Bugzilla – Bug 1195516
VUL-0: CVE-2022-0516: kernel-source: KVM: s390: missing check in ioctl allows kernel memory read/write
Last modified: 2024-06-25 16:37:07 UTC
Created attachment 855858 [details] proposed patch linux-distros: Folks, Attached is a patch (and a git bundle with a signed tag) that fixes a missing check in the KVM code for s390. It is necessary for all kernel version that support protected virtualization. (arch/s390/kvm/pv.c does exist). Planned embargo time is until Wednesday 9th of February 1pm easter time. Christian Bornträger
Public now: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55
(In reply to Gabriele Sonnu from comment #14) > Public now: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ > ?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55 Thanks, let me back port it to our branch. Thanks Li Zhang
No CVE assigned yet?
I didn't find CVE number related with this patch. Does anyone else know about it?
They shared the CVE on linux-distros just now: CVE-2022-0516
openSUSE-SU-2022:0760-1: An update that solves 6 vulnerabilities, contains three features and has 50 fixes is now available. Category: security (important) Bug References: 1089644,1154353,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195286,1195352,1195378,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196373,1196400,1196403,1196516,1196584,1196585,1196601,1196612,1196776 CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375 JIRA References: SLE-20807,SLE-22135,SLE-22494 Sources used: openSUSE Leap 15.4 (src): dtb-aarch64-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1 openSUSE Leap 15.3 (src): dtb-aarch64-5.3.18-150300.59.54.1, kernel-64kb-5.3.18-150300.59.54.1, kernel-debug-5.3.18-150300.59.54.1, kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3, kernel-docs-5.3.18-150300.59.54.1, kernel-kvmsmall-5.3.18-150300.59.54.1, kernel-obs-build-5.3.18-150300.59.54.1, kernel-obs-qa-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-syms-5.3.18-150300.59.54.1, kernel-zfcpdump-5.3.18-150300.59.54.1
SUSE-SU-2022:0759-1: An update that solves 14 vulnerabilities, contains one feature and has 12 fixes is now available. Category: security (important) Bug References: 1189126,1191580,1192483,1194516,1195254,1195286,1195516,1195543,1195612,1195701,1195897,1195905,1195908,1195947,1195949,1195987,1195995,1196079,1196095,1196132,1196155,1196235,1196584,1196601,1196612,1196776 CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0516,CVE-2022-0617,CVE-2022-0644,CVE-2022-0847,CVE-2022-24448,CVE-2022-24958,CVE-2022-24959,CVE-2022-25258,CVE-2022-25375 JIRA References: SLE-23652 Sources used: SUSE Manager Server 4.1 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Manager Retail Branch Server 4.1 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Manager Proxy 4.1 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise Realtime Extension 15-SP2 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-24.107.1, kernel-livepatch-SLE15-SP2_Update_25-1-5.5.1 SUSE Linux Enterprise Micro 5.0 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-24.107.1 SUSE Enterprise Storage 7 (src): kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:0755-1: An update that solves 6 vulnerabilities, contains three features and has 56 fixes is now available. Category: security (important) Bug References: 1089644,1154353,1156395,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195142,1195352,1195378,1195476,1195477,1195478,1195479,1195480,1195481,1195482,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196400,1196403,1196516,1196584,1196601,1196612,1196776 CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375 JIRA References: SLE-20807,SLE-22135,SLE-22494 Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src): kernel-azure-5.3.18-150300.38.47.1, kernel-source-azure-5.3.18-150300.38.47.1, kernel-syms-azure-5.3.18-150300.38.47.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2022:0755-1: An update that solves 6 vulnerabilities, contains three features and has 56 fixes is now available. Category: security (important) Bug References: 1089644,1154353,1156395,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195142,1195352,1195378,1195476,1195477,1195478,1195479,1195480,1195481,1195482,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196400,1196403,1196516,1196584,1196601,1196612,1196776 CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375 JIRA References: SLE-20807,SLE-22135,SLE-22494 Sources used: openSUSE Leap 15.3 (src): kernel-azure-5.3.18-150300.38.47.1, kernel-source-azure-5.3.18-150300.38.47.1, kernel-syms-azure-5.3.18-150300.38.47.1
