Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:2875-2 Final 1 1 2022-08-23T11:19:52Z current 2022-08-23T11:19:52Z 2022-08-23T11:19:52Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method (bnc#1196616). - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free (bnc#1201429). - CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could lead to a NULL pointer dereference and general protection fault (bnc#1200910). - CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635). - CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT (bnc#1201636). - CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647). - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829). - CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251). - CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds write in reserve_sfa_size() (bsc#1202154). - CVE-2022-20166: Fixed possible out of bounds write due to sprintf unsafety that could cause local escalation of privilege (bnc#1200598) - CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy (bsc#1201458). - CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762). - CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665). - CVE-2022-32250: Fixed user-after-free in net/netfilter/nf_tables_api.c that could allow local privilege escalation (bnc#1200015). - CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940). The following non-security bugs were fixed: - ACPI: APEI: Better fix to avoid spamming the console with old error logs (git-fixes). - ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes). - ACPI: video: Shortening quirk list by identifying Clevo by board_name only (git-fixes). - ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes). - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model (git-fixes). - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes). - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 (git-fixes). - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes). - ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array (git-fixes). - ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() (git-fixes). - ASoC: Remove unused hw_write_t type (git-fixes). - ASoC: cs47l15: Fix event generation for low power mux control (git-fixes). - ASoC: madera: Fix event generation for OUT1 demux (git-fixes). - ASoC: madera: Fix event generation for rate controls (git-fixes). - ASoC: ops: Fix off by one in range control validation (git-fixes). - ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes). - ASoC: wm5110: Fix DRE control (git-fixes). - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (git-fixes). - Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (git-fixes). - FDDI: defxx: Make MMIO the configuration default except for EISA (git-fixes). - Fixed a system crash related to the recent RETBLEED mitigation (bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676). - Fixed battery detection problem on macbooks (bnc#1201206). - HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes). - KVM/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930). - KVM: VMX: Add non-canonical check on writes to RTIT address MSRs (git-fixes). - KVM: VMX: Do not freeze guest when event delivery causes an APIC-access exit (git-fixes). - KVM: apic: avoid calculating pending eoi from an uninitialized val (git-fixes). - KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442) - KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes) - KVM: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930). - KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (git-fixes). - KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 (git-fixes). - KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh() (git-fixes). - KVM: x86: Do not let userspace set host-reserved cr4 bits (git-fixes). - KVM: x86: Fix split-irqchip vs interrupt injection window request (git-fixes). - KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (git-fixes). - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (git-fixes). - KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint (git-fixes). - NFC: nxp-nci: do not print header length mismatch on i2c error (git-fixes). - PCI/portdrv: Do not disable AER reporting in get_port_device_capability() (git-fixes). - PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes). - PCI: dwc: Always enable CDM check if 'snps,enable-cdm-check' exists (git-fixes). - PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes). - PCI: dwc: Disable outbound windows only for controllers using iATU (git-fixes). - PCI: dwc: Stop link on host_init errors and de-initialization (git-fixes). - PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes). - PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes). - PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() (git-fixes). - PCI: tegra194: Fix Root Port interrupt handling (git-fixes). - PCI: tegra194: Fix link up retry sequence (git-fixes). - PM: runtime: Remove link state checks in rpm_get/put_supplier() (git-fixes). - Sort in RETbleed backport into the sorted section Now that it is upstream.. - USB: Follow-up to SPDX identifiers addition - remove now useless comments (git-fixes). - USB: serial: fix tty-port initialized comments (git-fixes). - USB: serial: ftdi_sio: add Belimo device ids (git-fixes). - amd-xgbe: Update DMA coherency values (git-fixes). - arm64 module: set plt* section addresses to 0x0 (git-fixes) - arm64: Extend workaround for erratum 1024718 to all versions of (git-fixes) - arm64: asm: Add new-style position independent function annotations (git-fixes) - arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return (git-fixes) - arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (git-fixes) - arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes) - arm64: dts: marvell: espressobin: add ethernet alias (git-fixes) - arm64: dts: mcbin: support 2W SFP modules (git-fixes) - arm64: fix compat syscall return truncation (git-fixes) - arm64: fix inline asm in