FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Live Patch 67 for SLE 12 SP5 (CVE-2022-49179 Fix)

sexta-feira, 27 de junho de 2025

Critical Linux Kernel Security Update: Live Patch 67 for SLE 12 SP5 (CVE-2022-49179 Fix)

 

SUSE


SUSE has released Live Patch 67 for SLE 12 SP5, fixing CVE-2022-49179 (CVSS 8.5), a high-severity Linux Kernel vulnerability. Learn patch instructions, affected systems, and security implications for SUSE Linux Enterprise Server, HPC, and SAP.

Why This Update Matters

A newly patched Linux Kernel vulnerability (CVE-2022-49179) poses critical risks, including privilege escalation and denial-of-service (DoS) attacks. This SUSE security update (SUSE-SU-2025:02137-1) addresses a flaw in the BFQ I/O scheduler, preventing OOM (Out-of-Memory) exploits.

Key Risks Mitigated:

  • CVSS 8.5 (SUSE 4.0 Scale): Local attackers could crash systems or gain elevated privileges.

  • Enterprise Impact: Affects SUSE Linux Enterprise 12 SP5, including HPC, SAP, and Live Patching deployments.

Patch Details & Installation Guide

Affected Products

  • SUSE Linux Enterprise Server 12 SP5

  • SUSE Linux Enterprise High Performance Computing (HPC) 12 SP5

  • SUSE Linux Enterprise Live Patching 12-SP5

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5

How to Apply the Update

  1. Recommended Method:

    • Use YaST Online Update or run:

      bash
      zypper patch

  2. Manual Patch (Live Patching 12-SP5):

    bash
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2137=1

Post-Installation Verification:

  • Confirm the patch is active:

    bash
    uname -r  # Should show 4.12.14-122_255-default

Technical Deep Dive: CVE-2022-49179

Vulnerability Breakdown

  • CVE IDCVE-2022-49179

  • Bug Referencebsc#1241331

  • CVSS Scores:

    • SUSE 4.08.5 (High) – Exploitable locally with low complexity.

    • NVD 3.17.8 (High) – Impacts confidentiality, integrity, and availability.

Root Cause:
A flaw in the BFQ (Budget Fair Queueing) scheduler allowed malicious processes to manipulate oom_bfqq, triggering system instability.

Security Best Practices for Linux Admins

  1. Prioritize Patch Deployment: 90% of Linux exploits target unpatched CVEs (Per SUSE Security Report 2025).

  2. Monitor Kernel Logs:

    bash
    journalctl -k --since "2025-06-26" | grep -i "bfq"

  3. Defense-in-Depth: Combine patches with SELinux/AppArmor to restrict I/O operations.

FAQ: Linux Kernel Live Patching

Q: Can I delay this update if my system isn’t internet-facing?

A: No. CVE-2022-49179 is exploitable by local users—patch immediately.

Q: Does this affect Kubernetes or cloud workloads?

A: Only if nodes run unpatched SUSE 12 SP5 kernels. Check your host OS.

Cezar Henrique at
Marcadores: Linux, Android, Segurança ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)