PHY before registering MAC (git-fixes).
- net: xilinx: replace dev_kfree_skb_irq by dev_consume_skb_irq for drop profiles (git-fixes).
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- objtool: Add --backtrace support (bsc#1202396).
- objtool: Add support for intra-function calls (bsc#1202396).
- objtool: Allow no-op CFI ops in alternatives (bsc#1202396).
- objtool: Convert insn type to enum (bsc#1202396).
- objtool: Do not use ignore flag for fake jumps (bsc#1202396).
- objtool: Fix !CFI insn_state propagation (bsc#1202396).
- objtool: Fix ORC vs alternatives (bsc#1202396).
- objtool: Fix sibling call detection (bsc#1202396).
- objtool: Make handle_insn_ops() unconditional (bsc#1202396).
- objtool: Remove INSN_STACK (bsc#1202396).
- objtool: Remove check preventing branches within alternative (bsc#1202396).
- objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (bsc#1202396).
- objtool: Rename struct cfi_state (bsc#1202396).
- objtool: Rework allocating stack_ops on decode (bsc#1202396).
- objtool: Rewrite alt->skip_orig (bsc#1202396).
- objtool: Set insn->func for alternatives (bsc#1202396).
- objtool: Support conditional retpolines (bsc#1202396).
- objtool: Support multiple stack_op per instruction (bsc#1202396).
- objtool: Track original function across branches (bsc#1202396).
- objtool: Uniquely identify alternative instruction groups (bsc#1202396).
- objtool: Use Elf_Scn typedef instead of assuming struct name (bsc#1202396).
- pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).
- phy: tegra: fix device-tree node lookups (git-fixes).
- powerpc/perf: Add privileged access check for thread_imc (bsc#1054914, git-fixes).
- powerpc/perf: Fix loop exit condition in nest_imc_event_init (bsc#1054914, git-fixes).
- powerpc/perf: Return accordingly on invalid chip-id in (bsc#1054914, git-fixes).
- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).
- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
- powerpc/powernv: Staticify functions without prototypes (bsc#1065729).
- powerpc/powernv: Use darn instruction for get_random_seed() on Power9 (bsc#1065729).
- powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729).
- powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729).
- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
- powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).
- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
- powerpc: Use sizeof(*foo) rather than sizeof(struct foo) (bsc#1054914, git-fixes).
- powerpc: define get_cycles macro for arch-override (bsc#1065729).
- powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).
- qed: Add EDPM mode type for user-fw compatibility (git-fixes).
- qed: fix kABI in qed_rdma_create_qp_in_params (git-fixes).
- rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
- scsi: smartpqi: set force_blk_mq=1.(bsc#1179310)
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes).
- squashfs: add more sanity checks in id lookup (git-fixes).
- squashfs: add more sanity checks in inode lookup (git-fixes).
- squashfs: add more sanity checks in xattr id lookup (git-fixes).
- squashfs: fix divide error in calculate_skip() (git-fixes).
- squashfs: fix inode lookup sanity checks (bsc#1203013).
- squashfs: fix xattr id and id lookup sanity checks (bsc#1203013).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/perf: Use strndup_user() instead of buggy open-coded version (git-fixes).
- tracing/uprobes: Check the return value of kstrdup() for tu->filename (git-fixes).
- tracing: Fix race in perf_trace_buf initialization (git-fixes).
- usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).
- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
- xfs: always free inline data before resetting inode fork during ifree (bsc#1202017).
- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).
- xfs: fix NULL pointer dereference in xfs_getbmap() (git-fixes).
- xprtrdma: Fix trace point use-after-free race (git-fixes).