load_unaligned_zeropad() (git-fixes) - arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA (git-fixes) - arm64: module: remove (NOLOAD) from linker script (git-fixes) - arm64: module: rework special section handling (git-fixes) - arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes) - arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes) - arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes) - arm64: stackleak: fix current_top_of_stack() (git-fixes) - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes) - arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes) - ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes). - ath10k: do not enforce interrupt trigger type (git-fixes). - ax88179_178a: add ethtool_op_get_ts_info() (git-fixes). - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (git-fixes). - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (git-fixes). - block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes). - block: Fix fsync always failed if once failed (git-fixes). - block: Fix wrong offset in bio_truncate() (git-fixes). - block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes). - block: do not delete queue kobject before its children (git-fixes). - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit (git-fixes). - bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature (bsc#1199364). - bpf: Add config to allow loading modules with BTF mismatches (jsc#SLE-24559). - bpf: Add in-kernel split BTF support (jsc#SLE-24559). - bpf: Assign ID to vmlinux BTF and return extra info for BTF in GET_OBJ_INFO (jsc#SLE-24559). - bpf: Keep module's btf_data_size intact after load (jsc#SLE-24559). - bpf: Load and verify kernel module BTFs (jsc#SLE-24559). - bpf: Provide function to get vmlinux BTF information (jsc#SLE-24559). - bpf: Sanitize BTF data pointer after module is loaded (jsc#SLE-24559). - bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() (git-fixes). - can: Break loopback loop on loopback documentation (git-fixes). - can: error: specify the values of data[5..7] of CAN error frames (git-fixes). - can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes). - can: hi311x: do not report txerr and rxerr during bus-off (git-fixes). - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off (git-fixes). - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off (git-fixes). - can: pch_can: do not report txerr and rxerr during bus-off (git-fixes). - can: pch_can: pch_can_error(): initialize errc before using it (git-fixes). - can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes). - can: sja1000: do not report txerr and rxerr during bus-off (git-fixes). - can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes). - can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes). - clk: qcom: camcc-sdm845: Fix topology around titan_top power domain (git-fixes). - clk: qcom: clk-krait: unlock spin after mux completion (git-fixes). - clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes). - clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes). - clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes). - clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks (git-fixes). - clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes). - config: enable DEBUG_INFO_BTF This option allows users to access the btf type information for vmlinux but not kernel modules. - cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes) - crypto: qat - disable registration of algorithms (git-fixes). - crypto: qat - fix memory leak in RSA (git-fixes). - crypto: qat - remove dma_free_coherent() for DH (git-fixes). - crypto: qat - remove dma_free_coherent() for RSA (git-fixes). - crypto: qat - set to zero DH parameters before free (git-fixes). - cxgb4: Fix the -Wmisleading-indentation warning (git-fixes). - dm btree remove: assign new_root only when removal succeeds (git-fixes). - dm btree remove: fix use after free in rebalance_children() (git-fixes). - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (git-fixes). - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (git-fixes). - dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes). - dm crypt: make printing of the key constant-time (git-fixes). - dm integrity: conditionally disable 'recalculate' feature (git-fixes). - dm integrity: fix a crash if 'recalculate' used without 'internal_hash' (git-fixes). - dm integrity: fix error code in dm_integrity_ctr() (git-fixes). - dm integrity: fix memory corruption when tag_size is less than digest size (git-fixes). - dm integrity: fix the maximum number of arguments (git-fixes). - dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes). - dm persistent data: packed struct should have an aligned() attribute too (git-fixes). - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences (git-fixes). - dm snapshot: fix crash with transient storage and zero chunk size (git-fixes). - dm snapshot: flush merged data before committing metadata (git-fixes). - dm snapshot: properly fix a crash when an origin has no snapshots (git-fixes). - dm space map common: fix division bug in sm_ll_find_free_block() (git-fixes). - dm stats: add cond_resched when looping over entries (git-fixes). - dm verity: fix FEC for RS roots unaligned to block size (git-fixes). - dm: fix mempool NULL pointer race when completing IO (git-fixes). - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (git-fixes). - dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes). - dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes). - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (git-fixes). - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (git-fixes). - do not call utsname() after ->nsproxy is NULL (bsc#1201196). - drbd: fix potential silent data corruption (git-fixes). - driver core: fix potential deadlock in __driver_attach (git-fixes). - drivers/net: Fix kABI in tun.c (git-fixes). - drivers: net: fix memory leak in atusb_probe (git-fixes). - drivers: net: fix memory leak in peak_usb_create_dev (git-fixes). - drm/amd/display: