Описание
Security update for the Linux Kernel (Live Patch 25 for SLE 15)
This update for the Linux Kernel 4.12.14-150_75 fixes several issues.
The following security issues were fixed:
- CVE-2018-25020: Fixed an issue in the BPF subsystem in the Linux kernel mishandled situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. (bsc#1193575)
- CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bsc#1191193)
- CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).
Список пакетов
SUSE Linux Enterprise Live Patching 15
Ссылки
- Link for SUSE-SU-2022:0237-1
- E-Mail link for SUSE-SU-2022:0237-1
- SUSE Security Ratings
- SUSE Bug 1191529
- SUSE Bug 1192036
- SUSE Bug 1193863
- SUSE CVE CVE-2018-25020 page
- SUSE CVE CVE-2020-3702 page
- SUSE CVE CVE-2021-42739 page
Описание
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.
Затронутые продукты
Ссылки
- CVE-2018-25020
- SUSE Bug 1193575
Описание
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
Затронутые продукты
Ссылки
- CVE-2020-3702
- SUSE Bug 1191193
- SUSE Bug 1191529
Описание
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Затронутые продукты
Ссылки
- CVE-2021-42739
- SUSE Bug 1184673
- SUSE Bug 1192036
- SUSE Bug 1196722
- SUSE Bug 1196914