Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
Security issues fixed:
- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).
- CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer underruns and code execution (bsc#1188062).
The following non-security bugs were fixed:
- usb: dwc3: Fix debugfs creation flow (git-fixes).
Список пакетов
openSUSE Leap 15.3
cluster-md-kmp-64kb-5.3.18-59.16.1
cluster-md-kmp-default-5.3.18-59.16.1
cluster-md-kmp-preempt-5.3.18-59.16.1
dlm-kmp-64kb-5.3.18-59.16.1
dlm-kmp-default-5.3.18-59.16.1
dlm-kmp-preempt-5.3.18-59.16.1
gfs2-kmp-64kb-5.3.18-59.16.1
gfs2-kmp-default-5.3.18-59.16.1
gfs2-kmp-preempt-5.3.18-59.16.1
kernel-64kb-5.3.18-59.16.1
kernel-64kb-devel-5.3.18-59.16.1
kernel-64kb-extra-5.3.18-59.16.1
kernel-64kb-livepatch-devel-5.3.18-59.16.1
kernel-64kb-optional-5.3.18-59.16.1
kernel-debug-5.3.18-59.16.1
kernel-debug-devel-5.3.18-59.16.1
kernel-debug-livepatch-devel-5.3.18-59.16.1
kernel-default-5.3.18-59.16.1
kernel-default-base-5.3.18-59.16.1.18.8.1
kernel-default-base-rebuild-5.3.18-59.16.1.18.8.1
kernel-default-devel-5.3.18-59.16.1
kernel-default-extra-5.3.18-59.16.1
kernel-default-livepatch-5.3.18-59.16.1
kernel-default-livepatch-devel-5.3.18-59.16.1
kernel-default-optional-5.3.18-59.16.1
kernel-devel-5.3.18-59.16.1
kernel-docs-5.3.18-59.16.1
kernel-docs-html-5.3.18-59.16.1
kernel-kvmsmall-5.3.18-59.16.1
kernel-kvmsmall-devel-5.3.18-59.16.1
kernel-kvmsmall-livepatch-devel-5.3.18-59.16.1
kernel-macros-5.3.18-59.16.1
kernel-obs-build-5.3.18-59.16.1
kernel-obs-qa-5.3.18-59.16.1
kernel-preempt-5.3.18-59.16.1
kernel-preempt-devel-5.3.18-59.16.1
kernel-preempt-extra-5.3.18-59.16.1
kernel-preempt-livepatch-devel-5.3.18-59.16.1
kernel-preempt-optional-5.3.18-59.16.1
kernel-source-5.3.18-59.16.1
kernel-source-vanilla-5.3.18-59.16.1
kernel-syms-5.3.18-59.16.1
kernel-zfcpdump-5.3.18-59.16.1
kselftests-kmp-64kb-5.3.18-59.16.1
kselftests-kmp-default-5.3.18-59.16.1
kselftests-kmp-preempt-5.3.18-59.16.1
ocfs2-kmp-64kb-5.3.18-59.16.1
ocfs2-kmp-default-5.3.18-59.16.1
ocfs2-kmp-preempt-5.3.18-59.16.1
reiserfs-kmp-64kb-5.3.18-59.16.1
reiserfs-kmp-default-5.3.18-59.16.1
reiserfs-kmp-preempt-5.3.18-59.16.1
Ссылки
- E-Mail link for openSUSE-SU-2021:2415-1
- SUSE Security Ratings
- SUSE Bug 1188062
- SUSE Bug 1188116
- SUSE CVE CVE-2021-22555 page
- SUSE CVE CVE-2021-33909 page
Описание
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Затронутые продукты
openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.16.1
openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.16.1
openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.16.1
openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.16.1
Ссылки
- CVE-2021-22555
- SUSE Bug 1188116
- SUSE Bug 1188117
- SUSE Bug 1188411
Описание
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
Затронутые продукты
openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.16.1
openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.16.1
openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.16.1
openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.16.1
Ссылки
- CVE-2021-33909
- SUSE Bug 1188062
- SUSE Bug 1188063
- SUSE Bug 1188257
- SUSE Bug 1189302
- SUSE Bug 1190859