Enable building new display engine with KCOV enabled (git-fixes). - drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes). - drm/doc: Fix comment typo (git-fixes). - drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed (git-fixes). - drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes). - drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes). - drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() (git-fixes). - drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes). - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (git-fixes). - drm/mediatek: dpi: Only enable dpi after the bridge is enabled (git-fixes). - drm/mediatek: dpi: Remove output format of YUV (git-fixes). - drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes). - drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform (git-fixes). - drm/msm/mdp5: Fix global state lock backoff (git-fixes). - drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes). - drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes). - drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error (git-fixes). - drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes). - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (git-fixes). - drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes). - drm/rockchip: vop: Do not crash for invalid duplicate_state() (git-fixes). - drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes). - drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration (git-fixes). - drm/vc4: dsi: Correct DSI divider calculations (git-fixes). - drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes). - drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes (git-fixes). - drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes). - drm/vc4: plane: Fix margin calculations for the right/bottom edges (git-fixes). - drm/vc4: plane: Remove subpixel positioning check (git-fixes). - drm: adv7511: override i2c address of cec before accessing it (git-fixes). - drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes). - drm: bridge: sii8620: fix possible off-by-one (git-fixes). - fbcon: Disallow setting font bigger than screen size (git-fixes). - fbcon: Prevent that screen size is smaller than font size (git-fixes). - fbdev: fbmem: Fix logo center image dx issue (git-fixes). - fbmem: Check virtual screen sizes in fb_set_var() (git-fixes). - fpga: altera-pr-ip: fix unsigned comparison with less than zero (git-fixes). - ftgmac100: Restart MAC HW once (git-fixes). - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (git-fixes). - gpio: pca953x: only use single read/write for No AI mode (git-fixes). - gpio: pca953x: use the correct range when do regmap sync (git-fixes). - gpio: pca953x: use the correct register address when regcache sync during init (git-fixes). - hex2bin: make the function hex_to_bin constant-time (git-fixes). - hv_netvsc: Add (more) validation for untrusted Hyper-V values (bsc#1199364). - hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364). - hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364). - hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer (bsc#1199364). - hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364). - i2c: Fix a potential use after free (git-fixes). - i2c: cadence: Change large transfer count reset logic to be unconditional (git-fixes). - i2c: cadence: Support PEC for SMBus block read (git-fixes). - i2c: cadence: Unregister the clk notifier in error path (git-fixes). - i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes). - ida: do not use BUG_ON() for debugging (git-fixes). - igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes). - iio: accel: bma220: Fix alignment for DMA safety (git-fixes). - iio: accel: sca3000: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7266: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7298: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7476: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7766: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes). - iio: adc: ad7887: Fix alignment for DMA safety (git-fixes). - iio: adc: hi8435: Fix alignment for DMA safety (git-fixes). - iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes). - iio: adc: max1027: Fix alignment for DMA safety (git-fixes). - iio: adc: max11100: Fix alignment for DMA safety (git-fixes). - iio: adc: max1118: Fix alignment for DMA safety (git-fixes). - iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes). - iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes). - iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes). - iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large (git-fixes). - iio: dac: ad5064: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5360: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5421: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5449: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5504: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5755: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5761: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5764: Fix alignment for DMA safety (git-fixes). - iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes). - iio: dac: ad7303: Fix alignment for DMA safety (git-fixes). - iio: dac: ad8801: Fix alignment for DMA safety (git-fixes). - iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes). - iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes). - iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes). - iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes). - iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes). - iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes). - iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes). - iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes). - iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes). - iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes). - iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes). - iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes). - iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes). - iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes). - iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes). - iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes). - iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes). - iio: