Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel RT was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).
- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).
- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).
- CVE-2021-20219: Fixed a denial of service in n_tty_receive_char_special (bsc#1184397).
The following non-security bugs were fixed:
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: New optype for session operations (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- fix setting irq affinity (bsc#1184583)
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes).
- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729).
- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- powerpc/pseries/mobility: handle premature return from H_JOIN (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/mobility: use struct for shared state (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
- s390/pci: Fix s390_mmio_read/write with MIO (LTC#192079 bsc#1183755).
- smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight (bsc#1181507).
- usbip: fix stub_dev to check for stream socket (git-fixes).
- usbip: fix vhci_hcd to check for stream socket (git-fixes).
- virsh: list is showing less guests then 'xl list' (bsc#1184513).
- vsprintf: Do not have bprintf dereference pointers (bsc#1184494).
- vsprintf: Do not preprocess non-dereferenced pointers for bprintf (%px and %pK) (bsc#1184494).
- vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers (bsc#1184494).
Список пакетов
SUSE Linux Enterprise Real Time 12 SP5
Ссылки
- Link for SUSE-SU-2021:1266-1
- E-Mail link for SUSE-SU-2021:1266-1
- SUSE Security Ratings
- SUSE Bug 1065729
- SUSE Bug 1113295
- SUSE Bug 1178181
- SUSE Bug 1181507
- SUSE Bug 1181674
- SUSE Bug 1183405
- SUSE Bug 1183662
- SUSE Bug 1183755
- SUSE Bug 1184114
- SUSE Bug 1184120
- SUSE Bug 1184170
- SUSE Bug 1184391
- SUSE Bug 1184393
- SUSE Bug 1184397
- SUSE Bug 1184494
- SUSE Bug 1184511
- SUSE Bug 1184583
Описание
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
Затронутые продукты
Ссылки
- CVE-2020-25670
- SUSE Bug 1178181
- SUSE Bug 1194680
Описание
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
Затронутые продукты
Ссылки
- CVE-2020-25671
- SUSE Bug 1178181
Описание
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
Затронутые продукты
Ссылки
- CVE-2020-25672
- SUSE Bug 1178181
Описание
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
Затронутые продукты
Ссылки
- CVE-2020-25673
- SUSE Bug 1178181
Описание
An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
Затронутые продукты
Ссылки
- CVE-2020-36311
- SUSE Bug 1184511
Описание
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threat to the system availability.
Затронутые продукты
Ссылки
- CVE-2021-20219
- SUSE Bug 1184397
Описание
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
Затронутые продукты
Ссылки
- CVE-2021-29154
- SUSE Bug 1184391
- SUSE Bug 1184710
- SUSE Bug 1186408
Описание
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
Затронутые продукты
Ссылки
- CVE-2021-30002
- SUSE Bug 1184120
Описание
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
Затронутые продукты
Ссылки
- CVE-2021-3483
- SUSE Bug 1184393