Linux Kernel Multiple Vulnerabilities

Impact

• Denial of Service
• Elevation of Privilege
• Information Disclosure
• Data Manipulation

System / Technologies affected

• Debian Stable Distribution (bullseye) prior to 5.10.127-2
• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise High Availability 15-SP3
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Micro 5.2
• SUSE Linux Enterprise Module for Basesystem 15-SP3
• SUSE Linux Enterprise Module for Development Tools 15-SP3
• SUSE Linux Enterprise Module for Legacy Software 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Storage 7.1
• SUSE Linux Enterprise Workstation Extension 15-SP3
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.2
• openSUSE Leap 15.3
• openSUSE Leap 15.4

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

• https://www.suse.com/support/update/announcement/2022/suse-su-20222549-1
• https://lists.debian.org/debian-security-announce/2022/msg00160.html

Vulnerability Identifier

• CVE-2021-4157
• CVE-2021-26341
• CVE-2021-33655
• CVE-2022-1012
• CVE-2022-1679
• CVE-2022-2318
• CVE-2022-20132
• CVE-2022-20141
• CVE-2022-20154
• CVE-2022-26365
• CVE-2022-29900
• CVE-2022-29901
• CVE-2022-33740
• CVE-2022-33741
• CVE-2022-33742
• CVE-2022-33743
• CVE-2022-33744
• CVE-2022-33981
• CVE-2022-34918

Source

• AusCERT
• SUSE
• Debian

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.3675
• https://www.auscert.org.au/bulletins/ESB-2022.3659
• https://www.suse.com/support/update/announcement/2022/suse-su-20222549-1
• https://lists.debian.org/debian-security-announce/2022/msg00160.html