proximity: as3935: Fix alignment for DMA safety (git-fixes). - iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes). - iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes). - ima: Fix a potential integer overflow in ima_appraise_measurement (git-fixes). - ima: Fix potential memory leak in ima_init_crypto() (git-fixes). - intel_th: Fix a resource leak in an error handling path (git-fixes). - intel_th: msu-sink: Potential dereference of null pointer (git-fixes). - intel_th: msu: Fix vmalloced buffers (git-fixes). - kABI workaround for rtsx_usb (git-fixes). - kabi: create module private struct to hold btf size/data (jsc#SLE-24559). - kbuild: Build kernel module BTFs if BTF is enabled and pahole supports it (jsc#SLE-24559). - kbuild: Skip module BTF generation for out-of-tree external modules (jsc#SLE-24559). - kbuild: add marker for build log of *.mod.o (jsc#SLE-24559). - kbuild: drop $(wildcard $^) check in if_changed* for faster rebuild (jsc#SLE-24559). - kbuild: rebuild modules when module linker scripts are updated (jsc#SLE-24559). - kbuild: rename any-prereq to newer-prereqs (jsc#SLE-24559). - kbuild: split final module linking out into Makefile.modfinal (jsc#SLE-24559). - lib/string.c: implement stpcpy (git-fixes). - linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (git-fixes). - linux/random.h: Remove arch_has_random, arch_has_random_seed (git-fixes). - linux/random.h: Use false with bool (git-fixes). - lkdtm: Disable return thunks in rodata.c (bsc#1178134). - macvlan: remove redundant null check on data (git-fixes). - md/bitmap: wait for external bitmap writes to complete during tear down (git-fixes). - md/raid0: Ignore RAID0 layout if the second zone has only one device (git-fixes). - md: Set prev_flush_start and flush_bio in an atomic way (git-fixes). - md: bcache: check the return value of kzalloc() in detached_dev_do_request() (git-fixes). - media: hdpvr: fix error value returns in hdpvr_read (git-fixes). - media: rc: increase rc-mm tolerance and add debug message (git-fixes). - media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle (git-fixes). - media: rtl28xxu: add missing sleep before probing slave demod (git-fixes). - media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes). - media: smipcie: fix interrupt handling and IR timeout (git-fixes). - media: tw686x: Register the irq at the end of probe (git-fixes). - media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device() (git-fixes). - media: v4l2-mem2mem: always consider OUTPUT queue during poll (git-fixes). - media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes). - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() (git-fixes). - memregion: Fix memregion_free() fallback definition (git-fixes). - memstick/ms_block: Fix a memory leak (git-fixes). - memstick/ms_block: Fix some incorrect memory allocation (git-fixes). - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes). - misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes). - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (git-fixes). - misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes). - misc: rtsx_usb: use separate command and response buffers (git-fixes). - mm/slub: add missing TID updates on slab deactivation (git-fixes). - mm: fix page reference leak in soft_offline_page() (git fixes (mm/memory-failure)). - mmc: cavium-octeon: Add of_node_put() when breaking out of loop (git-fixes). - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop (git-fixes). - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes). - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (git-fixes). - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle (git-fixes). - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg (git-fixes). - net, xdp: Introduce __xdp_build_skb_from_frame utility routine (bsc#1199364). - net, xdp: Introduce xdp_build_skb_from_frame utility routine (bsc#1199364). - net/mlx5e: When changing XDP program without reset, take refs for XSK RQs (git-fixes). - net/sonic: Fix some resource leaks in error handling paths (git-fixes). - net: ag71xx: remove unnecessary MTU reservation (git-fixes). - net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning (git-fixes). - net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP (git-fixes). - net: amd-xgbe: Reset link when the link never comes back (git-fixes). - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (git-fixes). - net: axienet: Handle deferred probe on clock properly (git-fixes). - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (git-fixes). - net: dsa: bcm_sf2: put device node before return (git-fixes). - net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (git-fixes). - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock (git-fixes). - net: enetc: fix incorrect TPID when receiving 802.1ad tagged packets (git-fixes). - net: enetc: keep RX ring consumer index in sync with hardware (git-fixes). - net: evaluate net.ipv4.conf.all.proxy_arp_pvlan (git-fixes). - net: evaluate net.ipvX.conf.all.ignore_routes_with_linkdown (git-fixes). - net: hns3: fix error mask definition of flow director (git-fixes). - net: hso: bail out on interrupt URB allocation failure (git-fixes). - net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes). - net: ll_temac: Fix potential NULL dereference in temac_probe() (git-fixes). - net: ll_temac: Use devm_platform_ioremap_resource_byname() (git-fixes). - net: macb: add function to disable all macb clocks (git-fixes). - net: macb: restore cmp registers on resume path (git-fixes). - net: macb: unprepare clocks in case of failure (git-fixes). - net: mscc: Fix OF_MDIO config check (git-fixes). - net: