SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 14
CVE-ID CVE-2021-33033
CVE-2021-34866
CVE-2021-3655
CVE-2021-3715
CVE-2021-37159
CVE-2021-3760
CVE-2021-3772
CVE-2021-41864
CVE-2021-42008
CVE-2021-42252
CVE-2021-42739
CVE-2021-43056
CVE-2021-43389
CVE-2018-13405
CWE-ID CWE-416
CWE-843
CWE-909
CWE-415
CWE-345
CWE-787
CWE-119
CWE-252
CWE-129
CWE-264
Exploitation vector Network
Public exploit Public exploit code for vulnerability #9 is available.
Vulnerable software
 SUSE Linux Enterprise Workstation Extension
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Legacy Software
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Live Patching
Operating systems & Components / Operating system

SUSE MicroOS
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Development Tools
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Basesystem
Operating systems & Components / Operating system

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-59_34-default
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 14 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU55261

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-33033

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper handling of the CIPSO and CALIPSO refcounting for the DOI definitions in cipso_v4_genopt(0 function in net/ipv4/cipso_ipv4.c in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with escalated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Type Confusion

EUVDB-ID: #VU57372

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-34866

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error within the handling of eBPF programs. A local user can run a specially crafted program on the system to trigger a type confusion and execute arbitrary code with kernel privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Missing initialization of resource

EUVDB-ID: #VU61098

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3655

CWE-ID: CWE-909 - Missing initialization of resource

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing initialization of resource in the Linux kernel when processing inbound SCTP packets. A remote attacker can send specially crafted SCTP packets to the system and force the kernel to read uninitialized memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU56393

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3715

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem (route4_change() function in net/sched/cls_route.c) in the way it handled changing of classification filters. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Double Free

EUVDB-ID: #VU63575

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-37159

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to hso_free_net_device() function in drivers/net/usb/hso.c in the Linux kernel calls unregister_netdev without checking for the NETREG_REGISTERED state. A local user can trigger double free and use-after-free errors and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU63816

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3760

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the NFC stack. A local user can trigger use-after-free error to escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Insufficient verification of data authenticity

EUVDB-ID: #VU63835

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3772

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds write

EUVDB-ID: #VU63855

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-41864

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input. A local user can gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU63669

Risk: Low

CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-42008

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the decode_data() function in drivers/net/hamradio/6pack.c in the Linux kernel. A local user can send input from a process that has the CAP_NET_ADMIN capability and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

10) Out-of-bounds write

EUVDB-ID: #VU93833

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-42252

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds write within the aspeed_lpc_ctrl_mmap() function in drivers/soc/aspeed/aspeed-lpc-ctrl.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU59474

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-42739

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Unchecked Return Value

EUVDB-ID: #VU63921

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-43056

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper Validation of Array Index

EUVDB-ID: #VU63385

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-43389

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to improper validation of array index in the ISDN CAPI implementation within detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. local user can send specially crafted data to the system and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Security restrictions bypass

EUVDB-ID: #VU13631

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-13405

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to create arbitrary files on the target system.

The vulnerability exists due to the inode_init_owner function, as defined in the fs/inode.c source code file, allows the creation of arbitrary files in set-group identification (SGID) directories. A local attacker can create arbitrary files with unintended group ownership.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Module for Legacy Software: 15-SP3

SUSE Linux Enterprise High Availability: 15-SP3

SUSE Linux Enterprise Module for Live Patching: 15-SP3

SUSE MicroOS: 5.1

SUSE Linux Enterprise Module for Development Tools: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

ocfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

ocfs2-kmp-default: before 5.3.18-59.34.1

gfs2-kmp-default-debuginfo: before 5.3.18-59.34.1

gfs2-kmp-default: before 5.3.18-59.34.1

dlm-kmp-default-debuginfo: before 5.3.18-59.34.1

dlm-kmp-default: before 5.3.18-59.34.1

cluster-md-kmp-default-debuginfo: before 5.3.18-59.34.1

cluster-md-kmp-default: before 5.3.18-59.34.1

kernel-zfcpdump-debugsource: before 5.3.18-59.34.1

kernel-zfcpdump-debuginfo: before 5.3.18-59.34.1

kernel-zfcpdump: before 5.3.18-59.34.1

kernel-macros: before 5.3.18-59.34.1

kernel-devel: before 5.3.18-59.34.1

kernel-64kb-devel-debuginfo: before 5.3.18-59.34.1

kernel-64kb-devel: before 5.3.18-59.34.1

kernel-64kb-debugsource: before 5.3.18-59.34.1

kernel-64kb-debuginfo: before 5.3.18-59.34.1

kernel-64kb: before 5.3.18-59.34.1

kernel-preempt: before 5.3.18-59.34.1

kernel-default-devel-debuginfo: before 5.3.18-59.34.1

kernel-default-devel: before 5.3.18-59.34.1

kernel-source: before 5.3.18-59.34.1

kernel-docs: before 5.3.18-59.34.1

kernel-preempt-devel-debuginfo: before 5.3.18-59.34.1

kernel-preempt-devel: before 5.3.18-59.34.1

kernel-syms: before 5.3.18-59.34.1

kernel-obs-build-debugsource: before 5.3.18-59.34.1

kernel-obs-build: before 5.3.18-59.34.1

reiserfs-kmp-default-debuginfo: before 5.3.18-59.34.1

reiserfs-kmp-default: before 5.3.18-59.34.1

kernel-livepatch-5_3_18-59_34-default: before 1-7.3.1

kernel-default-livepatch-devel: before 5.3.18-59.34.1

kernel-default-livepatch: before 5.3.18-59.34.1

kernel-preempt-extra-debuginfo: before 5.3.18-59.34.1

kernel-preempt-extra: before 5.3.18-59.34.1

kernel-preempt-debugsource: before 5.3.18-59.34.1

kernel-preempt-debuginfo: before 5.3.18-59.34.1

kernel-default-extra-debuginfo: before 5.3.18-59.34.1

kernel-default-extra: before 5.3.18-59.34.1

kernel-default-debugsource: before 5.3.18-59.34.1

kernel-default-debuginfo: before 5.3.18-59.34.1

kernel-default-base: before 5.3.18-59.34.1.18.21.1

kernel-default: before 5.3.18-59.34.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2021/suse-su-20213675-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###