mickmick.net

Linux Kernel Multiple Vulnerabilities

Release Date: 15 Jul 2022

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in Linux Kernel. A attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, sensitive information disclosure and remote code execution on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Information Disclosure
• Remote Code Execution

---

System / Technologies affected

• openSUSE Leap 15.3
• SUSE Linux Enterprise Desktop 12-SP5
• SUSE Linux Enterprise High Availability 12-SP4
• SUSE Linux Enterprise High Availability 12-SP5
• SUSE Linux Enterprise High Performance Computing 12-SP4
• SUSE Linux Enterprise High Performance Computing 12-SP5
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Live Patching 12-SP4
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Module for Public Cloud 15-SP3
• SUSE Linux Enterprise Server 12-SP2-BCL
• SUSE Linux Enterprise Server 12-SP4
• SUSE Linux Enterprise Server 12-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP 12-SP4
• SUSE Linux Enterprise Server for SAP Applications 12-SP5
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Software Development Kit 12-SP5
• SUSE Linux Enterprise Storage 7.1
• SUSE Linux Enterprise Workstation Extension 12-SP5
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.2
• SUSE OpenStack Cloud 9
• SUSE OpenStack Cloud Crowbar 9
• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM 
• Ubuntu 18.04 LTS 
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

For SUSE

• Apply fixes issued by the vendor:
  • https://www.suse.com/support/update/announcement/2022/suse-su-20222376-1
  • https://www.suse.com/support/update/announcement/2022/suse-su-20222377-1
  • https://www.suse.com/support/update/announcement/2022/suse-su-20222379-1
  • https://www.suse.com/support/update/announcement/2022/suse-su-20222382-1
  • https://www.suse.com/support/update/announcement/2022/suse-su-20222393-1/

 

For Ubuntu

• Apply fixes issued by the vendor:
  • https://ubuntu.com/security/notices/USN-5517-1
  • https://ubuntu.com/security/notices/USN-5518-1
  • https://ubuntu.com/security/notices/USN-5513-1
  • https://ubuntu.com/security/notices/USN-5514-1
  • https://ubuntu.com/security/notices/USN-5515-1

 

---

Vulnerability Identifier

• CVE-2017-16525
• CVE-2019-19377
• CVE-2020-26541
• CVE-2021-3609
• CVE-2021-3752
• CVE-2021-3760
• CVE-2021-4157
• CVE-2021-4197
• CVE-2021-4202
• CVE-2021-26341
• CVE-2021-39685
• CVE-2021-39714
• CVE-2022-0330
• CVE-2022-0500
• CVE-2022-1011
• CVE-2022-1012
• CVE-2022-1184
• CVE-2022-1195
• CVE-2022-1198
• CVE-2022-1199
• CVE-2022-1204
• CVE-2022-1205
• CVE-2022-1353
• CVE-2022-1419
• CVE-2022-1516
• CVE-2022-1652
• CVE-2022-1679
• CVE-2022-1729
• CVE-2022-1734
• CVE-2022-1789
• CVE-2022-1974
• CVE-2022-1975
• CVE-2022-2318
• CVE-2022-2380
• CVE-2022-20132
• CVE-2022-20141
• CVE-2022-20154
• CVE-2022-21123
• CVE-2022-21125
• CVE-2022-21166
• CVE-2022-21499
• CVE-2022-24958
• CVE-2022-26365
• CVE-2022-28356
• CVE-2022-28388
• CVE-2022-28389
• CVE-2022-29900
• CVE-2022-29901
• CVE-2022-33740
• CVE-2022-33741
• CVE-2022-33742
• CVE-2022-33981
• CVE-2022-34494
• CVE-2022-34918

---

Source

• AusCERT
• SUSE
• Ubuntu

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.3458
• https://www.auscert.org.au/bulletins/ESB-2022.3457
• https://www.auscert.org.au/bulletins/ESB-2022.3452
• https://www.auscert.org.au/bulletins/ESB-2022.3448
• https://www.auscert.org.au/bulletins/ESB-2022.3435
• https://www.auscert.org.au/bulletins/ESB-2022.3434
• https://www.auscert.org.au/bulletins/ESB-2022.3433
• https://www.auscert.org.au/bulletins/ESB-2022.3418
• https://www.auscert.org.au/bulletins/ESB-2022.3417
• https://ubuntu.com/security/notices/USN-5517-1
• https://ubuntu.com/security/notices/USN-5518-1
• https://ubuntu.com/security/notices/USN-5513-1
• https://ubuntu.com/security/notices/USN-5514-1
• https://ubuntu.com/security/notices/USN-5515-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20222379-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20222382-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20222376-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20222377-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20222393-1/