mvneta: Remove per-cpu queue mapping for Armada 3700 (git-fixes). - net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes). - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (git-fixes). - net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes). - net: stmmac: fix CBS idleslope and sendslope calculation (git-fixes). - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (git-fixes). - net: stmmac: fix watchdog timeout during suspend/resume stress test (git-fixes). - net: stmmac: stop each tx channel independently (git-fixes). - net: tun: set tun->dev->addr_len during TUNSETLINK processing (git-fixes). - net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes). - net: usb: ax88179_178a: add MCT usb 3.0 adapter (git-fixes). - net: usb: ax88179_178a: add Toshiba usb 3.0 adapter (git-fixes). - net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes). - net: usb: ax88179_178a: write mac to hardware in get_mac_addr (git-fixes). - net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes). - net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes). - net: usb: use eth_hw_addr_set() (git-fixes). - nvme: consider also host_iface when checking ip options (bsc#1199670). - octeontx2-af: fix memory leak of lmac and lmac->name (git-fixes). - pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes). - pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes). - platform/olpc: Fix uninitialized data in debugfs write (git-fixes). - platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes). - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe (git-fixes). - powerpc/mobility: wait for memory transfer to complete (bsc#1201846 ltc#198761). - powerpc/pseries/mobility: set NMI watchdog factor during an LPM (bsc#1201846 ltc#198761). - powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846 ltc#198761). - profiling: fix shift-out-of-bounds bugs (git fixes). - qla2xxx: drop patch which prevented nvme port discovery (bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958). - r8169: fix accessing unset transport header (git-fixes). - random: document add_hwgenerator_randomness() with other input functions (git-fixes). - random: fix typo in comments (git-fixes). - random: remove useless header comment (git fixes). - raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes). - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (git-fixes). - rpm/kernel-binary.spec.in: Require dwarves >= 1.22 on SLE15-SP3 or newer Dwarves 1.22 or newer is required to build kernels with BTF information embedded in modules. - sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes) - sched/fair: Revise comment about lb decision matrix (git fixes (sched/fair)). - sched/membarrier: fix missing local execution of ipi_sync_rq_state() (git fixes (sched/membarrier)). - scripts: dummy-tools, add pahole (jsc#SLE-24559). - scsi: core: Fix error handling of scsi_host_alloc() (git-fixes). - scsi: core: Fix failure handling of scsi_add_host_with_dma() (git-fixes). - scsi: core: Only put parent device if host state differs from SHOST_CREATED (git-fixes). - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (git-fixes). - scsi: core: Put LLD module refcnt after SCSI device is released (git-fixes). - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (git-fixes). - scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956). - scsi: lpfc: Fix attempted FA-PWWN usage after feature disable (bsc#1201956). - scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test (bsc#1201956 bsc#1200521). - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE (bsc#1201956). - scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb() (bsc#1201956). - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input (bsc#1201956). - scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into lpfc_sli_prep_abort_xri() (bsc#1201956). - scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956). - scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID (bsc#1201956). - scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration (bsc#1201956). - scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb (bsc#1201956). - scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956). - scsi: qla2xxx: Check correct variable in qla24xx_async_gffid() (bsc#1201958). - scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958). - scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958). - scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958). - scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1201958). - scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958). - scsi: qla2xxx: Update manufacturer details (bsc#1201958). - scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958). - scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958). - scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958). - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes). - scsi: sd: Fix potential NULL pointer dereference (git-fixes). - scsi: ufs: Release clock if DMA map fails (git-fixes). - scsi: ufs: handle cleanup correctly on devm_reset_control_get error (git-fixes). - serial: 8250: fix return error code in serial8250_request_std_resource() (git-fixes). - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes). - serial: stm32: Clear prev values before setting RTS delays (git-fixes). - soc: fsl: guts: machine variable might be unset (git-fixes). - soc: ixp4xx/npe: Fix unused match warning (git-fixes). - soundwire: bus_type: fix remove and shutdown support (git-fixes). - spi: <linux/spi/spi.h>: add missing struct kernel-doc entry (git-fixes). - spi: amd: Limit max transfer and message size (git-fixes). - staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback (git-fixes). - sysctl: Fix data races in proc_dointvec() (git-fixes). - sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes). - sysctl: Fix data races in proc_dointvec_minmax() (git-fixes). - sysctl: Fix data races in proc_douintvec() (git-fixes). - sysctl: Fix data races in