SUSE update for the Linux Kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2018-9517 CVE-2019-3874 CVE-2019-3900 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3753 CVE-2021-3759 CVE-2021-38198 CVE-2021-38204 |
| CWE-ID | CWE-416 CWE-20 CWE-835 CWE-264 CWE-400 CWE-125 CWE-732 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Server Operating systems & Components / Operating system kernel-syms-azure Operating systems & Components / Operating system package or component kernel-azure-devel Operating systems & Components / Operating system package or component kernel-azure-debugsource Operating systems & Components / Operating system package or component kernel-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-base-debuginfo Operating systems & Components / Operating system package or component kernel-azure-base Operating systems & Components / Operating system package or component kernel-azure Operating systems & Components / Operating system package or component kernel-source-azure Operating systems & Components / Operating system package or component kernel-devel-azure Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU19987
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-9517
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in pppol2tp_connect. A local user can trigger memory corruption and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU70466
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-3874
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to the SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Infinite loop
EUVDB-ID: #VU19998
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-3900
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in vhost_net kernel module when processing incoming packets in handle_rx(). A remote attacker with access to guest operating system can stall the vhost_net kernel thread and cause denial of service conditions.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU63769
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3640
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Security restrictions bypass
EUVDB-ID: #VU56904
Risk: Low
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3653
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.
As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Security restrictions bypass
EUVDB-ID: #VU56929
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3656
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest.The vulnerability allows the L2 guest to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Resource exhaustion
EUVDB-ID: #VU63664
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3679
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to lack of CPU resource in the Linux kernel tracing module functionality when using trace ring buffer in a specific way. A privileged local user (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU74548
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3732
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in the way the user mounts the TmpFS filesystem with OverlayFS. A local user can gain access to hidden files that should not be accessible.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU64210
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3753
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel. A local user can trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Resource exhaustion
EUVDB-ID: #VU63914
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3759
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists in the Linux kernel’s ipc functionality of the memcg subsystem when user calls the semget function multiple times, creating semaphores. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Incorrect permission assignment for critical resource
EUVDB-ID: #VU63665
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38198
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU63666
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38204
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in the drivers/usb/host/max3421-hcd.c in the Linux kernel. An attacker with physical access to the system can remove a MAX-3421 USB device to perform a denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP5
kernel-syms-azure: before 4.12.14-16.73.1
kernel-azure-devel: before 4.12.14-16.73.2
kernel-azure-debugsource: before 4.12.14-16.73.2
kernel-azure-debuginfo: before 4.12.14-16.73.2
kernel-azure-base-debuginfo: before 4.12.14-16.73.2
kernel-azure-base: before 4.12.14-16.73.2
kernel-azure: before 4.12.14-16.73.2
kernel-source-azure: before 4.12.14-16.73.1
kernel-devel-azure: before 4.12.14-16.73.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2021/suse-su-20213192-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
