SUSE-SU-2021:0841-1

Опубликовано: 17 мар. 2021

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-24_43 fixes several issues.

The following security issues were fixed:

CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179664).
CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel (bsc#1181553).
CVE-2020-28374: Fixed insufficient identifier checking in the LIO SCSI target code which could have been used by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#1178684).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP2

kernel-livepatch-5_3_18-24_43-default-3-2.2

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20210841-1/
Link for SUSE-SU-2021:0841-1
https://lists.suse.com/pipermail/sle-security-updates/2021-March/008510.html
E-Mail link for SUSE-SU-2021:0841-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1178684
SUSE Bug 1178684
https://bugzilla.suse.com/1179664
SUSE Bug 1179664
https://bugzilla.suse.com/1181553
SUSE Bug 1181553
https://www.suse.com/security/cve/CVE-2020-28374/
SUSE CVE CVE-2020-28374 page
https://www.suse.com/security/cve/CVE-2020-29368/
SUSE CVE CVE-2020-29368 page
https://www.suse.com/security/cve/CVE-2021-3347/
SUSE CVE CVE-2021-3347 page

Описание

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2

Ссылки

https://www.suse.com/security/cve/CVE-2020-28374.html
CVE-2020-28374
https://bugzilla.suse.com/1178372
SUSE Bug 1178372
https://bugzilla.suse.com/1178684
SUSE Bug 1178684
https://bugzilla.suse.com/1180676
SUSE Bug 1180676

Описание

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2

Ссылки

https://www.suse.com/security/cve/CVE-2020-29368.html
CVE-2020-29368
https://bugzilla.suse.com/1179428
SUSE Bug 1179428
https://bugzilla.suse.com/1179660
SUSE Bug 1179660
https://bugzilla.suse.com/1179664
SUSE Bug 1179664

Описание

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_43-default-3-2.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-3347.html
CVE-2021-3347
https://bugzilla.suse.com/1181349
SUSE Bug 1181349
https://bugzilla.suse.com/1181553
SUSE Bug 1181553
https://bugzilla.suse.com/1190859
SUSE Bug 1190859

SUSE-SU-2021:0841-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP2

Ссылки

Уязвимость: CVE-2020-28374

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-29368

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-3347

Описание

Затронутые продукты

Ссылки