-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.4063
                   Security update for the Linux Kernel
                              17 August 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Linux Kernel
Publisher:         SUSE
Operating System:  SUSE
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-36946 CVE-2022-33981 CVE-2022-33742
                   CVE-2022-33741 CVE-2022-33740 CVE-2022-29901
                   CVE-2022-29900 CVE-2022-26365 CVE-2022-21505
                   CVE-2022-20154 CVE-2022-20141 CVE-2022-20132
                   CVE-2022-2318 CVE-2022-1679 CVE-2022-1462
                   CVE-2022-1116 CVE-2021-33656 CVE-2021-33655
                   CVE-2021-26341 CVE-2021-4157 CVE-2020-36558
                   CVE-2020-36557  

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2022/suse-su-20222809-1

Comment: CVSS (Max):  7.8 CVE-2022-1116 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: SUSE
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2022:2809-1
Rating:            important
References:        #1114648 #1194013 #1195478 #1195775 #1196472 #1196901
                   #1197362 #1198829 #1199487 #1199489 #1199647 #1199648
                   #1199657 #1200263 #1200442 #1200571 #1200599 #1200604
                   #1200605 #1200608 #1200619 #1200692 #1200762 #1200905
                   #1200910 #1201050 #1201080 #1201251 #1201429 #1201458
                   #1201635 #1201636 #1201644 #1201664 #1201672 #1201673
                   #1201676 #1201742 #1201752 #1201930 #1201940
Cross-References:  CVE-2020-36557 CVE-2020-36558 CVE-2021-26341 CVE-2021-33655
                   CVE-2021-33656 CVE-2021-4157 CVE-2022-1116 CVE-2022-1462
                   CVE-2022-1679 CVE-2022-20132 CVE-2022-20141 CVE-2022-20154
                   CVE-2022-21505 CVE-2022-2318 CVE-2022-26365 CVE-2022-29900
                   CVE-2022-29901 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
                   CVE-2022-33981 CVE-2022-36946
Affected Products:
                   SUSE Enterprise Storage 7
                   SUSE Linux Enterprise High Availability 15-SP2
                   SUSE Linux Enterprise High Performance Computing 15-SP2
                   SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
                   SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
                   SUSE Linux Enterprise Module for Live Patching 15-SP2
                   SUSE Linux Enterprise Server 15-SP2
                   SUSE Linux Enterprise Server 15-SP2-BCL
                   SUSE Linux Enterprise Server 15-SP2-LTSS
                   SUSE Linux Enterprise Server for SAP 15-SP2
                   SUSE Linux Enterprise Server for SAP Applications 15-SP2
                   SUSE Linux Enterprise Storage 7
                   SUSE Manager Proxy 4.1
                   SUSE Manager Retail Branch Server 4.1
                   SUSE Manager Server 4.1
______________________________________________________________________________

An update that solves 22 vulnerabilities and has 19 fixes is now available.

Description:

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:

  o CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and
    closing/opening of ttys could lead to a use-after-free (bnc#1201429).
  o CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could
    lead to a NULL pointer dereference and general protection fault (bnc#
    1200910).
  o CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS
    subsystem, related to the replication of files with NFS. A user could
    potentially crash the system or escalate privileges on the system (bsc#
    1194013).
  o CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional
    direct branches, which may potentially result in data leakage (bsc#
    1201050).
  o CVE-2021-33655: Fixed memory out of bounds write by ioctl cmd
    FBIOPUT_VSCREENINFO (bnc#1201635).
  o CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd
    PIO_FONT (bnc#1201636).
  o CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which
    allowed a local attacker to cause memory corruption and escalate privileges
    to root (bnc#1199647).
  o CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem.
    This flaw allowed a local user to crash the system or read unauthorized
    random data from memory. (bnc#1198829)
  o CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the
    way a user forces the ath9k_htc_wait_for_target function to fail with some
    input messages (bsc#1199487).
  o CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler
    in net/rose/rose_timer.c that allow attackers to crash the system without
    any privileges (bsc#1201251).
  o CVE-2022-20132: Fixed out of bounds read due to improper input validation
    in lg_probe and related functions of hid-lg.c (bsc#1200619).
  o CVE-2022-20141: Fixed a possible use after free due to improper locking in
    ip_check_mc_rcu() (bsc#1200604).
  o CVE-2022-20154: Fixed a use after free due to a race condition in
    lock_sock_nested of sock.c. This could lead to local escalation of
    privilege with System execution privileges needed (bsc#1200599).
  o CVE-2022-21505: Fixed kexec lockdown bypass with ima policy (bsc#1201458).
  o CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed
    multiple potential data leaks with Block and Network devices when using
    untrusted backends (bsc#1200762).
  o CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre
    like Branch Target Buffer attack, that can leak arbitrary kernel
    information (bsc#1199657).
  o CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
  o CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that
    could lead to remote DoS (bnc#1201940).


The following non-security bugs were fixed:

  o bcache: avoid unnecessary soft lockup in kworker update_writeback_rate()
    (bsc#1197362).
  o blk-mq: Fix wrong wakeup batch configuration which will cause hang (bsc#
    1200263).
  o blk-mq: clear active_queues before clearing BLK_MQ_F_TAG_QUEUE_SHARED (bsc#
    1200263).
  o blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
  o dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#
    192278).
  o dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#
    192278).
  o dma-mapping: add a dma_ops_bypass flag to struct device (bsc#1196472 ltc#
    192278).
  o dma-mapping: move the remaining DMA API calls out of line (bsc#1196472 ltc#
    192278).
  o dma: kABI: Add back removed exports (bsc#1196472 ltc#192278).
  o exec: Force single empty string when argv is empty (bsc#1200571).
  o fsnotify: invalidate dcache before IN_DELETE event (bsc#1195478 bsc#
    1200905).
  o kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
  o kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#
    1201930).
  o powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#
    1196472 ltc#192278).
  o powerpc/pseries/iommu: Create defines for operations in ibm, ddw-applicable
    (bsc#1196472 ltc#192278).
  o powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#
    1196472 ltc#192278).
  o powerpc/pseries/iommu: Update call to ibm, query-pe-dma-windows (bsc#
    1196472 ltc#192278).
  o powerpc: dma: kABI workaround for moving around dma_bypass bit (bsc#1196472
    ltc#192278).
  o powerpc: use the generic dma_ops_bypass mode (bsc#1196472 ltc#192278).
  o vmxnet3: fix minimum vectors alloc issue (bsc#1199489).
  o x86/bugs: Remove apostrophe typo (bsc#1114648).
  o x86/entry: Remove skip_r11rcx (bsc#1201644).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Manager Server 4.1:
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2809=1
  o SUSE Manager Retail Branch Server 4.1:
    zypper in -t patch
    SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2809=1
  o SUSE Manager Proxy 4.1:
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2809=1
  o SUSE Linux Enterprise Server for SAP 15-SP2:
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2809=1
  o SUSE Linux Enterprise Server 15-SP2-LTSS:
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2809=1
  o SUSE Linux Enterprise Server 15-SP2-BCL:
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2809=1
  o SUSE Linux Enterprise Module for Live Patching 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-2809=1
    Please note that this is the initial kernel livepatch without fixes itself,
    this package is later updated by seperate standalone kernel livepatch
    updates.
  o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2809=1
  o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2809=1
  o SUSE Linux Enterprise High Availability 15-SP2:
    zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-2809=1
  o SUSE Enterprise Storage 7:
    zypper in -t patch SUSE-Storage-7-2022-2809=1