proc_douintvec_minmax() (git-fixes). - sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes). - thermal/tools/tmon: Include pthread and time headers in tmon.h (git-fixes). - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (git fixes (kernel/time)). - usb: dwc3: add cancelled reasons for dwc3 requests (git-fixes). - usb: dwc3: gadget: Fix event pending check (git-fixes). - usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes). - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes). - usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes). - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes). - usb: typec: add missing uevent when partner support PD (git-fixes). - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion (git-fixes). - usb: xhci: tegra: Fix error check (git-fixes). - usbnet: fix memory leak in error case (git-fixes). - video: of_display_timing.h: include errno.h (git-fixes). - virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes). - virtio-net: fix the race between refill work and close (git-fixes). - virtio_mmio: Add missing PM calls to freeze/restore (git-fixes). - virtio_mmio: Restore guest page size on resume (git-fixes). - watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761). - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes). - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (git-fixes). - wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes). - wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes). - wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes). - wifi: p54: add missing parentheses in p54_flush() (git-fixes). - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() (git-fixes). - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() (git-fixes). - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` (git-fixes). - x86/bugs: Remove apostrophe typo (bsc#1178134). - x86/kvmclock: Move this_cpu_pvti into kvmclock.h (git-fixes). - x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134). - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381). - xen: detect uninitialized xenbus in xenbus_init (git-fixes). - xen: do not continue xenstore initialization in case of errors (git-fixes). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro-rancher/5.2:latest-2022-2875,Image SLES15-SP3-BYOS-Azure-2022-2875,Image SLES15-SP3-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-BYOS-GCE-2022-2875,Image SLES15-SP3-CHOST-BYOS-Aliyun-2022-2875,Image SLES15-SP3-CHOST-BYOS-Azure-2022-2875,Image SLES15-SP3-CHOST-BYOS-EC2-2022-2875,Image SLES15-SP3-CHOST-BYOS-GCE-2022-2875,Image SLES15-SP3-CHOST-BYOS-SAP-CCloud-2022-2875,Image SLES15-SP3-HPC-BYOS-Azure-2022-2875,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-HPC-BYOS-GCE-2022-2875,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure-2022-2875,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE-2022-2875,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2022-2875,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2022-2875,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2022-2875,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2022-2875,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2022-2875,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2022-2875,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2022-2875,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2022-2875,Image SLES15-SP3-SAP-BYOS-Azure-2022-2875,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2022-2875,Image SLES15-SP3-SAP-BYOS-GCE-2022-2875,Image SLES15-SP3-SAPCAL-Azure-2022-2875,Image SLES15-SP3-SAPCAL-EC2-HVM-2022-2875,Image SLES15-SP3-SAPCAL-GCE-2022-2875,SUSE-2022-2875,openSUSE-Leap-Micro-5.2-2022-2875 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ Link for SUSE-SU-2022:2875-2 https://lists.suse.com/pipermail/sle-security-updates/2022-September/012052.html E-Mail link for SUSE-SU-2022:2875-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1178134 SUSE Bug 1178134 https://bugzilla.suse.com/1196616 SUSE Bug 1196616 https://bugzilla.suse.com/1198829 SUSE Bug 1198829 https://bugzilla.suse.com/1199364 SUSE Bug 1199364 https://bugzilla.suse.com/1199647 SUSE Bug 1199647 https://bugzilla.suse.com/1199665 SUSE Bug 1199665 https://bugzilla.suse.com/1199670 SUSE Bug 1199670 https://bugzilla.suse.com/1200015 SUSE Bug 1200015 https://bugzilla.suse.com/1200521 SUSE Bug 1200521 https://bugzilla.suse.com/1200598 SUSE Bug 1200598 https://bugzilla.suse.com/1200644 SUSE Bug 1200644 https://bugzilla.suse.com/1200651 SUSE Bug 1200651 https://bugzilla.suse.com/1200762 SUSE Bug 1200762 https://bugzilla.suse.com/1200910 SUSE Bug 1200910 https://bugzilla.suse.com/1201196 SUSE Bug 1201196 https://bugzilla.suse.com/1201206 SUSE Bug 1201206 https://bugzilla.suse.com/1201251 SUSE Bug 1201251 https://bugzilla.suse.com/1201381 SUSE Bug 1201381 https://bugzilla.suse.com/1201429 SUSE Bug 1201429 https://bugzilla.suse.com/1201442 SUSE Bug 1201442 https://bugzilla.suse.com/1201458 SUSE Bug 1201458 https://bugzilla.suse.com/1201635 SUSE Bug 1201635 https://bugzilla.suse.com/1201636 SUSE Bug 1201636 https://bugzilla.suse.com/1201644 SUSE Bug 1201644 https://bugzilla.suse.com/1201645 SUSE Bug 1201645 https://bugzilla.suse.com/1201664 SUSE Bug 1201664 https://bugzilla.suse.com/1201672 SUSE Bug 1201672 https://bugzilla.suse.com/1201673 SUSE Bug 1201673 https://bugzilla.suse.com/1201676 SUSE Bug 1201676 https://bugzilla.suse.com/1201846 SUSE Bug 1201846 https://bugzilla.suse.com/1201930 SUSE Bug 1201930 https://bugzilla.suse.com/1201940 SUSE Bug 1201940 https://bugzilla.suse.com/1201954 SUSE Bug 1201954 https://bugzilla.suse.com/1201956 SUSE Bug 1201956 https://bugzilla.suse.com/1201958 SUSE Bug 1201958 https://bugzilla.suse.com/1202154 SUSE Bug 1202154 https://www.suse.com/security/cve/CVE-2020-36516/ SUSE CVE CVE-2020-36516 page https://www.suse.com/security/cve/CVE-2020-36557/ SUSE CVE CVE-2020-36557 page https://www.suse.com/security/cve/CVE-2020-36558/ SUSE CVE CVE-2020-36558 page https://www.suse.com/security/cve/CVE-2021-33655/ SUSE CVE CVE-2021-33655 page https://www.suse.com/security/cve/CVE-2021-33656/ SUSE CVE CVE-2021-33656 page https://www.suse.com/security/cve/CVE-2022-1116/ SUSE CVE CVE-2022-1116 page https://www.suse.com/security/cve/CVE-2022-1462/ SUSE CVE CVE-2022-1462 page https://www.suse.com/security/cve/CVE-2022-20166/ SUSE CVE CVE-2022-20166 page https://www.suse.com/security/cve/CVE-2022-21505/ SUSE CVE CVE-2022-21505 page https://www.suse.com/security/cve/CVE-2022-2318/ SUSE CVE CVE-2022-2318 page https://www.suse.com/security/cve/CVE-2022-26365/ SUSE CVE CVE-2022-26365 page https://www.suse.com/security/cve/CVE-2022-2639/ SUSE CVE CVE-2022-2639 page https://www.suse.com/security/cve/CVE-2022-29581/ SUSE CVE CVE-2022-29581 page https://www.suse.com/security/cve/CVE-2022-32250/ SUSE CVE CVE-2022-32250 page https://www.suse.com/security/cve/CVE-2022-33740/ SUSE CVE CVE-2022-33740 page https://www.suse.com/security/cve/CVE-2022-33741/ SUSE CVE CVE-2022-33741 page https://www.suse.com/security/cve/CVE-2022-33742/ SUSE CVE CVE-2022-33742 page https://www.suse.com/security/cve/CVE-2022-36946/ SUSE CVE CVE-2022-36946 page Container suse/sle-micro-rancher/5.2:latest Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-SAP-CCloud Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE openSUSE Leap Micro 5.2 kernel-default-5.3.18-150300.59.90.1 cluster-md-kmp-default-5.3.18-150300.59.90.1 dlm-kmp-default-5.3.18-150300.59.90.1 gfs2-kmp-default-5.3.18-150300.59.90.1 ocfs2-kmp-default-5.3.18-150300.59.90.1 cluster-md-kmp-64kb-5.3.18-150300.59.90.1 cluster-md-kmp-preempt-5.3.18-150300.59.90.1 dlm-kmp-64kb-5.3.18-150300.59.90.1 dlm-kmp-preempt-5.3.18-150300.59.90.1 dtb-al-5.3.18-150300.59.90.1 dtb-allwinner-5.3.18-150300.59.90.1 dtb-altera-5.3.18-150300.59.90.1 dtb-amd-5.3.18-150300.59.90.1 dtb-amlogic-5.3.18-150300.59.90.1 dtb-apm-5.3.18-150300.59.90.1 dtb-arm-5.3.18-150300.59.90.1 dtb-broadcom-5.3.18-150300.59.90.1 dtb-cavium-5.3.18-150300.59.90.1 dtb-exynos-5.3.18-150300.59.90.1 dtb-freescale-5.3.18-150300.59.90.1 dtb-hisilicon-5.3.18-150300.59.90.1 dtb-lg-5.3.18-150300.59.90.1 dtb-marvell-5.3.18-150300.59.90.1 dtb-mediatek-5.3.18-150300.59.90.1 dtb-nvidia-5.3.18-150300.59.90.1 dtb-qcom-5.3.18-150300.59.90.1 dtb-renesas-5.3.18-150300.59.90.1 dtb-rockchip-5.3.18-150300.59.90.1 dtb-socionext-5.3.18-150300.59.90.1 dtb-sprd-5.3.18-150300.59.90.1 dtb-xilinx-5.3.18-150300.59.90.1 dtb-zte-5.3.18-150300.59.90.1 gfs2-kmp-64kb-5.3.18-150300.59.90.1 gfs2-kmp-preempt-5.3.18-150300.59.90.1 kernel-64kb-5.3.18-150300.59.90.1 kernel-64kb-devel-5.3.18-150300.59.90.1 kernel-64kb-extra-5.3.18-150300.59.90.1 kernel-64kb-livepatch-devel-5.3.18-150300.59.90.1 kernel-64kb-optional-5.3.18-150300.59.90.1 kernel-debug-5.3.18-150300.59.90.1 kernel-debug-devel-5.3.18-150300.59.90.1 kernel-debug-livepatch-devel-5.3.18-150300.59.90.1 kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 kernel-default-base-rebuild-5.3.18-150300.59.90.1.150300.18.52.1 kernel-default-devel-5.3.18-150300.59.90.1 kernel-default-extra-5.3.18-150300.59.90.1 kernel-default-livepatch-5.3.18-150300.59.90.1 kernel-default-livepatch-devel-5.3.18-150300.59.90.1 kernel-default-optional-5.3.18-150300.59.90.1 kernel-devel-5.3.18-150300.59.90.1 kernel-docs-5.3.18-150300.59.90.1 kernel-docs-html-5.3.18-150300.59.90.1 kernel-kvmsmall-5.3.18-150300.59.90.1 kernel-kvmsmall-devel-5.3.18-150300.59.90.1 kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.90.1 kernel-livepatch-5_3_18-150300_59_90-default-1-150300.7.3.1 kernel-livepatch-5_3_18-150300_59_90-preempt-1-150300.7.3.1 kernel-macros-5.3.18-150300.59.90.1 kernel-obs-build-5.3.18-150300.59.90.1 kernel-obs-qa-5.3.18-150300.59.90.1 kernel-preempt-5.3.18-150300.59.90.1 kernel-preempt-devel-5.3.18-150300.59.90.1 kernel-preempt-extra-5.3.18-150300.59.90.1 kernel-preempt-livepatch-devel-5.3.18-150300.59.90.1 kernel-preempt-optional-5.3.18-150300.59.90.1 kernel-source-5.3.18-150300.59.90.1 kernel-source-vanilla-5.3.18-150300.59.90.1 kernel-syms-5.3.18-150300.59.90.1 kernel-zfcpdump-5.3.18-150300.59.90.1 kselftests-kmp-64kb-5.3.18-150300.59.90.1 kselftests-kmp-default-5.3.18-150300.59.90.1 kselftests-kmp-preempt-5.3.18-150300.59.90.1 ocfs2-kmp-64kb-5.3.18-150300.59.90.1 ocfs2-kmp-preempt-5.3.18-150300.59.90.1 reiserfs-kmp-64kb-5.3.18-150300.59.90.1 reiserfs-kmp-default-5.3.18-150300.59.90.1 reiserfs-kmp-preempt-5.3.18-150300.59.90.1 kernel-default-5.3.18-150300.59.90.1 as a component of Container suse/sle-micro-rancher/5.2:latest kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-CHOST-BYOS-SAP-CCloud kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE cluster-md-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production dlm-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production gfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production ocfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production cluster-md-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production dlm-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production gfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production ocfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production cluster-md-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure dlm-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure gfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure ocfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure cluster-md-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM dlm-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM gfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM ocfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM cluster-md-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE dlm-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE gfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE ocfs2-kmp-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAPCAL-Azure kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM kernel-default-5.3.18-150300.59.90.1 as a component of Image