Описание
Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_135 fixes one issue.
The following security issues were fixed:
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294, bsc#1183646).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1182294).
- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1183022).
Список пакетов
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP3
Ссылки
- Link for SUSE-SU-2021:1373-1
- E-Mail link for SUSE-SU-2021:1373-1
- SUSE Security Ratings
- SUSE Bug 1182294
- SUSE CVE CVE-2021-26930 page
- SUSE CVE CVE-2021-26931 page
- SUSE CVE CVE-2021-28688 page
Описание
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c.
Затронутые продукты
Ссылки
- CVE-2021-26930
- SUSE Bug 1181843
- SUSE Bug 1182294
Описание
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c.
Затронутые продукты
Ссылки
- CVE-2021-26931
- SUSE Bug 1181753
- SUSE Bug 1183022
Описание
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.
Затронутые продукты
Ссылки
- CVE-2021-28688
- SUSE Bug 1183646