Package List:

  o SUSE Manager Server 4.1 (ppc64le s390x x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Manager Server 4.1 (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Manager Server 4.1 (x86_64):
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
  o SUSE Manager Retail Branch Server 4.1 (x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Manager Retail Branch Server 4.1 (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Manager Proxy 4.1 (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Manager Proxy 4.1 (x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x
    x86_64):
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-livepatch-5.3.18-150200.24.126.1
       kernel-default-livepatch-devel-5.3.18-150200.24.126.1
       kernel-livepatch-5_3_18-150200_24_126-default-1-150200.5.5.1
       kernel-livepatch-5_3_18-150200_24_126-default-debuginfo-1-150200.5.5.1
       kernel-livepatch-SLE15-SP2_Update_29-debugsource-1-150200.5.5.1
  o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64
    x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64
    x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1
  o SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x
    x86_64):
       cluster-md-kmp-default-5.3.18-150200.24.126.1
       cluster-md-kmp-default-debuginfo-5.3.18-150200.24.126.1
       dlm-kmp-default-5.3.18-150200.24.126.1
       dlm-kmp-default-debuginfo-5.3.18-150200.24.126.1
       gfs2-kmp-default-5.3.18-150200.24.126.1
       gfs2-kmp-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       ocfs2-kmp-default-5.3.18-150200.24.126.1
       ocfs2-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Enterprise Storage 7 (aarch64 x86_64):
       kernel-default-5.3.18-150200.24.126.1
       kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2
       kernel-default-debuginfo-5.3.18-150200.24.126.1
       kernel-default-debugsource-5.3.18-150200.24.126.1
       kernel-default-devel-5.3.18-150200.24.126.1
       kernel-default-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-obs-build-5.3.18-150200.24.126.1
       kernel-obs-build-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-5.3.18-150200.24.126.1
       kernel-preempt-debuginfo-5.3.18-150200.24.126.1
       kernel-preempt-debugsource-5.3.18-150200.24.126.1
       kernel-preempt-devel-5.3.18-150200.24.126.1
       kernel-preempt-devel-debuginfo-5.3.18-150200.24.126.1
       kernel-syms-5.3.18-150200.24.126.1
       reiserfs-kmp-default-5.3.18-150200.24.126.1
       reiserfs-kmp-default-debuginfo-5.3.18-150200.24.126.1
  o SUSE Enterprise Storage 7 (noarch):
       kernel-devel-5.3.18-150200.24.126.1
       kernel-docs-5.3.18-150200.24.126.1
       kernel-macros-5.3.18-150200.24.126.1
       kernel-source-5.3.18-150200.24.126.1


References:

