mickmick.net

Linux Kernel Multiple Vulnerabilities

Release Date: 25 Mar 2022

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and elevation of privilege on the targeted system.

---

Impact

• Denial of Service
• Remote Code Execution
• Elevation of Privilege

---

System / Technologies affected

• Ubuntu 20.04 LTS
• Ubuntu 18.04 LTS
• Ubuntu 16.04 ESM
• Ubuntu 14.04 ESM
• SUSE Linux Enterprise High Performance Computing 15-ESPOS
• SUSE Linux Enterprise High Performance Computing 15-LTSS
• SUSE Linux Enterprise Server 15-LTSS
• SUSE Linux Enterprise Server for SAP 15

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

For SUSE

• Apply fixes issued by the vendor:
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220933-1/

 

For Ubuntu

• Apply fixes issued by the vendor:
  • https://ubuntu.com/security/notices/LSN-0085-1

---

Vulnerability Identifier

• CVE-2021-33139
• CVE-2021-33155
• CVE-2022-0492
• CVE-2022-25636

---

Source

• AusCERT
• SUSE
• Ubuntu

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.1240
• https://www.auscert.org.au/bulletins/ESB-2022.1247
• https://www.suse.com/support/update/announcement/2022/suse-su-20220933-1/
• https://ubuntu.com/security/notices/LSN-0085-1