Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:1075-1

Опубликовано: 07 апр. 2021
Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94_138 fixes several issues.

The following security issues were fixed:

  • CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGE_SIZE value (bsc#1183491).
  • CVE-2021-27363: Fixed a kernel pointer leak which could have been used to determine the address of the iscsi_transport structure (bsc#1183120).
  • CVE-2021-27364: Fixed an issue where an unprivileged user could craft Netlink messages (bsc#1182717).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP4
kgraft-patch-4_12_14-95_51-default-10-2.2
kgraft-patch-4_12_14-95_54-default-8-2.2
kgraft-patch-4_12_14-95_57-default-8-2.2
kgraft-patch-4_12_14-95_60-default-7-2.2
kgraft-patch-4_12_14-95_65-default-4-2.2
kgraft-patch-4_12_14-95_68-default-3-2.2
kgraft-patch-4_12_14-95_71-default-2-2.2
SUSE Linux Enterprise Live Patching 12 SP5
kgraft-patch-4_12_14-122_20-default-11-2.2
kgraft-patch-4_12_14-122_23-default-10-2.2
kgraft-patch-4_12_14-122_26-default-10-2.2
kgraft-patch-4_12_14-122_29-default-10-2.2
kgraft-patch-4_12_14-122_32-default-10-2.2
kgraft-patch-4_12_14-122_37-default-9-2.2
kgraft-patch-4_12_14-122_41-default-8-2.2
kgraft-patch-4_12_14-122_46-default-6-2.2
kgraft-patch-4_12_14-122_51-default-6-2.2
kgraft-patch-4_12_14-122_54-default-4-2.2
kgraft-patch-4_12_14-122_57-default-4-2.2
kgraft-patch-4_12_14-122_60-default-3-2.2
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_52-default-8-2.2
kernel-livepatch-4_12_14-150_55-default-8-2.2
kernel-livepatch-4_12_14-150_58-default-7-2.2
kernel-livepatch-4_12_14-150_63-default-5-2.2
kernel-livepatch-4_12_14-150_66-default-3-2.2
kernel-livepatch-4_12_14-150_69-default-2-2.2
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_40-default-10-2.2
kernel-livepatch-4_12_14-197_45-default-8-2.2
kernel-livepatch-4_12_14-197_48-default-8-2.2
kernel-livepatch-4_12_14-197_51-default-8-2.2
kernel-livepatch-4_12_14-197_56-default-7-2.2
kernel-livepatch-4_12_14-197_61-default-6-2.2
kernel-livepatch-4_12_14-197_64-default-5-2.2
kernel-livepatch-4_12_14-197_72-default-4-2.2
kernel-livepatch-4_12_14-197_75-default-4-2.2
kernel-livepatch-4_12_14-197_78-default-4-2.2
kernel-livepatch-4_12_14-197_83-default-3-2.2
kernel-livepatch-4_12_14-197_86-default-2-2.2
kernel-livepatch-4_12_14-197_37-default-11-2.2
kernel-livepatch-4_12_14-197_67-default-5-2.3
SUSE Linux Enterprise Live Patching 15 SP2
kernel-livepatch-5_3_18-24_12-default-7-2.2
kernel-livepatch-5_3_18-24_37-default-5-2.2
kernel-livepatch-5_3_18-24_52-default-2-2.2
kernel-livepatch-5_3_18-24_15-default-7-2.2
kernel-livepatch-5_3_18-24_24-default-7-2.2
kernel-livepatch-5_3_18-24_29-default-5-2.2
kernel-livepatch-5_3_18-24_34-default-5-2.2
kernel-livepatch-5_3_18-24_43-default-4-2.2
kernel-livepatch-5_3_18-24_46-default-4-2.2
kernel-livepatch-5_3_18-24_49-default-3-2.2
kernel-livepatch-5_3_18-22-default-9-5.2
kernel-livepatch-5_3_18-24_9-default-8-2.2
SUSE Linux Enterprise Server 12 SP3-LTSS
kgraft-patch-4_4_180-94_116-default-9-2.2
kgraft-patch-4_4_180-94_121-default-8-2.2
kgraft-patch-4_4_180-94_124-default-8-2.2
kgraft-patch-4_4_180-94_127-default-8-2.2
kgraft-patch-4_4_180-94_130-default-7-2.2
kgraft-patch-4_4_180-94_135-default-5-2.2
kgraft-patch-4_4_180-94_138-default-3-2.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kgraft-patch-4_4_180-94_116-default-9-2.2
kgraft-patch-4_4_180-94_121-default-8-2.2
kgraft-patch-4_4_180-94_124-default-8-2.2
kgraft-patch-4_4_180-94_127-default-8-2.2
kgraft-patch-4_4_180-94_130-default-7-2.2
kgraft-patch-4_4_180-94_135-default-5-2.2
kgraft-patch-4_4_180-94_138-default-3-2.2

Ссылки

Описание

An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_51-default-10-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_60-default-7-2.2
Ссылки

Описание

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_51-default-10-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_60-default-7-2.2
Ссылки

Описание

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.

Затронутые продукты
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_51-default-10-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_54-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_57-default-8-2.2
SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_60-default-7-2.2
Ссылки
Уязвимость SUSE-SU-2021:1075-1