mickmick.net

Linux Kernel Multiple Vulnerabilities

Release Date: 18 Oct 2022

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

---

Impact

• Denial of Service
• Elevation of Privilege
• Information Disclosure
• Security Restriction Bypass
• Remote Code Execution

---

System / Technologies affected

• openSUSE Leap 15.4
• SUSE Linux Enterprise Desktop 12-SP5
• SUSE Linux Enterprise High Availability 12-SP4
• SUSE Linux Enterprise High Availability 12-SP5
• SUSE Linux Enterprise High Performance Computing 12-SP4
• SUSE Linux Enterprise High Performance Computing 12-SP5
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Live Patching 12-SP4
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Module for Live Patching 15-SP4
• SUSE Linux Enterprise Module for Public Cloud 15-SP4
• SUSE Linux Enterprise Server 12-SP3-BCL
• SUSE Linux Enterprise Server 12-SP4
• SUSE Linux Enterprise Server 12-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP 12-SP4
• SUSE Linux Enterprise Server for SAP Applications 12-SP5
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• SUSE Linux Enterprise Software Development Kit 12-SP5
• SUSE Linux Enterprise Workstation Extension 12-SP5
• SUSE Manager Proxy 4.3
• SUSE Manager Retail Branch Server 4.3
• SUSE Manager Server 4.3
• SUSE OpenStack Cloud 9
• SUSE OpenStack Cloud Crowbar 9
• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM 
• Ubuntu 18.04 LTS
• Ubuntu 22.04 LTS

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

For SUSE

Apply fixes issued by the vendor:

• https://www.suse.com/support/update/announcement/2022/suse-su-20223584-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223585-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223586-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223587-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223599-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223601-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223605-1/

 

For Ubuntu

Apply fixes issued by the vendor:

• https://ubuntu.com/security/notices/USN-5682-1
• https://ubuntu.com/security/notices/USN-5683-1
• https://ubuntu.com/security/notices/USN-5684-1

---

Vulnerability Identifier

• CVE-2021-4159
• CVE-2021-33655
• CVE-2022-0812
• CVE-2022-1012
• CVE-2022-1263
• CVE-2022-1882
• CVE-2022-2318
• CVE-2022-2503
• CVE-2022-2586
• CVE-2022-2663
• CVE-2022-3176
• CVE-2022-3202
• CVE-2022-3239
• CVE-2022-3303
• CVE-2022-20008
• CVE-2022-20369
• CVE-2022-26365
• CVE-2022-26373
• CVE-2022-32296
• CVE-2022-33740
• CVE-2022-33741
• CVE-2022-33742
• CVE-2022-33743
• CVE-2022-33744
• CVE-2022-34494
• CVE-2022-34495
• CVE-2022-36879
• CVE-2022-36946
• CVE-2022-39188
• CVE-2022-39189
• CVE-2022-41218
• CVE-2022-41674
• CVE-2022-41848
• CVE-2022-41849
• CVE-2022-42719
• CVE-2022-42720
• CVE-2022-42721

---

Source

• AusCERT
• Ubuntu
• SUSE

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.5120
• https://www.auscert.org.au/bulletins/ESB-2022.5122
• https://www.auscert.org.au/bulletins/ESB-2022.5123
• https://www.auscert.org.au/bulletins/ESB-2022.5124
• https://www.auscert.org.au/bulletins/ESB-2022.5125
• https://www.auscert.org.au/bulletins/ESB-2022.5127
• https://www.auscert.org.au/bulletins/ESB-2022.5130
• https://www.auscert.org.au/bulletins/ESB-2022.5136
• https://www.suse.com/support/update/announcement/2022/suse-su-20223584-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223585-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223586-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223587-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223599-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223601-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20223605-1/
• https://ubuntu.com/security/notices/USN-5682-1
• https://ubuntu.com/security/notices/USN-5683-1
• https://ubuntu.com/security/notices/USN-5684-1