Описание
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-150200_24_126 fixes several issues.
The following security issues were fixed:
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_105-default-4-2.1
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_130-default-4-2.1
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150000_150_98-default-4-150000.2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-150100_197_120-default-4-150100.2.1
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-150200_24_126-default-5-150200.2.1
Ссылки
- Link for SUSE-SU-2022:4030-1
- E-Mail link for SUSE-SU-2022:4030-1
- SUSE Security Ratings
- SUSE Bug 1203613
- SUSE Bug 1204170
- SUSE CVE CVE-2022-2588 page
- SUSE CVE CVE-2022-42703 page
Описание
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-4-2.1
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-4-2.1
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-4-150100.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-5-150200.2.1
Ссылки
- CVE-2022-2588
- SUSE Bug 1202096
- SUSE Bug 1203613
- SUSE Bug 1204183
- SUSE Bug 1209225
Описание
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-4-2.1
SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-4-2.1
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-4-150100.2.1
SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-5-150200.2.1
Ссылки
- CVE-2022-42703
- SUSE Bug 1204168
- SUSE Bug 1204170
- SUSE Bug 1206463
- SUSE Bug 1208044
- SUSE Bug 1209225