Описание
Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-95_77 fixes several issues.
The following security issues were fixed:
- CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. (bsc#1187687)
- CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1187597)
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP4
Ссылки
- Link for SUSE-SU-2021:2368-1
- E-Mail link for SUSE-SU-2021:2368-1
- SUSE Security Ratings
- SUSE Bug 1187597
- SUSE Bug 1187687
- SUSE CVE CVE-2021-0512 page
- SUSE CVE CVE-2021-0605 page
Описание
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
Затронутые продукты
Ссылки
- CVE-2021-0512
- SUSE Bug 1187595
- SUSE Bug 1187597
Описание
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476
Затронутые продукты
Ссылки
- CVE-2021-0605
- SUSE Bug 1187601
- SUSE Bug 1187687
- SUSE Bug 1188381