mickmick.net

Linux Kernel Multiple Vulnerabilities

Release Date: 20 Apr 2022

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system.

---

Impact

• Information Disclosure
• Elevation of Privilege
• Data Manipulation
• Remote Code Execution

---

System / Technologies affected

• openSUSE Leap 15.3
• openSUSE Leap 15.4
• SUSE Enterprise Storage 7
• SUSE Linux Enterprise Desktop 12-SP5
• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise High Availability 12-SP5
• SUSE Linux Enterprise High Availability 15-SP2
• SUSE Linux Enterprise High Availability 15-SP3
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 12-SP5
• SUSE Linux Enterprise High Performance Computing 15-SP2
• SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
• SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Micro 5.0
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Micro 5.2
• SUSE Linux Enterprise Module for Basesystem 15-SP3
• SUSE Linux Enterprise Module for Development Tools 15-SP3
• SUSE Linux Enterprise Module for Legacy Software 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15-SP2
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Realtime Extension 15-SP2
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-SP2
• SUSE Linux Enterprise Server 15-SP2-BCL
• SUSE Linux Enterprise Server 15-SP2-LTSS
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP 15-SP2
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 12-SP5
• SUSE Linux Enterprise Server for SAP Applications 15-SP2
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Software Development Kit 12-SP5
• SUSE Linux Enterprise Workstation Extension 12-SP5
• SUSE Linux Enterprise Workstation Extension 15-SP3
• SUSE Manager Proxy 4.1
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.1
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.1
• SUSE Manager Server 4.2

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://www.suse.com/support/update/announcement/2022/suse-su-20221197-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221196-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221183-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221223-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221224-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221194-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221246-1

---

Vulnerability Identifier

• CVE-2021-0920
• CVE-2021-39698
• CVE-2021-39713
• CVE-2021-45868
• CVE-2022-0001
• CVE-2022-0002
• CVE-2022-0812
• CVE-2022-0850
• CVE-2022-0854
• CVE-2022-1011
• CVE-2022-1016
• CVE-2022-1048
• CVE-2022-1055
• CVE-2022-1195
• CVE-2022-1198
• CVE-2022-1199
• CVE-2022-1205
• CVE-2022-22942
• CVE-2022-23036
• CVE-2022-23037
• CVE-2022-23038
• CVE-2022-23039
• CVE-2022-23040
• CVE-2022-23041
• CVE-2022-23042
• CVE-2022-23960
• CVE-2022-26490
• CVE-2022-26966
• CVE-2022-27666
• CVE-2022-28388
• CVE-2022-28389
• CVE-2022-28390

---

Source

• AusCERT
• SUSE

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.1664
• https://www.auscert.org.au/bulletins/ESB-2022.1663
• https://www.auscert.org.au/bulletins/ESB-2022.1662
• https://www.auscert.org.au/bulletins/ESB-2022.1661
• https://www.auscert.org.au/bulletins/ESB-2022.1660
• https://www.auscert.org.au/bulletins/ESB-2022.1659
• https://www.auscert.org.au/bulletins/ESB-2022.1649
• https://www.suse.com/support/update/announcement/2022/suse-su-20221197-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221196-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221183-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221223-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221224-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221194-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20221246-1