Detections
Analytics
SUSE SLES12 Security Update : vim (SUSE-SU-2022:4619-1)
critical Nessus Plugin ID 169350
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4619-1 advisory.- Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. (CVE-2009-0316)
- vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. (CVE-2016-1248)
- fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382. (CVE-2017-17087)
- vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
(CVE-2017-5953)
- An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6349)
- An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6350)
- vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0213)
- vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)
- vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)
- vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)
- Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)
- Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)
- Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
(CVE-2022-0351)
- Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)
- Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898, CVE-2022-1968)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)
- global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)
- Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)
- Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)
- Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)
- NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)
- Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
(CVE-2022-1720)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)
- Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)
- Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)
- Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)
- Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)
- Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)
- Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2129, CVE-2022-2210)
- Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)
- Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)
- Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)
- Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)
- Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)
- Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)
- Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)
- Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)
- Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)
- Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
(CVE-2022-2845)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)
- Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)
- Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)
- Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)
- Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)
- Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)
- Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)
- Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)
- Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)
- Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)
- NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)
- Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)
- Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)
- Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)
- Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)
- A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected gvim, vim, vim-data and / or vim-data-common packages.See Also
https://bugzilla.suse.com/1070955
https://bugzilla.suse.com/1173256
https://bugzilla.suse.com/1174564
https://bugzilla.suse.com/1176549
https://bugzilla.suse.com/1182324
https://bugzilla.suse.com/1190533
https://bugzilla.suse.com/1190570
https://bugzilla.suse.com/1191770
https://bugzilla.suse.com/1191893
https://bugzilla.suse.com/1192167
https://bugzilla.suse.com/1192478
https://bugzilla.suse.com/1192481
https://bugzilla.suse.com/1192902
https://bugzilla.suse.com/1192903
https://bugzilla.suse.com/1192904
https://bugzilla.suse.com/1193294
https://bugzilla.suse.com/1193298
https://bugzilla.suse.com/1193466
https://bugzilla.suse.com/1193905
https://bugzilla.suse.com/1194093
https://bugzilla.suse.com/1194216
https://bugzilla.suse.com/1194217
https://bugzilla.suse.com/1194388
https://bugzilla.suse.com/1194556
https://bugzilla.suse.com/1194872
https://bugzilla.suse.com/1194885
https://bugzilla.suse.com/1195004
https://bugzilla.suse.com/1195066