Patchnames: SUSE-2022-3282,SUSE-SLE-SERVER-12-SP5-2022-3282
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.8 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).\n- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).\n- CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).\n- CVE-2022-29581: Fixed improper update of reference count vulnerability in net/sched that allowed a local attacker to cause privilege escalation to root (bnc#1199665).\n- CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).\n- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).\n- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).\n- CVE-2022-20369: Fixed possible out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).\n- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535).\n- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim\u0027s TCP session (bnc#1196616).\n\nThe following non-security bugs were fixed:\n\n- 9p: migrate from sync_inode to filemap_fdatawrite_wbc (bsc#1202528).\n- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).\n- Fix releasing of old bundles in xfrm_bundle_lookup() (bsc#1201264 bsc#1190397 bsc#1199617).\n- KABI: cgroup: Restore KABI of css_set (bsc#1201610).\n- KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729).\n- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)\n- KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (bsc#1120716).\n- KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes).\n- KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).\n- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).\n- Revert \u0027USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set\u0027 (git-fixes).\n- Revert \u0027r8152: adjust the settings about MAC clock speed down for RTL8153\u0027 (git-fixes).\n- SUNRPC: Fix READ_PLUS crasher (git-fixes).\n- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).\n- USB: new quirk for Dell Gen 2 devices (git-fixes).\n- USB: serial: io_ti: add Agilent E5805A support (git-fixes).\n- add Kirk Allan as branch maintainer\n- ata: libata: add qc-\u003eflags in ata_qc_complete_template tracepoint (git-fixes).\n- btrfs: Convert fs_info-\u003efree_chunk_space to atomic64_t (bsc#1202528).\n- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1202528).\n- btrfs: add a trace point for reserve tickets (bsc#1202528).\n- btrfs: adjust the flush trace point to include the source (bsc#1202528).\n- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1202528).\n- btrfs: check worker before need_preemptive_reclaim (bsc#1202528).\n- btrfs: do not do preemptive flushing if the majority is global rsv (bsc#1202528).\n- btrfs: do not include the global rsv size in the preemptive used amount (bsc#1202528).\n- btrfs: enable a tracepoint when we fail tickets (bsc#1202528).\n- btrfs: handle preemptive delalloc flushing slightly differently (bsc#1202528).\n- btrfs: implement space clamping for preemptive flushing (bsc#1202528).\n- btrfs: improve preemptive background space flushing (bsc#1202528).\n- btrfs: include delalloc related info in dump space info tracepoint (bsc#1202528).\n- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1202528).\n- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1202528).\n- btrfs: only clamp the first time we have to start flushing (bsc#1202528).\n- btrfs: only ignore delalloc if delalloc is much smaller than ordered (bsc#1202528).\n- btrfs: reduce the preemptive flushing threshold to 90% (bsc#1202528).\n- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1202528).\n- btrfs: rename need_do_async_reclaim (bsc#1202528).\n- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1202528).\n- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1202528).\n- btrfs: rip out may_commit_transaction (bsc#1202528).\n- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1202528).\n- btrfs: simplify the logic in need_preemptive_flushing (bsc#1202528).\n- btrfs: take into account global rsv in need_preemptive_reclaim (bsc#1202528).\n- btrfs: use delalloc_bytes to determine flush amount for shrink_delalloc (bsc#1202528).\n- btrfs: use percpu_read_positive instead of sum_positive for need_preempt (bsc#1202528).\n- btrfs: use the filemap_fdatawrite_wbc helper for delalloc shrinking (bsc#1202528).\n- btrfs: use the global rsv size in the preemptive thresh calculation (bsc#1202528).\n- btrfs: wait on async extents when flushing delalloc (bsc#1202528).\n- btrfs: wake up async_delalloc_pages waiters after submit (bsc#1202528).\n- ceph: do not truncate file in atomic_open (bsc#1202830).\n- cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610).\n- check sk_peer_cred pointer before put_cred() call\n- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes).\n- crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of (git-fixes).\n- cxgb4: fix endian conversions for L4 ports in filters (git-fixes).\n- cxgb4: move handling L2T ARP failures to caller (git-fixes).\n- cxgb4: parse TC-U32 key values and masks natively (git-fixes).\n- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n- drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX (git-fixes).\n- fs: add a filemap_fdatawrite_wbc helper (bsc#1202528).\n- fuse: limit nsec (bsc#1203126).\n- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes).\n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n- kabi/severities: add mlx5 internal symbols\n- kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325).\n- md-raid: destroy the bitmap after destroying the thread (git-fixes).\n- md/bitmap: do not set sb values if can\u0027t pass sanity check (bsc#1197158).