SUSE update for the Linux Kernel (Live Patch 12 for SLE 15 SP3)

Published: 2022-04-25 | Updated: 2023-06-18

Risk	Low
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2022-1011 CVE-2022-1016 CVE-2022-1055
CWE-ID	CWE-416
Exploitation vector	Local
Public exploit	Public exploit code for vulnerability #1 is available.
Vulnerable software	SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications Operating systems & Components / Operating system SUSE Linux Enterprise Module for Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system kernel-livepatch-SLE15-SP2_Update_25-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_23-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_21-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_20-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_19-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_18-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_17-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_16-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_15-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_14-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_13-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_12-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_99-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_99-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_93-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_93-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_86-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_86-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_83-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_83-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_78-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_78-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_75-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_75-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_70-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_70-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_67-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_67-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_64-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_64-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_61-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_61-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_53_4-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_53_4-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_107-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-24_107-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_40-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_9-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_6-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_4-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_3-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_2-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_1-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP3_Update_0-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_5-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_5-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_40-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_34-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_34-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_24-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_24-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_16-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_16-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_13-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_13-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_10-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-59_10-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-57-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-57-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150300_59_60-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150300_59_46-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150300_59_46-default Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150300_59_43-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150300_59_43-default Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU63386

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-1011

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the write() function of FUSE filesystem. A local user can retireve (partial) /etc/shadow hashes and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 12 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 15-SP2 - 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP2 - 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15-SP2 - 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP2 - 15-SP3

SUSE Linux Enterprise Micro: 5.1

kernel-livepatch-SLE15-SP2_Update_25-debugsource: before 4-150200.2.1

kernel-livepatch-SLE15-SP2_Update_23-debugsource: before 6-150200.2.1

kernel-livepatch-SLE15-SP2_Update_21-debugsource: before 8-150200.2.1

kernel-livepatch-SLE15-SP2_Update_20-debugsource: before 9-150200.2.1

kernel-livepatch-SLE15-SP2_Update_19-debugsource: before 9-150200.2.1

kernel-livepatch-SLE15-SP2_Update_18-debugsource: before 11-150200.2.1

kernel-livepatch-SLE15-SP2_Update_17-debugsource: before 12-150200.2.1

kernel-livepatch-SLE15-SP2_Update_16-debugsource: before 13-150200.2.1

kernel-livepatch-SLE15-SP2_Update_15-debugsource: before 13-150200.2.1

kernel-livepatch-SLE15-SP2_Update_14-debugsource: before 13-150200.2.1

kernel-livepatch-SLE15-SP2_Update_13-debugsource: before 15-150200.2.1

kernel-livepatch-SLE15-SP2_Update_12-debugsource: before 15-150200.2.1

kernel-livepatch-5_3_18-24_99-default-debuginfo: before 6-150200.2.1

kernel-livepatch-5_3_18-24_99-default: before 6-150200.2.1

kernel-livepatch-5_3_18-24_93-default-debuginfo: before 8-150200.2.1

kernel-livepatch-5_3_18-24_93-default: before 8-150200.2.1

kernel-livepatch-5_3_18-24_86-default-debuginfo: before 9-150200.2.1

kernel-livepatch-5_3_18-24_86-default: before 9-150200.2.1

kernel-livepatch-5_3_18-24_83-default-debuginfo: before 9-150200.2.1

kernel-livepatch-5_3_18-24_83-default: before 9-150200.2.1

kernel-livepatch-5_3_18-24_78-default-debuginfo: before 11-150200.2.1

kernel-livepatch-5_3_18-24_78-default: before 11-150200.2.1

kernel-livepatch-5_3_18-24_75-default-debuginfo: before 12-150200.2.1

kernel-livepatch-5_3_18-24_75-default: before 12-150200.2.1

kernel-livepatch-5_3_18-24_70-default-debuginfo: before 13-150200.2.1

kernel-livepatch-5_3_18-24_70-default: before 13-150200.2.1

kernel-livepatch-5_3_18-24_67-default-debuginfo: before 13-150200.2.1

kernel-livepatch-5_3_18-24_67-default: before 13-150200.2.1

kernel-livepatch-5_3_18-24_64-default-debuginfo: before 15-150200.2.1

kernel-livepatch-5_3_18-24_64-default: before 15-150200.2.1

kernel-livepatch-5_3_18-24_61-default-debuginfo: before 15-150200.2.1

kernel-livepatch-5_3_18-24_61-default: before 15-150200.2.1

kernel-livepatch-5_3_18-24_53_4-default-debuginfo: before 13-150200.2.1

kernel-livepatch-5_3_18-24_53_4-default: before 13-150200.2.1

kernel-livepatch-5_3_18-24_107-default-debuginfo: before 4-150200.2.1

kernel-livepatch-5_3_18-24_107-default: before 4-150200.2.1

kernel-livepatch-5_3_18-59_40-default-debuginfo: before 7-150300.2.1

kernel-livepatch-SLE15-SP3_Update_9-debugsource: before 8-150300.2.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 9-150300.2.1

kernel-livepatch-SLE15-SP3_Update_4-debugsource: before 12-150300.2.1

kernel-livepatch-SLE15-SP3_Update_3-debugsource: before 13-150300.2.1

kernel-livepatch-SLE15-SP3_Update_2-debugsource: before 13-150300.2.1

kernel-livepatch-SLE15-SP3_Update_1-debugsource: before 13-150300.2.1

kernel-livepatch-SLE15-SP3_Update_0-debugsource: before 15-150200.3.1

kernel-livepatch-5_3_18-59_5-default-debuginfo: before 13-150300.2.1

kernel-livepatch-5_3_18-59_5-default: before 13-150300.2.1

kernel-livepatch-5_3_18-59_40-default: before 7-150300.2.1

kernel-livepatch-5_3_18-59_34-default-debuginfo: before 8-150300.2.1

kernel-livepatch-5_3_18-59_34-default: before 8-150300.2.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 9-150300.2.1

kernel-livepatch-5_3_18-59_24-default: before 9-150300.2.1

kernel-livepatch-5_3_18-59_16-default-debuginfo: before 12-150300.2.1

kernel-livepatch-5_3_18-59_16-default: before 12-150300.2.1

kernel-livepatch-5_3_18-59_13-default-debuginfo: before 13-150300.2.1

kernel-livepatch-5_3_18-59_13-default: before 13-150300.2.1

kernel-livepatch-5_3_18-59_10-default-debuginfo: before 13-150300.2.1

kernel-livepatch-5_3_18-59_10-default: before 13-150300.2.1

kernel-livepatch-5_3_18-57-default-debuginfo: before 15-150200.3.1

kernel-livepatch-5_3_18-57-default: before 15-150200.3.1

kernel-livepatch-5_3_18-150300_59_60-default: before 3-150300.2.1

kernel-livepatch-5_3_18-150300_59_46-default-debuginfo: before 6-150300.2.1

kernel-livepatch-5_3_18-150300_59_46-default: before 6-150300.2.1

kernel-livepatch-5_3_18-150300_59_43-default-debuginfo: before 6-150300.2.1

kernel-livepatch-5_3_18-150300_59_43-default: before 6-150300.2.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20221369-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Use-after-free

EUVDB-ID: #VU62028

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.