https://bugzilla.suse.com/1195126
https://bugzilla.suse.com/1195202
https://bugzilla.suse.com/1195203
https://bugzilla.suse.com/1195332
https://bugzilla.suse.com/1195354
https://bugzilla.suse.com/1195356
https://bugzilla.suse.com/1196361
https://bugzilla.suse.com/1198596
https://bugzilla.suse.com/1198748
https://www.suse.com/security/cve/CVE-2022-2125
https://www.suse.com/security/cve/CVE-2022-2126
https://www.suse.com/security/cve/CVE-2022-2129
https://www.suse.com/security/cve/CVE-2022-2175
https://www.suse.com/security/cve/CVE-2022-2182
https://www.suse.com/security/cve/CVE-2022-2183
https://www.suse.com/security/cve/CVE-2022-2206
https://www.suse.com/security/cve/CVE-2022-2207
https://www.suse.com/security/cve/CVE-2022-2208
https://www.suse.com/security/cve/CVE-2022-2210
https://www.suse.com/security/cve/CVE-2022-2231
https://www.suse.com/security/cve/CVE-2022-2257
https://www.suse.com/security/cve/CVE-2022-2264
https://www.suse.com/security/cve/CVE-2022-2284
https://www.suse.com/security/cve/CVE-2022-2285
https://www.suse.com/security/cve/CVE-2022-2286
https://www.suse.com/security/cve/CVE-2022-2287
https://www.suse.com/security/cve/CVE-2022-2304
https://www.suse.com/security/cve/CVE-2022-2343
https://www.suse.com/security/cve/CVE-2022-2344
https://www.suse.com/security/cve/CVE-2022-2345
https://www.suse.com/security/cve/CVE-2022-2522
https://www.suse.com/security/cve/CVE-2022-2571
https://www.suse.com/security/cve/CVE-2022-2580
https://www.suse.com/security/cve/CVE-2022-2581
https://www.suse.com/security/cve/CVE-2022-2598
https://www.suse.com/security/cve/CVE-2022-2816
https://www.suse.com/security/cve/CVE-2022-2817
https://www.suse.com/security/cve/CVE-2022-2819
https://www.suse.com/security/cve/CVE-2022-2845
https://www.suse.com/security/cve/CVE-2022-2849
https://www.suse.com/security/cve/CVE-2022-2862
https://www.suse.com/security/cve/CVE-2022-2874
https://www.suse.com/security/cve/CVE-2022-2889
https://www.suse.com/security/cve/CVE-2022-2923
https://www.suse.com/security/cve/CVE-2022-2946
https://www.suse.com/security/cve/CVE-2022-2980
https://www.suse.com/security/cve/CVE-2022-2982
https://www.suse.com/security/cve/CVE-2022-3016
https://www.suse.com/security/cve/CVE-2022-3037
https://www.suse.com/security/cve/CVE-2022-3099
https://www.suse.com/security/cve/CVE-2022-3134
https://www.suse.com/security/cve/CVE-2022-3153
https://www.suse.com/security/cve/CVE-2022-3234
https://www.suse.com/security/cve/CVE-2022-3235
https://www.suse.com/security/cve/CVE-2022-3278
https://www.suse.com/security/cve/CVE-2022-3296
https://www.suse.com/security/cve/CVE-2022-3297
https://www.suse.com/security/cve/CVE-2022-3324
https://bugzilla.suse.com/1199331
https://bugzilla.suse.com/1199333
https://bugzilla.suse.com/1199334
https://bugzilla.suse.com/1199651
https://bugzilla.suse.com/1199655
https://bugzilla.suse.com/1199693
https://bugzilla.suse.com/1199745
https://bugzilla.suse.com/1199747
https://bugzilla.suse.com/1199936
https://bugzilla.suse.com/1200010
https://bugzilla.suse.com/1200011
https://bugzilla.suse.com/1200012
https://bugzilla.suse.com/1200270
https://bugzilla.suse.com/1200697
https://bugzilla.suse.com/1200698
https://bugzilla.suse.com/1200700
https://bugzilla.suse.com/1200701
https://bugzilla.suse.com/1200732
https://bugzilla.suse.com/1200884
https://bugzilla.suse.com/1200902
https://bugzilla.suse.com/1200903
https://bugzilla.suse.com/1200904
https://bugzilla.suse.com/1201132
https://bugzilla.suse.com/1201133
https://bugzilla.suse.com/1201134
https://bugzilla.suse.com/1201135
https://bugzilla.suse.com/1201136
https://bugzilla.suse.com/1201150
https://bugzilla.suse.com/1201151
https://bugzilla.suse.com/1201152
https://bugzilla.suse.com/1201153
https://bugzilla.suse.com/1201154
https://bugzilla.suse.com/1201155
https://bugzilla.suse.com/1201249
https://bugzilla.suse.com/1201356
https://bugzilla.suse.com/1201359
https://bugzilla.suse.com/1201363
https://bugzilla.suse.com/1201620
https://bugzilla.suse.com/1201863
https://bugzilla.suse.com/1202046
https://bugzilla.suse.com/1202049
https://bugzilla.suse.com/1202050
https://bugzilla.suse.com/1202051
https://bugzilla.suse.com/1202414
https://bugzilla.suse.com/1202420
https://bugzilla.suse.com/1202421
https://bugzilla.suse.com/1202511
https://bugzilla.suse.com/1202512
https://bugzilla.suse.com/1202515
https://bugzilla.suse.com/1202552
https://bugzilla.suse.com/1202599
https://bugzilla.suse.com/1202687
https://bugzilla.suse.com/1202689