\n- mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes, bsc#1203098).\n- mm/rmap: Fix anon_vma-\u003edegree ambiguity leading to double-reuse (git-fixes, bsc#1203098).\n- mvpp2: fix panic on module removal (git-fixes).\n- mvpp2: refactor the HW checksum setup (git-fixes).\n- net/mlx5: Clear LAG notifier pointer after unregister (git-fixes).\n- net/mlx5: Fix auto group size calculation (git-fixes).\n- net/mlx5: Imply MLXFW in mlx5_core (git-fixes).\n- net/mlx5e: Use the inner headers to determine tc/pedit offload limitation on decap flows (git-fixes).\n- net: dsa: mt7530: Change the LINK bit to reflect the link status (git-fixes).\n- net: emaclite: Simplify if-else statements (git-fixes).\n- net: ll_temac: Add more error handling of dma_map_single() calls (git-fixes).\n- net: ll_temac: Enable DMA when ready, not before (git-fixes).\n- net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure (git-fixes).\n- net: ll_temac: Fix iommu/swiotlb leak (git-fixes).\n- net: ll_temac: Fix support for 64-bit platforms (git-fixes).\n- net: ll_temac: Fix support for little-endian platforms (git-fixes).\n- net: ll_temac: Fix typo bug for 32-bit (git-fixes).\n- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes).\n- net: stmmac: gmac4: bitrev32 returns u32 (git-fixes).\n- net: usb: lan78xx: Connect PHY before registering MAC (git-fixes).\n- net: xilinx: replace dev_kfree_skb_irq by dev_consume_skb_irq for drop profiles (git-fixes).\n- net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n- objtool: Add --backtrace support (bsc#1202396).\n- objtool: Add support for intra-function calls (bsc#1202396).\n- objtool: Allow no-op CFI ops in alternatives (bsc#1202396).\n- objtool: Convert insn type to enum (bsc#1202396).\n- objtool: Do not use ignore flag for fake jumps (bsc#1202396).\n- objtool: Fix !CFI insn_state propagation (bsc#1202396).\n- objtool: Fix ORC vs alternatives (bsc#1202396).\n- objtool: Fix sibling call detection (bsc#1202396).\n- objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n- objtool: Remove INSN_STACK (bsc#1202396).\n- objtool: Remove check preventing branches within alternative (bsc#1202396).\n- objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (bsc#1202396).\n- objtool: Rename struct cfi_state (bsc#1202396).\n- objtool: Rework allocating stack_ops on decode (bsc#1202396).\n- objtool: Rewrite alt-\u003eskip_orig (bsc#1202396).\n- objtool: Set insn-\u003efunc for alternatives (bsc#1202396).\n- objtool: Support conditional retpolines (bsc#1202396).\n- objtool: Support multiple stack_op per instruction (bsc#1202396).\n- objtool: Track original function across branches (bsc#1202396).\n- objtool: Uniquely identify alternative instruction groups (bsc#1202396).\n- objtool: Use Elf_Scn typedef instead of assuming struct name (bsc#1202396).\n- pNFS: Do not keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).\n- phy: tegra: fix device-tree node lookups (git-fixes).\n- powerpc/perf: Add privileged access check for thread_imc (bsc#1054914, git-fixes).\n- powerpc/perf: Fix loop exit condition in nest_imc_event_init (bsc#1054914, git-fixes).\n- powerpc/perf: Return accordingly on invalid chip-id in (bsc#1054914, git-fixes).\n- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n- powerpc/powernv: Staticify functions without prototypes (bsc#1065729).\n- powerpc/powernv: Use darn instruction for get_random_seed() on Power9 (bsc#1065729).\n- powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729).\n- powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729).\n- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n- powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n- powerpc: Use sizeof(*foo) rather than sizeof(struct foo) (bsc#1054914, git-fixes).\n- powerpc: define get_cycles macro for arch-override (bsc#1065729).\n- powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n- qed: Add EDPM mode type for user-fw compatibility (git-fixes).\n- qed: fix kABI in qed_rdma_create_qp_in_params (git-fixes).\n- rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n- scsi: smartpqi: set force_blk_mq=1.(bsc#1179310)\n- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes).\n- squashfs: add more sanity checks in id lookup (git-fixes).\n- squashfs: add more sanity checks in inode lookup (git-fixes).\n- squashfs: add more sanity checks in xattr id lookup (git-fixes).\n- squashfs: fix divide error in calculate_skip() (git-fixes).\n- squashfs: fix inode lookup sanity checks (bsc#1203013).\n- squashfs: fix xattr id and id lookup sanity checks (bsc#1203013).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/perf: Use strndup_user() instead of buggy open-coded version (git-fixes).\n- tracing/uprobes: Check the return value of kstrdup() for tu-\u003efilename (git-fixes).\n- tracing: Fix race in perf_trace_buf initialization (git-fixes).\n- usb: misc: fix improper handling of refcount in uss720_probe() (git-fixes).\n- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n- xfs: always free inline data before resetting inode fork during ifree (bsc#1202017).\n- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).\n- xfs: fix NULL pointer dereference in xfs_getbmap() (git-fixes).\n- xprtrdma: Fix trace point use-after-free race (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3282,SUSE-SLE-SERVER-12-SP5-2022-3282",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3282-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3282-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223282-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3282-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012250.html"
