Описание
Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122_66 fixes several issues.
The following security issues were fixed:
- CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952).
- CVE-2021-3444: Fixed incorrect mod32 BPF verifier truncation (bsc#1184171).
- CVE-2021-3444: Fixed incorrect mod32 BPF verifier truncation (bsc#1184171).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
Ссылки
- Link for SUSE-SU-2021:1733-1
- E-Mail link for SUSE-SU-2021:1733-1
- SUSE Security Ratings
- SUSE Bug 1184171
- SUSE Bug 1184952
- SUSE CVE CVE-2020-36322 page
- SUSE CVE CVE-2021-3444 page
Описание
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
Затронутые продукты
Ссылки
- CVE-2020-36322
- SUSE Bug 1184211
- SUSE Bug 1184952
- SUSE Bug 1189302
Описание
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ("bpf: Fix truncation handling for mod32 dst reg wrt zero") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.
Затронутые продукты
Ссылки
- CVE-2021-3444
- SUSE Bug 1184170
- SUSE Bug 1184171