https://bugzilla.suse.com/1202862
https://bugzilla.suse.com/1202962
https://bugzilla.suse.com/1203110
https://bugzilla.suse.com/1203152
https://bugzilla.suse.com/1203155
https://bugzilla.suse.com/1203194
https://bugzilla.suse.com/1203272
https://bugzilla.suse.com/1203508
https://bugzilla.suse.com/1203509
https://bugzilla.suse.com/1203796
https://bugzilla.suse.com/1203797
https://bugzilla.suse.com/1203799
https://bugzilla.suse.com/1203820
https://bugzilla.suse.com/1203924
https://bugzilla.suse.com/1204779
https://www.suse.com/security/cve/CVE-2009-0316
https://www.suse.com/security/cve/CVE-2016-1248
https://www.suse.com/security/cve/CVE-2017-17087
https://www.suse.com/security/cve/CVE-2017-5953
https://www.suse.com/security/cve/CVE-2017-6349
https://www.suse.com/security/cve/CVE-2017-6350
https://www.suse.com/security/cve/CVE-2021-3778
https://www.suse.com/security/cve/CVE-2021-3796
https://www.suse.com/security/cve/CVE-2021-3872
https://www.suse.com/security/cve/CVE-2021-3875
https://www.suse.com/security/cve/CVE-2021-3903
https://www.suse.com/security/cve/CVE-2021-3927
https://www.suse.com/security/cve/CVE-2021-3928
https://www.suse.com/security/cve/CVE-2021-3968
https://www.suse.com/security/cve/CVE-2021-3973
https://www.suse.com/security/cve/CVE-2021-3974
https://www.suse.com/security/cve/CVE-2021-3984
https://www.suse.com/security/cve/CVE-2021-4019
https://www.suse.com/security/cve/CVE-2021-4069
https://www.suse.com/security/cve/CVE-2021-4136
https://www.suse.com/security/cve/CVE-2021-4166
https://www.suse.com/security/cve/CVE-2021-4192
https://www.suse.com/security/cve/CVE-2021-4193
https://www.suse.com/security/cve/CVE-2021-46059
https://www.suse.com/security/cve/CVE-2022-0128
https://www.suse.com/security/cve/CVE-2022-0213
https://www.suse.com/security/cve/CVE-2022-0261
https://www.suse.com/security/cve/CVE-2022-0318
https://www.suse.com/security/cve/CVE-2022-0319
https://www.suse.com/security/cve/CVE-2022-0351
https://www.suse.com/security/cve/CVE-2022-0359
https://www.suse.com/security/cve/CVE-2022-0361
https://www.suse.com/security/cve/CVE-2022-0392
https://www.suse.com/security/cve/CVE-2022-0407
https://www.suse.com/security/cve/CVE-2022-0413
https://www.suse.com/security/cve/CVE-2022-0696
https://www.suse.com/security/cve/CVE-2022-1381
https://www.suse.com/security/cve/CVE-2022-1420
https://www.suse.com/security/cve/CVE-2022-1616
https://www.suse.com/security/cve/CVE-2022-1619
https://www.suse.com/security/cve/CVE-2022-1620
https://www.suse.com/security/cve/CVE-2022-1720
https://www.suse.com/security/cve/CVE-2022-1733
https://www.suse.com/security/cve/CVE-2022-1735
https://www.suse.com/security/cve/CVE-2022-1771
https://www.suse.com/security/cve/CVE-2022-1785
https://www.suse.com/security/cve/CVE-2022-1796
https://www.suse.com/security/cve/CVE-2022-1851
https://www.suse.com/security/cve/CVE-2022-3352
https://www.suse.com/security/cve/CVE-2022-3705
http://www.nessus.org/u?a2be2817
https://www.suse.com/security/cve/CVE-2022-1897
https://www.suse.com/security/cve/CVE-2022-1898
https://www.suse.com/security/cve/CVE-2022-1927
Plugin Details
Severity: Critical
ID: 169350
File Name: suse_SU-2022-4619-1.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/28/2022
Updated: 7/14/2023
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2021-3973
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2022-0318
Vulnerability Information
CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:vim-data, p-cpe:/a:novell:suse_linux:gvim, p-cpe:/a:novell:suse_linux:vim, p-cpe:/a:novell:suse_linux:vim-data-common
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/27/2022
Vulnerability Publication Date: 1/26/2009
Reference Information
CVE: CVE-2009-0316, CVE-2016-1248, CVE-2017-17087, CVE-2017-5953, CVE-2017-6349, CVE-2017-6350, CVE-2021-3778, CVE-2021-3796, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069, CVE-2021-4136, CVE-2021-4166, CVE-2021-4192, CVE-2021-4193, CVE-2021-46059, CVE-2022-0128, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0407, CVE-2022-0413, CVE-2022-0696, CVE-2022-1381, CVE-2022-1420, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1720, CVE-2022-1733, CVE-2022-1735, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1897, CVE-2022-1898, CVE-2022-1927, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2571, CVE-2022-2580, CVE-2022-2581, CVE-2022-2598, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705
IAVB: 2022-B-0049-S, 2023-B-0016-S
SuSE: SUSE-SU-2022:4619-1