Описание
Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_127 fixes several issues.
The following security issues were fixed:
- CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. (bsc#1187687)
- CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1187597)
Список пакетов
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP3
Ссылки
- Link for SUSE-SU-2021:2433-1
- E-Mail link for SUSE-SU-2021:2433-1
- SUSE Security Ratings
- SUSE Bug 1187597
- SUSE Bug 1187687
- SUSE CVE CVE-2021-0512 page
- SUSE CVE CVE-2021-0605 page
Описание
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
Затронутые продукты
Ссылки
- CVE-2021-0512
- SUSE Bug 1187595
- SUSE Bug 1187597
Описание
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476
Затронутые продукты
Ссылки
- CVE-2021-0605
- SUSE Bug 1187601
- SUSE Bug 1187687
- SUSE Bug 1188381