SLES15-SP3-SAPCAL-GCE kernel-default-5.3.18-150300.59.90.1 as a component of openSUSE Leap Micro 5.2 kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 as a component of openSUSE Leap Micro 5.2 An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. CVE-2020-36516 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2020-36516.html CVE-2020-36516 https://bugzilla.suse.com/1196616 SUSE Bug 1196616 https://bugzilla.suse.com/1196867 SUSE Bug 1196867 https://bugzilla.suse.com/1204092 SUSE Bug 1204092 https://bugzilla.suse.com/1204183 SUSE Bug 1204183 A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. CVE-2020-36557 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2020-36557.html CVE-2020-36557 https://bugzilla.suse.com/1201429 SUSE Bug 1201429 https://bugzilla.suse.com/1201742 SUSE Bug 1201742 https://bugzilla.suse.com/1202874 SUSE Bug 1202874 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. CVE-2020-36558 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2020-36558.html CVE-2020-36558 https://bugzilla.suse.com/1200910 SUSE Bug 1200910 https://bugzilla.suse.com/1201752 SUSE Bug 1201752 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. CVE-2021-33655 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2021-33655.html CVE-2021-33655 https://bugzilla.suse.com/1201635 SUSE Bug 1201635 https://bugzilla.suse.com/1202087 SUSE Bug 1202087 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 https://bugzilla.suse.com/1212291 SUSE Bug 1212291 When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. CVE-2021-33656 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2021-33656.html CVE-2021-33656 https://bugzilla.suse.com/1201636 SUSE Bug 1201636 https://bugzilla.suse.com/1212286 SUSE Bug 1212286 Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. CVE-2022-1116 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-1116.html CVE-2022-1116 https://bugzilla.suse.com/1199647 SUSE Bug 1199647 https://bugzilla.suse.com/1199648 SUSE Bug 1199648 https://bugzilla.suse.com/1209225 SUSE Bug 1209225 An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. CVE-2022-1462 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-1462.html CVE-2022-1462 https://bugzilla.suse.com/1198829 SUSE Bug 1198829 In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel CVE-2022-20166 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-20166.html CVE-2022-20166 https://bugzilla.suse.com/1200598 SUSE Bug 1200598 https://bugzilla.suse.com/1212284 SUSE Bug 1212284 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2022-21505 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-21505.html CVE-2022-21505 https://bugzilla.suse.com/1201458 SUSE Bug 1201458 There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. CVE-2022-2318 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-2318.html CVE-2022-2318 https://bugzilla.suse.com/1201251 SUSE Bug 1201251 https://bugzilla.suse.com/1212303 SUSE Bug 1212303 Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). CVE-2022-26365 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-26365.html CVE-2022-26365 https://bugzilla.suse.com/1200762 SUSE Bug 1200762 An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2022-2639 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-2639.html CVE-2022-2639 https://bugzilla.suse.com/1202154 SUSE Bug 1202154 Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. CVE-2022-29581 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-29581.html CVE-2022-29581 https://bugzilla.suse.com/1199665 SUSE Bug 1199665 https://bugzilla.suse.com/1199695 SUSE Bug 1199695 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. CVE-2022-32250 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-32250.html CVE-2022-32250 https://bugzilla.suse.com/1200015 SUSE Bug 1200015 https://bugzilla.suse.com/1200268 SUSE Bug 1200268 https://bugzilla.suse.com/1200494 SUSE Bug 1200494 https://bugzilla.suse.com/1202992 SUSE Bug 1202992 https://bugzilla.suse.com/1202993 SUSE Bug 1202993 https://bugzilla.suse.com/1203002 SUSE Bug 1203002 Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). CVE-2022-33740 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-33740.html CVE-2022-33740 https://bugzilla.suse.com/1200762 SUSE Bug 1200762 Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). CVE-2022-33741 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-33741.html CVE-2022-33741 https://bugzilla.suse.com/1200762 SUSE Bug 1200762 Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). CVE-2022-33742 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-33742.html CVE-2022-33742 https://bugzilla.suse.com/1200762 SUSE Bug 1200762 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. CVE-2022-36946 Container suse/sle-micro-rancher/5.2:latest:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-EC2:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-HPC-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-Azure:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:cluster-md-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:dlm-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:gfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAP-BYOS-GCE:ocfs2-kmp-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-Azure:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-EC2-HVM:kernel-default-5.3.18-150300.59.90.1 Image SLES15-SP3-SAPCAL-GCE:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-5.3.18-150300.59.90.1 openSUSE Leap Micro 5.2:kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20222875-2/ https://www.suse.com/security/cve/CVE-2022-36946.html CVE-2022-36946 https://bugzilla.suse.com/1201940 SUSE Bug 1201940 https://bugzilla.suse.com/1201941 SUSE Bug 1201941 https://bugzilla.suse.com/1202312 SUSE Bug 1202312 https://bugzilla.suse.com/1202874 SUSE Bug 1202874 https://bugzilla.suse.com/1203208 SUSE Bug 1203208 https://bugzilla.suse.com/1204132 SUSE Bug 1204132 https://bugzilla.suse.com/1205313 SUSE Bug 1205313 https://bugzilla.suse.com/1212310 SUSE Bug 1212310