Описание
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-59_19 fixes several issues.
The following security issues were fixed:
- CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. (bsc#1188613)
- CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. (bsc#1187054).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
SUSE Linux Enterprise Live Patching 15 SP2
SUSE Linux Enterprise Live Patching 15 SP3
Ссылки
- Link for SUSE-SU-2021:3361-1
- E-Mail link for SUSE-SU-2021:3361-1
- SUSE Security Ratings
- SUSE Bug 1187054
- SUSE Bug 1188613
- SUSE CVE CVE-2021-3573 page
- SUSE CVE CVE-2021-3640 page
Описание
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.
Затронутые продукты
Ссылки
- CVE-2021-3573
- SUSE Bug 1186666
- SUSE Bug 1187054
- SUSE Bug 1188172
Описание
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
Затронутые продукты
Ссылки
- CVE-2021-3640
- SUSE Bug 1188172
- SUSE Bug 1188613
- SUSE Bug 1191530
- SUSE Bug 1196810
- SUSE Bug 1196914