},
{
"category": "self",
"summary": "SUSE Bug 1054914",
"url": "https://bugzilla.suse.com/1054914"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1120716",
"url": "https://bugzilla.suse.com/1120716"
},
{
"category": "self",
"summary": "SUSE Bug 1179310",
"url": "https://bugzilla.suse.com/1179310"
},
{
"category": "self",
"summary": "SUSE Bug 1190397",
"url": "https://bugzilla.suse.com/1190397"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1196616",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "self",
"summary": "SUSE Bug 1197158",
"url": "https://bugzilla.suse.com/1197158"
},
{
"category": "self",
"summary": "SUSE Bug 1199617",
"url": "https://bugzilla.suse.com/1199617"
},
{
"category": "self",
"summary": "SUSE Bug 1199665",
"url": "https://bugzilla.suse.com/1199665"
},
{
"category": "self",
"summary": "SUSE Bug 1201019",
"url": "https://bugzilla.suse.com/1201019"
},
{
"category": "self",
"summary": "SUSE Bug 1201264",
"url": "https://bugzilla.suse.com/1201264"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1201442",
"url": "https://bugzilla.suse.com/1201442"
},
{
"category": "self",
"summary": "SUSE Bug 1201610",
"url": "https://bugzilla.suse.com/1201610"
},
{
"category": "self",
"summary": "SUSE Bug 1201705",
"url": "https://bugzilla.suse.com/1201705"
},
{
"category": "self",
"summary": "SUSE Bug 1201726",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "self",
"summary": "SUSE Bug 1201948",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "self",
"summary": "SUSE Bug 1202017",
"url": "https://bugzilla.suse.com/1202017"
},
{
"category": "self",
"summary": "SUSE Bug 1202096",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "self",
"summary": "SUSE Bug 1202154",
"url": "https://bugzilla.suse.com/1202154"
},
{
"category": "self",
"summary": "SUSE Bug 1202346",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "self",
"summary": "SUSE Bug 1202347",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "self",
"summary": "SUSE Bug 1202393",
"url": "https://bugzilla.suse.com/1202393"
},
{
"category": "self",
"summary": "SUSE Bug 1202396",
"url": "https://bugzilla.suse.com/1202396"
},
{
"category": "self",
"summary": "SUSE Bug 1202528",
"url": "https://bugzilla.suse.com/1202528"
},
{
"category": "self",
"summary": "SUSE Bug 1202577",
"url": "https://bugzilla.suse.com/1202577"
},
{
"category": "self",
"summary": "SUSE Bug 1202672",
"url": "https://bugzilla.suse.com/1202672"
},
{
"category": "self",
"summary": "SUSE Bug 1202830",
"url": "https://bugzilla.suse.com/1202830"
},
{
"category": "self",
"summary": "SUSE Bug 1202897",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "self",
"summary": "SUSE Bug 1202898",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "self",
"summary": "SUSE Bug 1203013",
"url": "https://bugzilla.suse.com/1203013"
},
{
"category": "self",
"summary": "SUSE Bug 1203098",
"url": "https://bugzilla.suse.com/1203098"
},
{
"category": "self",
"summary": "SUSE Bug 1203126",
"url": "https://bugzilla.suse.com/1203126"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36516 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20369 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2588 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2639 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29581 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2977 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36879 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36879/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-09-15T13:33:30Z",
"generator": {
"date": "2022-09-15T13:33:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3282-1",
"initial_release_date": "2022-09-15T13:33:30Z",
"revision_history": [
{
"date": "2022-09-15T13:33:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.109.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.109.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.109.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.109.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.109.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.109.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.109.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.109.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.109.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.109.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.109.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.109.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.109.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.109.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.109.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.109.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.109.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.109.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.109.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.109.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.109.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.109.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.109.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.109.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36516"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim\u0027s TCP session or terminate that session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36516",
"url": "https://www.suse.com/security/cve/CVE-2020-36516"
},
{
"category": "external",
