SUSE update for the Linux Kernel



Risk Low
Patch available YES
Number of vulnerabilities 19
CVE-ID CVE-2020-12770
CVE-2021-34556
CVE-2021-35477
CVE-2021-3640
CVE-2021-3653
CVE-2021-3656
CVE-2021-3679
CVE-2021-3732
CVE-2021-3739
CVE-2021-3743
CVE-2021-3753
CVE-2021-3759
CVE-2021-38166
CVE-2021-38198
CVE-2021-38204
CVE-2021-38205
CVE-2021-38206
CVE-2021-38207
CVE-2021-38209
CWE-ID CWE-20
CWE-200
CWE-203
CWE-416
CWE-264
CWE-400
CWE-476
CWE-125
CWE-732
CWE-824
CWE-120
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Workstation Extension
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Legacy Software
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Development Tools
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Basesystem
Operating systems & Components / Operating system

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_6-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-59_24-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-59_24-default
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 19 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU28170

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-12770

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the system.

The vulnerability exists due to the "sg_write" lacks an "sg_remove_request" call in a certain failure case. A local user can pass specially crafted input to the application and execute arbitrary code on the target system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU64203

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34556

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Observable discrepancy

EUVDB-ID: #VU92412

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-35477

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to observable discrepancy error. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU63769

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3640

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security restrictions bypass

EUVDB-ID: #VU56904

Risk: Low

CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3653

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.

As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Security restrictions bypass

EUVDB-ID: #VU56929

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3656

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest.

The vulnerability allows the L2 guest to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource exhaustion

EUVDB-ID: #VU63664

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3679

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to lack of CPU resource in the Linux kernel tracing module functionality when using trace ring buffer in a specific way. A privileged local user (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU74548

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3732

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in the way the user mounts the TmpFS filesystem with OverlayFS. A local user can gain access to hidden files that should not be accessible.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90666

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3739

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to read data or crash the application.

The vulnerability exists due to NULL pointer dereference within the btrfs_rm_device() function in fs/btrfs/volumes.c. A local user can read data or crash the application.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU63913

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3743

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a boundary condition in the Qualcomm IPC router protocol in the Linux kernel. A local user can gain access to out-of-bounds memory to leak internal kernel information or perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU64210

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3753

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel. A local user can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Resource exhaustion

EUVDB-ID: #VU63914

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3759

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists in the Linux kernel’s ipc functionality of the memcg subsystem when user calls the semget function multiple times, creating semaphores. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU90365

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38166

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds read error within the kvmalloc() function in kernel/bpf/hashtab.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Incorrect permission assignment for critical resource

EUVDB-ID: #VU63665

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38198

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU63666

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38204

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service attack.

The vulnerability exists due to a use-after-free error in the drivers/usb/host/max3421-hcd.c in the Linux kernel. An attacker with physical access to the system can remove a MAX-3421 USB device to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Access of uninitialized pointer

EUVDB-ID: #VU92755

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38205

CWE-ID: CWE-824 - Access of Uninitialized Pointer

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Null pointer dereference

EUVDB-ID: #VU92758

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38206

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Buffer overflow

EUVDB-ID: #VU92752

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38207

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about 10 minutes.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Observable discrepancy

EUVDB-ID: #VU92753

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38209

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

ocfs2-kmp-default: before 5.3.18-59.24.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.24.1

gfs2-kmp-default: before 5.3.18-59.24.1

dlm-kmp-default-debuginfo: before 5.3.18-59.24.1

dlm-kmp-default: before 5.3.18-59.24.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.24.1

cluster-md-kmp-default: before 5.3.18-59.24.1

kernel-zfcpdump-debugsource: before 5.3.18-59.24.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.24.1

kernel-zfcpdump: before 5.3.18-59.24.1

kernel-macros: before 5.3.18-59.24.1

kernel-devel: before 5.3.18-59.24.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.24.1

kernel-64kb-devel: before 5.3.18-59.24.1

kernel-64kb-debugsource: before 5.3.18-59.24.1

kernel-64kb-debuginfo: before 5.3.18-59.24.1

kernel-64kb: before 5.3.18-59.24.1

kernel-preempt: before 5.3.18-59.24.1

kernel-default-devel-debuginfo: before 5.3.18-59.24.1

kernel-default-devel: before 5.3.18-59.24.1

kernel-default-base: before 5.3.18-59.24.1.18.12.1

kernel-default: before 5.3.18-59.24.1

kernel-source: before 5.3.18-59.24.1

kernel-docs: before 5.3.18-59.24.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.24.1

kernel-preempt-devel: before 5.3.18-59.24.1

kernel-syms: before 5.3.18-59.24.1

kernel-obs-build-debugsource: before 5.3.18-59.24.1

kernel-obs-build: before 5.3.18-59.24.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.24.1

reiserfs-kmp-default: before 5.3.18-59.24.1

kernel-livepatch-SLE15-SP3_Update_6-debugsource: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default-debuginfo: before 1-7.5.1

kernel-livepatch-5_3_18-59_24-default: before 1-7.5.1

kernel-default-livepatch-devel: before 5.3.18-59.24.1

kernel-default-livepatch: before 5.3.18-59.24.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.24.1

kernel-preempt-extra: before 5.3.18-59.24.1

kernel-preempt-debugsource: before 5.3.18-59.24.1

kernel-preempt-debuginfo: before 5.3.18-59.24.1

kernel-default-extra-debuginfo: before 5.3.18-59.24.1

kernel-default-extra: before 5.3.18-59.24.1

kernel-default-debugsource: before 5.3.18-59.24.1

kernel-default-debuginfo: before 5.3.18-59.24.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###