Описание
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-197_45 fixes several issues.
The following security issues were fixed:
- CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952).
- CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bsc#1184710)
- Fix system crash on kernfs_kill_sb() as a sysfs superblock's kernfs_super_info node list was NULL (bsc#1183452).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
SUSE Linux Enterprise Live Patching 15 SP1
Ссылки
- Link for SUSE-SU-2021:1724-1
- E-Mail link for SUSE-SU-2021:1724-1
- SUSE Security Ratings
- SUSE Bug 1183452
- SUSE Bug 1184710
- SUSE Bug 1184952
- SUSE CVE CVE-2020-36322 page
- SUSE CVE CVE-2021-29154 page
Описание
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
Затронутые продукты
Ссылки
- CVE-2020-36322
- SUSE Bug 1184211
- SUSE Bug 1184952
- SUSE Bug 1189302
Описание
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
Затронутые продукты
Ссылки
- CVE-2021-29154
- SUSE Bug 1184391
- SUSE Bug 1184710
- SUSE Bug 1186408