Описание
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-24_64 fixes several issues.
The following issues were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484).
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111).
- CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges (bnc#1186060).
- Fixed a data loss/data corruption that occurs if there is a write error on an md/raid array (bsc#1185680).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP2
Ссылки
- Link for SUSE-SU-2021:2027-1
- E-Mail link for SUSE-SU-2021:2027-1
- SUSE Security Ratings
- SUSE Bug 1185847
- SUSE Bug 1186061
- SUSE Bug 1186285
- SUSE Bug 1186498
- SUSE CVE CVE-2021-23134 page
- SUSE CVE CVE-2021-33034 page
- SUSE CVE CVE-2021-33200 page
Описание
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Затронутые продукты
Ссылки
- CVE-2021-23134
- SUSE Bug 1186060
- SUSE Bug 1186061
- SUSE Bug 1220739
Описание
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
Затронутые продукты
Ссылки
- CVE-2021-33034
- SUSE Bug 1186111
- SUSE Bug 1186285
Описание
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.
Затронутые продукты
Ссылки
- CVE-2021-33200
- SUSE Bug 1186484
- SUSE Bug 1186498
- SUSE Bug 1224878