Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c (bnc#1188116 ).
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges (bsc#1188062).
The following non-security bugs were fixed:
- ceph: must hold snap_rwsem when filling inode for async create (bsc#1187927).
- cgroup1: do not allow '\n' in renaming (bsc#1187972).
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470 bsc#1185486).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- x86/pkru: Write hardware init value to PKRU when xstate is init (bsc#1152489).
- x86/process: Check PF_KTHREAD and not current->mm for kernel threads (bsc#1152489).
Список пакетов
Image SLES15-SP3-HPC-Azure
kernel-azure-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
kernel-azure-5.3.18-38.14.1
kernel-azure-devel-5.3.18-38.14.1
kernel-devel-azure-5.3.18-38.14.1
kernel-source-azure-5.3.18-38.14.1
kernel-syms-azure-5.3.18-38.14.1
Ссылки
- Link for SUSE-SU-2021:2409-1
- E-Mail link for SUSE-SU-2021:2409-1
- SUSE Security Ratings
- SUSE Bug 1152489
- SUSE Bug 1182470
- SUSE Bug 1185486
- SUSE Bug 1187927
- SUSE Bug 1187972
- SUSE Bug 1187980
- SUSE Bug 1188062
- SUSE Bug 1188116
- SUSE CVE CVE-2021-22555 page
- SUSE CVE CVE-2021-33909 page
Описание
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Затронутые продукты
Image SLES15-SP3-HPC-Azure:kernel-azure-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.14.1
Ссылки
- CVE-2021-22555
- SUSE Bug 1188116
- SUSE Bug 1188117
- SUSE Bug 1188411
Описание
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
Затронутые продукты
Image SLES15-SP3-HPC-Azure:kernel-azure-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.14.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.14.1
Ссылки
- CVE-2021-33909
- SUSE Bug 1188062
- SUSE Bug 1188063
- SUSE Bug 1188257
- SUSE Bug 1189302
- SUSE Bug 1190859