"summary": "SUSE Bug 1196616 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "external",
"summary": "SUSE Bug 1196867 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196867"
},
{
"category": "external",
"summary": "SUSE Bug 1204092 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204092"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "important"
}
],
"title": "CVE-2020-36516"
},
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-20368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20368"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20368",
"url": "https://www.suse.com/security/cve/CVE-2022-20368"
},
{
"category": "external",
"summary": "SUSE Bug 1202346 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "external",
"summary": "SUSE Bug 1212311 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1212311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-20369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20369"
}
],
"notes": [
{
"category": "general",
"text": "In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20369",
"url": "https://www.suse.com/security/cve/CVE-2022-20369"
},
{
"category": "external",
"summary": "SUSE Bug 1202347 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "external",
"summary": "SUSE Bug 1212321 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1212321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-20369"
},
{
"cve": "CVE-2022-21385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21385"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21385",
"url": "https://www.suse.com/security/cve/CVE-2022-21385"
},
{
"category": "external",
"summary": "SUSE Bug 1202897 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "external",
"summary": "SUSE Bug 1212285 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1212285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-21385"
},
{
"cve": "CVE-2022-2588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2588"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2588",
"url": "https://www.suse.com/security/cve/CVE-2022-2588"
},
{
"category": "external",
"summary": "SUSE Bug 1202096 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "external",
"summary": "SUSE Bug 1203613 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1203613"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1204183"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "important"
}
],
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-26373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26373"
}
],
"notes": [
{
"category": "general",
"text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26373",
"url": "https://www.suse.com/security/cve/CVE-2022-26373"
},
{
"category": "external",
"summary": "SUSE Bug 1201726 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "external",
"summary": "SUSE Bug 1209619 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1209619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2639"
}
],
"notes": [
{
"category": "general",
"text": "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2639",
"url": "https://www.suse.com/security/cve/CVE-2022-2639"
},
{
"category": "external",
"summary": "SUSE Bug 1202154 for CVE-2022-2639",
"url": "https://bugzilla.suse.com/1202154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-2639"
},
{
"cve": "CVE-2022-29581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29581"
}
],
"notes": [
{
"category": "general",
"text": "Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29581",
"url": "https://www.suse.com/security/cve/CVE-2022-29581"
},
{
"category": "external",
"summary": "SUSE Bug 1199665 for CVE-2022-29581",
"url": "https://bugzilla.suse.com/1199665"
},
{
"category": "external",
"summary": "SUSE Bug 1199695 for CVE-2022-29581",
"url": "https://bugzilla.suse.com/1199695"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-29581",
"url": "https://bugzilla.suse.com/1205313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "important"
}
],
"title": "CVE-2022-29581"
},
{
"cve": "CVE-2022-2977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2977"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2977",
"url": "https://www.suse.com/security/cve/CVE-2022-2977"
},
{
"category": "external",
"summary": "SUSE Bug 1202672 for CVE-2022-2977",
"url": "https://bugzilla.suse.com/1202672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-2977"
},
{
"cve": "CVE-2022-3028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3028"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3028",
"url": "https://www.suse.com/security/cve/CVE-2022-3028"
},
{
"category": "external",
"summary": "SUSE Bug 1202898 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "external",
"summary": "SUSE Bug 1212296 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1212296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-36879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36879"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36879",
"url": "https://www.suse.com/security/cve/CVE-2022-36879"
},
{
"category": "external",
"summary": "SUSE Bug 1201948 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "external",
"summary": "SUSE Bug 1212327 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1212327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.109.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.109.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-15T13:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2022-36879"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…