  o https://www.suse.com/security/cve/CVE-2020-36557.html
  o https://www.suse.com/security/cve/CVE-2020-36558.html
  o https://www.suse.com/security/cve/CVE-2021-26341.html
  o https://www.suse.com/security/cve/CVE-2021-33655.html
  o https://www.suse.com/security/cve/CVE-2021-33656.html
  o https://www.suse.com/security/cve/CVE-2021-4157.html
  o https://www.suse.com/security/cve/CVE-2022-1116.html
  o https://www.suse.com/security/cve/CVE-2022-1462.html
  o https://www.suse.com/security/cve/CVE-2022-1679.html
  o https://www.suse.com/security/cve/CVE-2022-20132.html
  o https://www.suse.com/security/cve/CVE-2022-20141.html
  o https://www.suse.com/security/cve/CVE-2022-20154.html
  o https://www.suse.com/security/cve/CVE-2022-21505.html
  o https://www.suse.com/security/cve/CVE-2022-2318.html
  o https://www.suse.com/security/cve/CVE-2022-26365.html
  o https://www.suse.com/security/cve/CVE-2022-29900.html
  o https://www.suse.com/security/cve/CVE-2022-29901.html
  o https://www.suse.com/security/cve/CVE-2022-33740.html
  o https://www.suse.com/security/cve/CVE-2022-33741.html
  o https://www.suse.com/security/cve/CVE-2022-33742.html
  o https://www.suse.com/security/cve/CVE-2022-33981.html
  o https://www.suse.com/security/cve/CVE-2022-36946.html
  o https://bugzilla.suse.com/1114648
  o https://bugzilla.suse.com/1194013
  o https://bugzilla.suse.com/1195478
  o https://bugzilla.suse.com/1195775
  o https://bugzilla.suse.com/1196472
  o https://bugzilla.suse.com/1196901
  o https://bugzilla.suse.com/1197362
  o https://bugzilla.suse.com/1198829
  o https://bugzilla.suse.com/1199487
  o https://bugzilla.suse.com/1199489
  o https://bugzilla.suse.com/1199647
  o https://bugzilla.suse.com/1199648
  o https://bugzilla.suse.com/1199657
  o https://bugzilla.suse.com/1200263
  o https://bugzilla.suse.com/1200442
  o https://bugzilla.suse.com/1200571
  o https://bugzilla.suse.com/1200599
  o https://bugzilla.suse.com/1200604
  o https://bugzilla.suse.com/1200605
  o https://bugzilla.suse.com/1200608
  o https://bugzilla.suse.com/1200619
  o https://bugzilla.suse.com/1200692
  o https://bugzilla.suse.com/1200762
  o https://bugzilla.suse.com/1200905
  o https://bugzilla.suse.com/1200910
  o https://bugzilla.suse.com/1201050
  o https://bugzilla.suse.com/1201080
  o https://bugzilla.suse.com/1201251
  o https://bugzilla.suse.com/1201429
  o https://bugzilla.suse.com/1201458
  o https://bugzilla.suse.com/1201635
  o https://bugzilla.suse.com/1201636
  o https://bugzilla.suse.com/1201644
  o https://bugzilla.suse.com/1201664
  o https://bugzilla.suse.com/1201672
  o https://bugzilla.suse.com/1201673
  o https://bugzilla.suse.com/1201676
  o https://bugzilla.suse.com/1201742
  o https://bugzilla.suse.com/1201752
  o https://bugzilla.suse.com/1201930
  o https://bugzilla.suse.com/1201940

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYvw0IskNZI30y1K9AQjQCBAAkPyRJ8ZK6F285+uqgC34ru7ZL060frcz
jlY9bxTT7bb82cF3OmDfmebPy84pTCH++jdy0MojtnOXfXk4lsT0hB0T7l6OPHFj
CHh2oTRhIBG8iq6yH4Cl+fuMtF7VCTXTFRH6hPqLvZWwr4YdEMotni1FOnfuChI9
E8P/a66xexOJs9m10S8UWHBDDBIPaOhPJhBVclCwmKhQcyzyJGpiBAPmPv+wpmiz
/6D6ISvk5Uhwy4U8IPFIz74p1Pwsuo2m6F6l9tvG5pvQvZ+GkDnga+hBCMMfcFaA
m0oBJ7kWFCJuQBifNswJXiXGpqd76+NejqOE/4yWJ7/kNgJ455h5XQrSbccxGzaz
SgLYjEgN8uBf6oPoWRSqCvbuLCQzdgmeWwzba/u2nqz5tjDaaY1gmdrs7mImdhqY
U3FIM2oo9llVqfVPexUSCzHh9yc7CbMTv2HvFdVJzd4O4Ie+iXxJh/NJpAd7qo7I
7CDhAmkD4GHsTs8l2CFq+Uah7yOj/fLz4YKY/r79qu7jQt6yxy3f0t2TaNpbTYxr
gsxf2H/5aS6T/UtxBKVcDmDvDLO5eGriA/iS9S52lb9Vb1W9YFtdogsZCEXrd0Cm
GgujwmEUxG9Q6NahPmDFa3yi89LfJJKYaXVj++UehGn+XNsYMW+DunH3g1KQKCoc
CAqx7YLZZiE=
=0TCF
-----END PGP SIGNATURE-----