SB2021062910 - SUSE update for the Linux Kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021062910

SB2021062910 - SUSE update for the Linux Kernel

Published: June 29, 2021

Security Bulletin ID SB2021062910
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Security features bypass (CVE-ID: CVE-2020-26558)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to an impersonation in the Passkey Entry protocol flaw. A remote attacker on the local network can perform a man-in-the-middle (MITM) attack and impersonate the initiating device without any previous knowledge.

Note: This vulnerability affects the following specifications:

  • BR/EDR Secure Simple Pairing in Bluetooth Core Specifications 2.1 through 5.2
  • BR/EDR Secure Connections Pairing in Bluetooth Core Specifications 4.1 through 5.2 
  • LE Secure Connections Pairing in Bluetooth Core Specifications 4.2 through 5.2


2) Use-after-free (CVE-ID: CVE-2020-36385)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in drivers/infiniband/core/ucma.c, because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.


3) Out-of-bounds read (CVE-ID: CVE-2020-36386)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary condition within the hci_extended_inquiry_result_evt() function in Linux kernel. A local user can tun a specially crafted program to trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.


4) Improper access control (CVE-ID: CVE-2021-0129)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote authenticated attacker on the local network can bypass implemented security restrictions and enable information disclosure


Remediation

Install update from vendor's website.

References