SUSE update for the Linux Kernel

Published: 2022-08-17 | Updated: 2022-10-19

Risk	Low
Patch available	YES
Number of vulnerabilities	4
CVE-ID	CVE-2021-26341 CVE-2021-33655 CVE-2021-33656 CVE-2022-1462
CWE-ID	CWE-668 CWE-787 CWE-125
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE OpenStack Cloud Crowbar Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Operating systems & Components / Operating system SUSE OpenStack Cloud Operating systems & Components / Operating system ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component kgraft-patch-4_12_14-95_105-default Operating systems & Components / Operating system package or component kernel-default-kgraft-devel Operating systems & Components / Operating system package or component kernel-default-kgraft Operating systems & Components / Operating system package or component kernel-default-man Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-base-debuginfo Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU61565

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-26341

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to some AMD CPUs may transiently execute beyond unconditional direct branches. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP4-LTSS - 12-SP4

SUSE Linux Enterprise High Performance Computing: 12-SP4

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

ocfs2-kmp-default: before 4.12.14-95.105.1

gfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

gfs2-kmp-default: before 4.12.14-95.105.1

dlm-kmp-default-debuginfo: before 4.12.14-95.105.1

dlm-kmp-default: before 4.12.14-95.105.1

cluster-md-kmp-default-debuginfo: before 4.12.14-95.105.1

cluster-md-kmp-default: before 4.12.14-95.105.1

kgraft-patch-4_12_14-95_105-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.105.1

kernel-default-kgraft: before 4.12.14-95.105.1

kernel-default-man: before 4.12.14-95.105.1

kernel-syms: before 4.12.14-95.105.1

kernel-default-devel-debuginfo: before 4.12.14-95.105.1

kernel-default-devel: before 4.12.14-95.105.1

kernel-default-debugsource: before 4.12.14-95.105.1

kernel-default-debuginfo: before 4.12.14-95.105.1

kernel-default-base-debuginfo: before 4.12.14-95.105.1

kernel-default-base: before 4.12.14-95.105.1

kernel-default: before 4.12.14-95.105.1

kernel-source: before 4.12.14-95.105.1

kernel-macros: before 4.12.14-95.105.1

kernel-devel: before 4.12.14-95.105.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222808-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU65833

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33655

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in FBIOPUT_VSCREENINFO IOCTL. A local user can trigger an out-of-bounds write error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP4-LTSS - 12-SP4

SUSE Linux Enterprise High Performance Computing: 12-SP4

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

ocfs2-kmp-default: before 4.12.14-95.105.1

gfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

gfs2-kmp-default: before 4.12.14-95.105.1

dlm-kmp-default-debuginfo: before 4.12.14-95.105.1

dlm-kmp-default: before 4.12.14-95.105.1

cluster-md-kmp-default-debuginfo: before 4.12.14-95.105.1

cluster-md-kmp-default: before 4.12.14-95.105.1

kgraft-patch-4_12_14-95_105-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.105.1

kernel-default-kgraft: before 4.12.14-95.105.1

kernel-default-man: before 4.12.14-95.105.1

kernel-syms: before 4.12.14-95.105.1

kernel-default-devel-debuginfo: before 4.12.14-95.105.1

kernel-default-devel: before 4.12.14-95.105.1

kernel-default-debugsource: before 4.12.14-95.105.1

kernel-default-debuginfo: before 4.12.14-95.105.1

kernel-default-base-debuginfo: before 4.12.14-95.105.1

kernel-default-base: before 4.12.14-95.105.1

kernel-default: before 4.12.14-95.105.1

kernel-source: before 4.12.14-95.105.1

kernel-macros: before 4.12.14-95.105.1

kernel-devel: before 4.12.14-95.105.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222808-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds write

EUVDB-ID: #VU66590

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33656

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when setting font with malicous data by ioctl cmd PIO_FONT. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP4-LTSS - 12-SP4

SUSE Linux Enterprise High Performance Computing: 12-SP4

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

ocfs2-kmp-default: before 4.12.14-95.105.1

gfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

gfs2-kmp-default: before 4.12.14-95.105.1

dlm-kmp-default-debuginfo: before 4.12.14-95.105.1

dlm-kmp-default: before 4.12.14-95.105.1

cluster-md-kmp-default-debuginfo: before 4.12.14-95.105.1

cluster-md-kmp-default: before 4.12.14-95.105.1

kgraft-patch-4_12_14-95_105-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.105.1

kernel-default-kgraft: before 4.12.14-95.105.1

kernel-default-man: before 4.12.14-95.105.1

kernel-syms: before 4.12.14-95.105.1

kernel-default-devel-debuginfo: before 4.12.14-95.105.1

kernel-default-devel: before 4.12.14-95.105.1

kernel-default-debugsource: before 4.12.14-95.105.1

kernel-default-debuginfo: before 4.12.14-95.105.1

kernel-default-base-debuginfo: before 4.12.14-95.105.1

kernel-default-base: before 4.12.14-95.105.1

kernel-default: before 4.12.14-95.105.1

kernel-source: before 4.12.14-95.105.1

kernel-macros: before 4.12.14-95.105.1

kernel-devel: before 4.12.14-95.105.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222808-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU66591

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1462

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the the Linux kernel’s TeleTYpe subsystem caused by a race condition when using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory file. A local user can trigger an out-of-bounds read error and crash the system or read random kernel memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP4-LTSS - 12-SP4

SUSE Linux Enterprise High Performance Computing: 12-SP4

SUSE Linux Enterprise High Availability: 12-SP4

SUSE Linux Enterprise Live Patching: 12-SP4

SUSE OpenStack Cloud Crowbar: 9

SUSE Linux Enterprise Server for SAP: 12-SP4

SUSE OpenStack Cloud: 9

ocfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

ocfs2-kmp-default: before 4.12.14-95.105.1

gfs2-kmp-default-debuginfo: before 4.12.14-95.105.1

gfs2-kmp-default: before 4.12.14-95.105.1

dlm-kmp-default-debuginfo: before 4.12.14-95.105.1

dlm-kmp-default: before 4.12.14-95.105.1

cluster-md-kmp-default-debuginfo: before 4.12.14-95.105.1

cluster-md-kmp-default: before 4.12.14-95.105.1

kgraft-patch-4_12_14-95_105-default: before 1-6.3.1

kernel-default-kgraft-devel: before 4.12.14-95.105.1

kernel-default-kgraft: before 4.12.14-95.105.1

kernel-default-man: before 4.12.14-95.105.1

kernel-syms: before 4.12.14-95.105.1

kernel-default-devel-debuginfo: before 4.12.14-95.105.1

kernel-default-devel: before 4.12.14-95.105.1

kernel-default-debugsource: before 4.12.14-95.105.1

kernel-default-debuginfo: before 4.12.14-95.105.1

kernel-default-base-debuginfo: before 4.12.14-95.105.1

kernel-default-base: before 4.12.14-95.105.1

kernel-default: before 4.12.14-95.105.1

kernel-source: before 4.12.14-95.105.1

kernel-macros: before 4.12.14-95.105.1

kernel-devel: before 4.12.14-95.105.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222808-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.