SB2021031737 - SUSE update for the Linux Kernel (Live Patch 39 for SLE 12 SP2) 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021031737

SB2021031737 - SUSE update for the Linux Kernel (Live Patch 39 for SLE 12 SP2)

Published: March 17, 2021

Security Bulletin ID SB2021031737
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 60% Low 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2020-0429)

The vulnerability allows a local privileged user to execute arbitrary code.

In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806


2) Cleartext transmission of sensitive information (CVE-ID: CVE-2020-1749)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to incorrect implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted.


3) Cleartext transmission of sensitive information (CVE-ID: CVE-2020-25645)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to traffic passed between two Geneve endpoints with configured IPsec can be unencrypted for the specific UDP port. A remote attacker with ability to intercept network traffic can gain access to sensitive data.


4) Use-after-free (CVE-ID: CVE-2020-27786)

The vulnerability allows a local authenticated user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the MIDI implementation in Linux kernel. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.


5) Path traversal (CVE-ID: CVE-2020-28374)

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in drivers/target/target_core_xcopy.c in the Linux kernel. A remote user with access to iSCSI LUN can send a specially crafted XCOPY request and read or write arbitrary files on the system.



Remediation

Install update from vendor's website.

References