Описание
Security update for the Linux Kernel (Live Patch 24 for SLE 15)
This update for the Linux Kernel 4.12.14-150_72 fixes several issues.
The following security issues were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484).
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values (bsc#1186111).
- CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges (bnc#1186060).
- CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611).
Список пакетов
SUSE Linux Enterprise Live Patching 15
Ссылки
- Link for SUSE-SU-2021:2057-1
- E-Mail link for SUSE-SU-2021:2057-1
- SUSE Security Ratings
- SUSE Bug 1185899
- SUSE Bug 1186061
- SUSE Bug 1186285
- SUSE Bug 1186498
- SUSE CVE CVE-2021-23134 page
- SUSE CVE CVE-2021-32399 page
- SUSE CVE CVE-2021-33034 page
- SUSE CVE CVE-2021-33200 page
Описание
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Затронутые продукты
Ссылки
- CVE-2021-23134
- SUSE Bug 1186060
- SUSE Bug 1186061
- SUSE Bug 1220739
Описание
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
Затронутые продукты
Ссылки
- CVE-2021-32399
- SUSE Bug 1184611
- SUSE Bug 1185898
- SUSE Bug 1185899
- SUSE Bug 1196174
- SUSE Bug 1200084
- SUSE Bug 1201734
Описание
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
Затронутые продукты
Ссылки
- CVE-2021-33034
- SUSE Bug 1186111
- SUSE Bug 1186285
Описание
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.
Затронутые продукты
Ссылки
- CVE-2021-33200
- SUSE Bug 1186484
- SUSE Bug 1186498
- SUSE Bug 1224878