Linux Kernel Multiple Vulnerabilities

Impact

• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Information Disclosure

System / Technologies affected

• SUSE Linux Enterprise High Performance Computing 15
• SUSE Linux Enterprise High Performance Computing 15-SP1
• SUSE Linux Enterprise High Performance Computing 15-SP2
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Live Patching 12-SP4
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Module for Live Patching 15
• SUSE Linux Enterprise Module for Live Patching 15-SP1
• SUSE Linux Enterprise Module for Live Patching 15-SP2
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15-SP4
• SUSE Linux Enterprise Server 15
• SUSE Linux Enterprise Server 15-SP1
• SUSE Linux Enterprise Server 15-SP2
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP Applications 15
• SUSE Linux Enterprise Server for SAP Applications 15-SP1
• SUSE Linux Enterprise Server for SAP Applications 15-SP2
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• Ubuntu 16.04 ESM
• Ubuntu 18.04 LTS
• Ubuntu 22.04 LTS

Solutions

Before installation of the software, please visit the vendor web-site for more details.

For SUSE

Apply fixes issued by the vendor:

• https://www.suse.com/support/update/announcement/2022/suse-su-20223061-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223123-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223064-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223088-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223080-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223072-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223108-1

For Ubuntu

Apply fixes issued by the vendor:

• https://ubuntu.com/security/notices/USN-5597-1
• https://ubuntu.com/security/notices/USN-5599-1
• https://ubuntu.com/security/notices/USN-5598-1
• https://ubuntu.com/security/notices/USN-5600-1

Vulnerability Identifier

• CVE-2020-36516
• CVE-2021-33061
• CVE-2021-33656
• CVE-2021-39698
• CVE-2022-1012
• CVE-2022-1116
• CVE-2022-1729
• CVE-2022-1852
• CVE-2022-1943
• CVE-2022-1973
• CVE-2022-2503
• CVE-2022-2585
• CVE-2022-2873
• CVE-2022-2959
• CVE-2022-36946

Source

• AusCERT
• SUSE
• Ubuntu

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.4448
• https://www.auscert.org.au/bulletins/ESB-2022.4447
• https://www.auscert.org.au/bulletins/ESB-2022.4430
• https://www.auscert.org.au/bulletins/ESB-2022.4426
• https://www.auscert.org.au/bulletins/ESB-2022.4425
• https://www.auscert.org.au/bulletins/ESB-2022.4424
• https://www.auscert.org.au/bulletins/ESB-2022.4423
• https://www.auscert.org.au/bulletins/ESB-2022.4429
• https://www.auscert.org.au/bulletins/ESB-2022.4428
• https://www.auscert.org.au/bulletins/ESB-2022.4427
• https://www.auscert.org.au/bulletins/ESB-2022.4400
• https://www.suse.com/support/update/announcement/2022/suse-su-20223061-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223123-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223064-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223088-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223080-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223072-1
• https://www.suse.com/support/update/announcement/2022/suse-su-20223108-1
• https://ubuntu.com/security/notices/USN-5597-1
• https://ubuntu.com/security/notices/USN-5599-1
• https://ubuntu.com/security/notices/USN-5598-1
• https://ubuntu.com/security/notices/USN-5600-1