Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL ______________________________________________________________________________
An update that solves 7 vulnerabilities and has four fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated.
The following security bugs were fixed:
- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731). - CVE-2016-10905: Fixed a use-after-free is gfs2_clear_rgrpd() and read_rindex_entry() (bsc#1146312).