SUSE-SU-2022:0760-1: An update that solves 6 vulnerabilities, contains three features and has 50 fixes is now available. Category: security (important) Bug References: 1089644,1154353,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195286,1195352,1195378,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196373,1196400,1196403,1196516,1196584,1196585,1196601,1196612,1196776 CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375 JIRA References: SLE-20807,SLE-22135,SLE-22494 Sources used: SUSE Linux Enterprise Workstation Extension 15-SP3 (src): kernel-default-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-150300.59.54.1, kernel-livepatch-SLE15-SP3_Update_15-1-150300.7.5.1 SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src): kernel-default-5.3.18-150300.59.54.1 SUSE Linux Enterprise Module for Development Tools 15-SP3 (src): kernel-docs-5.3.18-150300.59.54.1, kernel-obs-build-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-syms-5.3.18-150300.59.54.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): kernel-64kb-5.3.18-150300.59.54.1, kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-zfcpdump-5.3.18-150300.59.54.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-150300.59.54.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done
SUSE-SU-2022:1038-1: An update that solves 24 vulnerabilities and has 17 fixes is now available. Category: security (important) Bug References: 1176447,1176774,1178134,1179439,1181147,1191428,1192273,1193787,1194516,1194943,1195051,1195211,1195353,1195403,1195516,1195612,1195897,1195908,1195947,1195949,1195987,1196079,1196095,1196130,1196155,1196299,1196301,1196403,1196468,1196472,1196488,1196627,1196723,1196776,1196779,1196830,1196866,1196868,1197300,922815,998635 CVE References: CVE-2021-0920,CVE-2021-39698,CVE-2021-44879,CVE-2021-45402,CVE-2022-0487,CVE-2022-0492,CVE-2022-0516,CVE-2022-0617,CVE-2022-0644,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-24448,CVE-2022-24958,CVE-2022-24959,CVE-2022-25258,CVE-2022-25636,CVE-2022-26490,CVE-2022-26966,CVE-2022-27223 JIRA References: Sources used: SUSE Linux Enterprise Module for Realtime 15-SP3 (src): kernel-rt-5.3.18-150300.82.1, kernel-rt_debug-5.3.18-150300.82.1, kernel-source-rt-5.3.18-150300.82.1, kernel-syms-rt-5.3.18-150300.82.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-rt-5.3.18-150300.82.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:1257-1: An update that solves 33 vulnerabilities, contains one feature and has 9 fixes is now available. Category: security (important) Bug References: 1179639,1189126,1189562,1193731,1194516,1194943,1195051,1195254,1195286,1195353,1195403,1195516,1195543,1195612,1195897,1195905,1195939,1195987,1196018,1196079,1196095,1196155,1196196,1196235,1196468,1196488,1196612,1196761,1196776,1196823,1196830,1196836,1196956,1197227,1197331,1197366,1197389,1197462,1197702,1198031,1198032,1198033 CVE References: CVE-2021-0920,CVE-2021-39698,CVE-2021-44879,CVE-2021-45868,CVE-2022-0487,CVE-2022-0492,CVE-2022-0516,CVE-2022-0617,CVE-2022-0644,CVE-2022-0850,CVE-2022-0854,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-24448,CVE-2022-24958,CVE-2022-24959,CVE-2022-25258,CVE-2022-25375,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390,CVE-2022-28748 JIRA References: SLE-23652 Sources used: SUSE Linux Enterprise Module for Realtime 15-SP2 (src): kernel-rt-5.3.18-150200.79.2, kernel-rt_debug-5.3.18-150200.79.2, kernel-source-rt-5.3.18-150200.79.2, kernel-syms-rt-5.3.18-150200.79.1 SUSE Linux Enterprise Micro 5.0 (src): kernel-rt-5.3.18-150200.79.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.